/[smeserver]/rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2014-3510.patch
ViewVC logotype

Contents of /rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2014-3510.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Tue Sep 2 22:20:54 2014 UTC (10 years, 2 months ago) by charliebrady
Branch: MAIN
CVS Tags: openssl-0_9_8e-28_el5_sme, openssl-0_9_8e-32_1_el5_sme, openssl-0_9_8e-31_1_el5_sme, openssl-0_9_8e-33_1_el5_sme, HEAD
Error occurred while calculating annotation data.
Extracted from openssl-0.9.8e-27.el5_10.4.src.rpm

1 diff -up openssl-fips-0.9.8e/ssl/d1_clnt.c.adh-dos openssl-fips-0.9.8e/ssl/d1_clnt.c
2 --- openssl-fips-0.9.8e/ssl/d1_clnt.c.adh-dos 2014-08-08 10:53:54.843106757 +0200
3 +++ openssl-fips-0.9.8e/ssl/d1_clnt.c 2014-08-08 11:45:44.900665548 +0200
4 @@ -727,6 +727,13 @@ int dtls1_send_client_key_exchange(SSL *
5 RSA *rsa;
6 unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
7
8 + if (s->session->sess_cert == NULL)
9 + {
10 + /* We should always have a server certificate with SSL_kRSA. */
11 + SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
12 + goto err;
13 + }
14 +
15 if (s->session->sess_cert->peer_rsa_tmp != NULL)
16 rsa=s->session->sess_cert->peer_rsa_tmp;
17 else
18 @@ -917,6 +924,13 @@ int dtls1_send_client_key_exchange(SSL *
19 {
20 DH *dh_srvr,*dh_clnt;
21
22 + if (s->session->sess_cert == NULL)
23 + {
24 + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
25 + SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
26 + goto err;
27 + }
28 +
29 if (s->session->sess_cert->peer_dh_tmp != NULL)
30 dh_srvr=s->session->sess_cert->peer_dh_tmp;
31 else
32 @@ -1158,5 +1172,3 @@ int dtls1_send_client_certificate(SSL *s
33 /* SSL3_ST_CW_CERT_D */
34 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
35 }
36 -
37 -
38 diff -up openssl-fips-0.9.8e/ssl/s3_clnt.c.adh-dos openssl-fips-0.9.8e/ssl/s3_clnt.c
39 --- openssl-fips-0.9.8e/ssl/s3_clnt.c.adh-dos 2014-08-08 10:53:54.897107025 +0200
40 +++ openssl-fips-0.9.8e/ssl/s3_clnt.c 2014-08-08 11:45:44.901665552 +0200
41 @@ -1675,6 +1675,13 @@ int ssl3_send_client_key_exchange(SSL *s
42 RSA *rsa;
43 unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
44
45 + if (s->session->sess_cert == NULL)
46 + {
47 + /* We should always have a server certificate with SSL_kRSA. */
48 + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
49 + goto err;
50 + }
51 +
52 if (s->session->sess_cert->peer_rsa_tmp != NULL)
53 rsa=s->session->sess_cert->peer_rsa_tmp;
54 else

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed