[openssl-commits] [openssl] OpenSSL source code branch OpenSSL_1_0_0-stable updated. OpenSSL_1_0_0o-45-g9d41057
Matt Caswell
matt at openssl.org
Mon Dec 15 21:31:39 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".
The branch, OpenSSL_1_0_0-stable has been updated
via 9d410579a782262c1a372bea80475ddee523985d (commit)
via 4f90ef0c5bf46d927b1bd1ce54223d36852a4f3a (commit)
from eae2bb2f1f5347c0bd305026fd3c222e0ccd69e2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9d410579a782262c1a372bea80475ddee523985d
Author: Matt Caswell <matt at openssl.org>
Date: Wed Dec 3 11:15:40 2014 +0000
Checkout return value of dtls1_output_cert_chain
Reviewed-by: Tim Hudson <tjh at openssl.org>
(cherry picked from commit 9beb948c0dae6056caddf46a9aa099e18905d184)
commit 4f90ef0c5bf46d927b1bd1ce54223d36852a4f3a
Author: Matt Caswell <matt at openssl.org>
Date: Tue Mar 18 14:19:22 2014 +0000
Check return value of ssl3_output_cert_chain
Based on commit 66f96fe2d519147097c118d4bf60704c69ed0635 by Steve Henson
Reviewed-by: Tim Hudson <tjh at openssl.org>
(cherry picked from commit ce5ddefc4394a0ae6c79efaffe08cf47ac659ea0)
-----------------------------------------------------------------------
Summary of changes:
ssl/d1_clnt.c | 6 ++++++
ssl/d1_srvr.c | 5 +++++
ssl/s3_clnt.c | 6 ++++++
ssl/s3_srvr.c | 5 +++++
4 files changed, 22 insertions(+)
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index d8cf926..0fea865 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -1548,6 +1548,12 @@ int dtls1_send_client_certificate(SSL *s)
s->state=SSL3_ST_CW_CERT_D;
l=dtls1_output_cert_chain(s,
(s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
+ if (!l)
+ {
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+ return 0;
+ }
s->init_num=(int)l;
s->init_off=0;
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index a14fb43..f52c735 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -1446,6 +1446,11 @@ int dtls1_send_server_certificate(SSL *s)
}
l=dtls1_output_cert_chain(s,x);
+ if (!l)
+ {
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+ return(0);
+ }
s->state=SSL3_ST_SW_CERT_B;
s->init_num=(int)l;
s->init_off=0;
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 89dc06e..e614f96 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2962,6 +2962,12 @@ int ssl3_send_client_certificate(SSL *s)
s->state=SSL3_ST_CW_CERT_D;
l=ssl3_output_cert_chain(s,
(s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
+ if (!l)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+ return 0;
+ }
s->init_num=(int)l;
s->init_off=0;
}
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 546d633..4573ec8 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -3084,6 +3084,11 @@ int ssl3_send_server_certificate(SSL *s)
}
l=ssl3_output_cert_chain(s,x);
+ if (!l)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+ return(0);
+ }
s->state=SSL3_ST_SW_CERT_B;
s->init_num=(int)l;
s->init_off=0;
hooks/post-receive
--
OpenSSL source code
More information about the openssl-commits
mailing list