[openssl-commits] [openssl] OpenSSL source code branch OpenSSL_1_0_1-stable updated. OpenSSL_1_0_1j-66-g9beb948

Matt Caswell matt at openssl.org
Mon Dec 15 21:31:50 UTC 2014


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".

The branch, OpenSSL_1_0_1-stable has been updated
       via  9beb948c0dae6056caddf46a9aa099e18905d184 (commit)
       via  ce5ddefc4394a0ae6c79efaffe08cf47ac659ea0 (commit)
      from  458f23f61021da8badf2457db0608232b3c8bec4 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 9beb948c0dae6056caddf46a9aa099e18905d184
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Dec 3 11:15:40 2014 +0000

    Checkout return value of dtls1_output_cert_chain
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

commit ce5ddefc4394a0ae6c79efaffe08cf47ac659ea0
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Mar 18 14:19:22 2014 +0000

    Check return value of ssl3_output_cert_chain
    
    Based on commit 66f96fe2d519147097c118d4bf60704c69ed0635 by Steve Henson
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 ssl/d1_clnt.c |    6 ++++++
 ssl/d1_srvr.c |    5 +++++
 ssl/s3_clnt.c |    6 ++++++
 ssl/s3_srvr.c |    5 +++++
 4 files changed, 22 insertions(+)

diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 9947be2..9045fb9 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -1717,6 +1717,12 @@ int dtls1_send_client_certificate(SSL *s)
 		s->state=SSL3_ST_CW_CERT_D;
 		l=dtls1_output_cert_chain(s,
 			(s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
+		if (!l)
+			{
+			SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+			return 0;
+			}
 		s->init_num=(int)l;
 		s->init_off=0;
 
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index a5660bc..e40701e 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -1625,6 +1625,11 @@ int dtls1_send_server_certificate(SSL *s)
 			}
 
 		l=dtls1_output_cert_chain(s,x);
+		if (!l)
+			{
+			SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+			return(0);
+			}
 		s->state=SSL3_ST_SW_CERT_B;
 		s->init_num=(int)l;
 		s->init_off=0;
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 7ad1357..f10e1aa 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -3280,6 +3280,12 @@ int ssl3_send_client_certificate(SSL *s)
 		s->state=SSL3_ST_CW_CERT_D;
 		l=ssl3_output_cert_chain(s,
 			(s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
+		if (!l)
+			{
+			SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+			return 0;
+			}
 		s->init_num=(int)l;
 		s->init_off=0;
 		}
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index c67f11a..719e6d3 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -3406,6 +3406,11 @@ int ssl3_send_server_certificate(SSL *s)
 			}
 
 		l=ssl3_output_cert_chain(s,x);
+		if (!l)
+			{
+			SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+			return(0);
+			}
 		s->state=SSL3_ST_SW_CERT_B;
 		s->init_num=(int)l;
 		s->init_off=0;


hooks/post-receive
-- 
OpenSSL source code


More information about the openssl-commits mailing list