Check EVP errors for handshake digests.

Partial mitigation of PR#3200 (cherry picked from commit 0294b2be5f4c11e60620c0018674ff0e17b14238)
author: Dr. Stephen Henson <steve@openssl.org> 2013-12-14 13:55:48 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2013-12-18 13:29:07 +0000
commit: ed496b3d42e908e9edee0da7585e25d0e2075910 (patch)
tree: 8de7f23d47c2e7176aae44a5eeb0cd4a8fd4529b /ssl/s3_pkt.c
parent: 88c21c47a3d187d4f8c4e87e3c6088198cb08a99 (diff)
download: openssl-ed496b3d42e908e9edee0da7585e25d0e2075910.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 33286b84d2..a6fd3bf12e 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1563,8 +1563,14 @@ int ssl3_do_change_cipher_spec(SSL *s)
 		slen=s->method->ssl3_enc->client_finished_label_len;
 		}
 
-	s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
+	i = s->method->ssl3_enc->final_finish_mac(s,
 		sender,slen,s->s3->tmp.peer_finish_md);
+	if (i == 0)
+		{
+		SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
+		return 0;
+		}
+	s->s3->tmp.peer_finish_md_len = i;
 
 	return(1);
 	}
author	Dr. Stephen Henson <steve@openssl.org>	2013-12-14 13:55:48 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2013-12-18 13:29:07 +0000
commit	ed496b3d42e908e9edee0da7585e25d0e2075910 (patch)
tree	8de7f23d47c2e7176aae44a5eeb0cd4a8fd4529b /ssl/s3_pkt.c
parent	88c21c47a3d187d4f8c4e87e3c6088198cb08a99 (diff)
download	openssl-ed496b3d42e908e9edee0da7585e25d0e2075910.tar.gz