diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2013-12-14 13:55:48 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-12-18 13:29:07 +0000 |
commit | ed496b3d42e908e9edee0da7585e25d0e2075910 (patch) | |
tree | 8de7f23d47c2e7176aae44a5eeb0cd4a8fd4529b /ssl/s3_pkt.c | |
parent | 88c21c47a3d187d4f8c4e87e3c6088198cb08a99 (diff) | |
download | openssl-ed496b3d42e908e9edee0da7585e25d0e2075910.tar.gz |
Check EVP errors for handshake digests.
Partial mitigation of PR#3200
(cherry picked from commit 0294b2be5f4c11e60620c0018674ff0e17b14238)
Diffstat (limited to 'ssl/s3_pkt.c')
-rw-r--r-- | ssl/s3_pkt.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 33286b84d2..a6fd3bf12e 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -1563,8 +1563,14 @@ int ssl3_do_change_cipher_spec(SSL *s) slen=s->method->ssl3_enc->client_finished_label_len; } - s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, + i = s->method->ssl3_enc->final_finish_mac(s, sender,slen,s->s3->tmp.peer_finish_md); + if (i == 0) + { + SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR); + return 0; + } + s->s3->tmp.peer_finish_md_len = i; return(1); } |