Attachment 306751 Details for Bug 448495 – Upstream patch

[patch] Upstream patch

CVE-2008-1672.patch (text/plain), 1.52 KB, created by Tomas Hoger on 2008-05-27 09:36:47 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Tomas Hoger

Created: 2008-05-27 09:36:47 UTC

Size: 1.52 KB

patch

obsolete

>Index: CHANGES
>===================================================================
>RCS file: /e/openssl/cvs/openssl/CHANGES,v
>retrieving revision 1.1238.2.86
>diff -u -r1.1238.2.86 CHANGES
>--- CHANGES	28 Feb 2008 13:35:58 -0000	1.1238.2.86
>+++ CHANGES	22 May 2008 09:19:30 -0000
>@@ -4,6 +4,10 @@
> 
>  Changes between 0.9.8g and 0.9.8h  [xx XXX xxxx]
> 
>+  *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
>+     handshake which could lead to a cilent crash as found using the
>+     Codenomicon TLS test suite (CVE-2008-1672) [Steve Henson, Mark Cox]
>+
>   *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
>      to get the expected BN_FLG_CONSTTIME behavior.
>      [Bodo Moeller (Google)]
>Index: ssl/s3_clnt.c
>===================================================================
>RCS file: /e/openssl/cvs/openssl/ssl/s3_clnt.c,v
>retrieving revision 1.88.2.12
>diff -u -r1.88.2.12 s3_clnt.c
>--- ssl/s3_clnt.c	3 Nov 2007 13:07:39 -0000	1.88.2.12
>+++ ssl/s3_clnt.c	22 May 2008 09:19:30 -0000
>@@ -2061,6 +2061,13 @@
> 			{
> 			DH *dh_srvr,*dh_clnt;
> 
>+                        if (s->session->sess_cert == NULL) 
>+                                {
>+                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
>+                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
>+                                goto err;
>+                                }
>+
> 			if (s->session->sess_cert->peer_dh_tmp != NULL)
> 				dh_srvr=s->session->sess_cert->peer_dh_tmp;
> 			else

Actions: View | Diff

Attachments on bug 448495: 306751