1
From bff5319d9038765f864ef06e2e3c766f5c01dbd7 Mon Sep 17 00:00:00 2001
2
From: =?utf8?q?Emilia=20K=C3=A4sper?= <emilia@openssl.org>
3
Date: Thu, 24 Jul 2014 22:15:29 +0200
4
Subject: [PATCH] Fix DTLS anonymous EC(DH) denial of service
8
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10
ssl/d1_clnt.c | 16 ++++++++++++++--
11
ssl/s3_clnt.c | 7 +++++++
12
2 files changed, 21 insertions(+), 2 deletions(-)
14
Index: openssl-0.9.8k/ssl/d1_clnt.c
15
===================================================================
16
--- openssl-0.9.8k.orig/ssl/d1_clnt.c 2014-08-07 08:48:09.402887240 -0400
17
+++ openssl-0.9.8k/ssl/d1_clnt.c 2014-08-07 08:48:09.398887240 -0400
20
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
22
+ if (s->session->sess_cert == NULL)
24
+ /* We should always have a server certificate with SSL_kRSA. */
25
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
29
if (s->session->sess_cert->peer_rsa_tmp != NULL)
30
rsa=s->session->sess_cert->peer_rsa_tmp;
36
+ if (s->session->sess_cert == NULL)
38
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
39
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
43
if (s->session->sess_cert->peer_dh_tmp != NULL)
44
dh_srvr=s->session->sess_cert->peer_dh_tmp;
47
/* SSL3_ST_CW_CERT_D */
48
return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
52
Index: openssl-0.9.8k/ssl/s3_clnt.c
53
===================================================================
54
--- openssl-0.9.8k.orig/ssl/s3_clnt.c 2014-08-07 08:48:09.402887240 -0400
55
+++ openssl-0.9.8k/ssl/s3_clnt.c 2014-08-07 08:48:09.398887240 -0400
56
@@ -1904,6 +1904,13 @@
58
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
60
+ if (s->session->sess_cert == NULL)
62
+ /* We should always have a server certificate with SSL_kRSA. */
63
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
67
if (s->session->sess_cert->peer_rsa_tmp != NULL)
68
rsa=s->session->sess_cert->peer_rsa_tmp;