Security fix for CVE-2010-0740

"In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL." http://openssl.org/news/secadv_20100324.txt ok deraadt@ djm@ sthen@
author: jasper <jasper@openbsd.org> 2010-04-14 12:41:05 +0000
committer: jasper <jasper@openbsd.org> 2010-04-14 12:41:05 +0000
commit: 464c392f568d6459301531c43f050d18b0e84477 (patch)
tree: 1ce2d21646c0deafb28f29cb86ea1dafd2276536 /lib/libssl/src
parent: sync (diff)
download: wireguard-openbsd-464c392f568d6459301531c43f050d18b0e84477.tar.xz
wireguard-openbsd-464c392f568d6459301531c43f050d18b0e84477.zip
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/libssl/src/ssl/s3_pkt.c b/lib/libssl/src/ssl/s3_pkt.c
index b98b84044fd..515739c08c2 100644
--- a/lib/libssl/src/ssl/s3_pkt.c
+++ b/lib/libssl/src/ssl/s3_pkt.c
@@ -282,9 +282,10 @@ again:
 			if (version != s->version)
 				{
 				SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-				/* Send back error using their
-				 * version number :-) */
-				s->version=version;
+                                if ((s->version & 0xFF00) == (version & 0xFF00))
+                                	/* Send back error using their
+					 * minor version number :-) */
+					s->version = (unsigned short)version;
 				al=SSL_AD_PROTOCOL_VERSION;
 				goto f_err;
 				}
author	jasper <jasper@openbsd.org>	2010-04-14 12:41:05 +0000
committer	jasper <jasper@openbsd.org>	2010-04-14 12:41:05 +0000
commit	464c392f568d6459301531c43f050d18b0e84477 (patch)
tree	1ce2d21646c0deafb28f29cb86ea1dafd2276536 /lib/libssl/src
parent	sync (diff)
download	wireguard-openbsd-464c392f568d6459301531c43f050d18b0e84477.tar.xz wireguard-openbsd-464c392f568d6459301531c43f050d18b0e84477.zip