Ensure that we do not process a ChangeCipherSpec with an empty master

secret. This is an additional safeguard against early ChangeCipherSpec handling. From OpenSSL. ok deraadt@
author: jsing <jsing@openbsd.org> 2014-06-05 15:51:06 +0000
committer: jsing <jsing@openbsd.org> 2014-06-05 15:51:06 +0000
commit: 952cbb89b6e975d89b29e44aaf38cb90a4c26852 (patch)
tree: b4f42d712d35ee2c9c028c712130a5857e45145d /lib/libssl/src
parent: Be selective as to when ChangeCipherSpec messages will be accepted. (diff)
download: wireguard-openbsd-952cbb89b6e975d89b29e44aaf38cb90a4c26852.tar.xz
wireguard-openbsd-952cbb89b6e975d89b29e44aaf38cb90a4c26852.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libssl/src/ssl/s3_pkt.c b/lib/libssl/src/ssl/s3_pkt.c
index 58d8221fe4c..942ab37b959 100644
--- a/lib/libssl/src/ssl/s3_pkt.c
+++ b/lib/libssl/src/ssl/s3_pkt.c
@@ -1337,7 +1337,7 @@ ssl3_do_change_cipher_spec(SSL *s)
 		i = SSL3_CHANGE_CIPHER_CLIENT_READ;
 
 	if (s->s3->tmp.key_block == NULL) {
-		if (s->session == NULL) {
+		if (s->session == NULL || s->session->master_key_length == 0) {
 			/* might happen if dtls1_read_bytes() calls this */
 			SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,
 			    SSL_R_CCS_RECEIVED_EARLY);
author	jsing <jsing@openbsd.org>	2014-06-05 15:51:06 +0000
committer	jsing <jsing@openbsd.org>	2014-06-05 15:51:06 +0000
commit	952cbb89b6e975d89b29e44aaf38cb90a4c26852 (patch)
tree	b4f42d712d35ee2c9c028c712130a5857e45145d /lib/libssl/src
parent	Be selective as to when ChangeCipherSpec messages will be accepted. (diff)
download	wireguard-openbsd-952cbb89b6e975d89b29e44aaf38cb90a4c26852.tar.xz wireguard-openbsd-952cbb89b6e975d89b29e44aaf38cb90a4c26852.zip