diff options
| author | marha <marha@users.sourceforge.net> | 2014-09-02 18:48:52 +0200 |
|---|---|---|
| committer | marha <marha@users.sourceforge.net> | 2014-09-02 18:48:52 +0200 |
| commit | dea8f13d8104872dec9243abe06f3d9e4c807ccd (patch) | |
| tree | b01e5b901eaca45f1e3aa2b6fddfd45ca271ee75 /openssl/ssl/s3_srvr.c | |
| parent | 3293021e6f582c7348667e7638941620134525e1 (diff) | |
| parent | 04168ae281bfbd714ddf6b90d98eac892508dde8 (diff) | |
| download | vcxsrv-dea8f13d8104872dec9243abe06f3d9e4c807ccd.tar.gz vcxsrv-dea8f13d8104872dec9243abe06f3d9e4c807ccd.tar.bz2 vcxsrv-dea8f13d8104872dec9243abe06f3d9e4c807ccd.zip | |
Merge remote-tracking branch 'origin/released'
Conflicts:
openssl/Makefile
openssl/crypto/opensslconf.h
Diffstat (limited to 'openssl/ssl/s3_srvr.c')
| -rw-r--r-- | openssl/ssl/s3_srvr.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/openssl/ssl/s3_srvr.c b/openssl/ssl/s3_srvr.c index 503bed3fe..286750128 100644 --- a/openssl/ssl/s3_srvr.c +++ b/openssl/ssl/s3_srvr.c @@ -2795,6 +2795,13 @@ int ssl3_get_client_key_exchange(SSL *s) SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_BN_LIB); goto err; } + if (BN_ucmp(s->srp_ctx.A, s->srp_ctx.N) >= 0 + || BN_is_zero(s->srp_ctx.A)) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_SRP_PARAMETERS); + goto f_err; + } if (s->session->srp_username != NULL) OPENSSL_free(s->session->srp_username); s->session->srp_username = BUF_strdup(s->srp_ctx.login); @@ -2918,7 +2925,7 @@ int ssl3_get_cert_verify(SSL *s) SSL3_ST_SR_CERT_VRFY_A, SSL3_ST_SR_CERT_VRFY_B, -1, - 516, /* Enough for 4096 bit RSA key with TLS v1.2 */ + SSL3_RT_MAX_PLAIN_LENGTH, &ok); if (!ok) return((int)n); |