diff options
author | delphij <delphij@FreeBSD.org> | 2015-01-14 21:27:46 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2015-01-14 21:27:46 +0000 |
commit | 36d7decb8c0323dd9f1647968a279107edea187d (patch) | |
tree | 166dc42229467d46f3cb30e3d2b05abe446200b7 /crypto/openssl/ssl/ssl_lib.c | |
parent | 8bdb2f8c4812c5515515d2e20d4fbc97d4dd3aab (diff) | |
download | FreeBSD-src-36d7decb8c0323dd9f1647968a279107edea187d.zip FreeBSD-src-36d7decb8c0323dd9f1647968a279107edea187d.tar.gz |
Fix multiple vulnerabilities in OpenSSL. [SA-15:01]
Approved by: so
Diffstat (limited to 'crypto/openssl/ssl/ssl_lib.c')
-rw-r--r-- | crypto/openssl/ssl/ssl_lib.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c index 3f66fc0..4be1c5d 100644 --- a/crypto/openssl/ssl/ssl_lib.c +++ b/crypto/openssl/ssl/ssl_lib.c @@ -2996,10 +2996,32 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx) } ssl_cert_free(ocert); } + + /* + * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH), + * so setter APIs must prevent invalid lengths from entering the system. + */ + OPENSSL_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx)); + + /* + * If the session ID context matches that of the parent SSL_CTX, + * inherit it from the new SSL_CTX as well. If however the context does + * not match (i.e., it was set per-ssl with SSL_set_session_id_context), + * leave it unchanged. + */ + if ((ssl->ctx != NULL) && + (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) && + (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) + { + ssl->sid_ctx_length = ctx->sid_ctx_length; + memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx)); + } + CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); if (ssl->ctx != NULL) SSL_CTX_free(ssl->ctx); /* decrement reference count */ ssl->ctx = ctx; + return(ssl->ctx); } |