Only allow a temporary rsa key exchange when they key is larger than 512.

author Kurt Roeckx <kurt@roeckx.be>

Sat, 18 Apr 2015 17:15:48 +0000 (19:15 +0200)

committer Kurt Roeckx <kurt@roeckx.be>

Mon, 8 Jun 2015 22:46:59 +0000 (00:46 +0200)
author Kurt Roeckx <kurt@roeckx.be>
Sat, 18 Apr 2015 17:15:48 +0000 (19:15 +0200)
committer Kurt Roeckx <kurt@roeckx.be>
Mon, 8 Jun 2015 22:46:59 +0000 (00:46 +0200)
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c

index 2f7b093c3dd2cdf42da4bf5e89c690c5532d5b37..935a621e6db22aa305b31b73cac4687e3ab791c4 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -334,7 +334,7 @@ int ssl3_connect(SSL *s)
              if (!
                  (s->s3->tmp.
                   new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
-&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+                    && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
                  ret = ssl3_get_server_certificate(s);
                  if (ret <= 0)
                      goto end;
@@ -1704,6 +1704,13 @@ int ssl3_get_key_exchange(SSL *s)
              SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
              goto err;
          }
+
+        if (EVP_PKEY_bits(pkey) <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+            goto f_err;
+        }
+
          s->session->sess_cert->peer_rsa_tmp = rsa;
          rsa = NULL;
      }
author	Kurt Roeckx <kurt@roeckx.be>
	Sat, 18 Apr 2015 17:15:48 +0000 (19:15 +0200)
committer	Kurt Roeckx <kurt@roeckx.be>
	Mon, 8 Jun 2015 22:46:59 +0000 (00:46 +0200)