]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5ee4411)
Check return value of ssl3_output_cert_chain
authorDr. Stephen Henson <steve@openssl.org>
Tue, 18 Mar 2014 14:19:22 +0000 (14:19 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 16 Dec 2014 15:01:29 +0000 (15:01 +0000)
(cherry picked from commit 66f96fe2d519147097c118d4bf60704c69ed0635)

Reviewed-by: Tim Hudson <tjh@openssl.org>
ssl/s3_clnt.c patch | blob | history
ssl/s3_srvr.c patch | blob | history

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index b16b3c44c0492db429fde7f8732f2b42719c0e23..2b9fdb0599d49ef523cab22178d972bef78a9ed3 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -3470,8 +3470,13 @@ int ssl3_send_client_certificate(SSL *s)
        if (s->state == SSL3_ST_CW_CERT_C)
                {
                s->state=SSL3_ST_CW_CERT_D;
-               ssl3_output_cert_chain(s,
-                       (s->s3->tmp.cert_req == 2)?NULL:s->cert->key);
+               if (!ssl3_output_cert_chain(s,
+                       (s->s3->tmp.cert_req == 2)?NULL:s->cert->key))
+                       {
+                       SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+                       ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+                       return 0;
+                       }
                }
        /* SSL3_ST_CW_CERT_D */
        return ssl_do_write(s);
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index a4342ba83f5d4391af81adf06bca1d103f0af27a..83d110fcc7f0c53fcdd555b151bfbc379d9e8049 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -3450,7 +3450,11 @@ int ssl3_send_server_certificate(SSL *s)
                                }
                        }
 
-               ssl3_output_cert_chain(s,cpk);
+               if (!ssl3_output_cert_chain(s,cpk))
+                       {
+                       SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+                       return(0);
+                       }
                s->state=SSL3_ST_SW_CERT_B;
                }
 
Unnamed repository; edit this file 'description' to name the repository.