Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 223429 | Differences between
and this patch

Collapse All | Expand All

(-)CHANGES (+4 lines)
Lines 4-9 Link Here
4
4
5
 Changes between 0.9.8g and 0.9.8h  [xx XXX xxxx]
5
 Changes between 0.9.8g and 0.9.8h  [xx XXX xxxx]
6
6
7
  *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
8
     handshake which could lead to a cilent crash as found using the
9
     Codenomicon TLS test suite (CVE-2008-1672) [Steve Henson, Mark Cox]
10
7
  *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
11
  *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
8
     to get the expected BN_FLG_CONSTTIME behavior.
12
     to get the expected BN_FLG_CONSTTIME behavior.
9
     [Bodo Moeller (Google)]
13
     [Bodo Moeller (Google)]
(-)ssl/s3_clnt.c (+7 lines)
Lines 2061-2066 Link Here
2061
			{
2061
			{
2062
			DH *dh_srvr,*dh_clnt;
2062
			DH *dh_srvr,*dh_clnt;
2063
2063
2064
                        if (s->session->sess_cert == NULL) 
2065
                                {
2066
                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
2067
                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
2068
                                goto err;
2069
                                }
2070
2064
			if (s->session->sess_cert->peer_dh_tmp != NULL)
2071
			if (s->session->sess_cert->peer_dh_tmp != NULL)
2065
				dh_srvr=s->session->sess_cert->peer_dh_tmp;
2072
				dh_srvr=s->session->sess_cert->peer_dh_tmp;
2066
			else
2073
			else

Return to bug 223429