diff options
author | Mark J. Cox <mark@openssl.org> | 2004-03-17 11:40:44 +0000 |
---|---|---|
committer | Mark J. Cox <mark@openssl.org> | 2004-03-17 11:40:44 +0000 |
commit | 8ccf402239a07d23ab308c9dc11bfbe59bad3e65 (patch) | |
tree | 67048ca130d8c3a3b017bf71be4a9363f7e7a03a | |
parent | 8b3b01a2d4a8884904172d046dc032b8ee5c5109 (diff) |
Fix null-pointer assignment in do_change_cipher_spec() revealedOpenSSL_0_9_6m
by using the Codenomicon TLS Test Tool (CAN-2004-0079)
Prepare for 0.9.6m tagging and release
Submitted by: Steven Henson
Reviewed by: Joe Orton
Approved by: Mark Cox
-rw-r--r-- | CHANGES | 6 | ||||
-rw-r--r-- | FAQ | 2 | ||||
-rw-r--r-- | LICENSE | 2 | ||||
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | STATUS | 4 | ||||
-rw-r--r-- | crypto/opensslv.h | 4 | ||||
-rw-r--r-- | openssl.spec | 2 | ||||
-rw-r--r-- | ssl/s3_pkt.c | 8 |
9 files changed, 26 insertions, 10 deletions
@@ -2,9 +2,11 @@ OpenSSL CHANGES _______________ - Changes between 0.9.6l and 0.9.6m [xx XXX xxxx] + Changes between 0.9.6l and 0.9.6m [17 Mar 2004] - *) + *) Fix null-pointer assignment in do_change_cipher_spec() revealed + by using the Codenomicon TLS Test Tool (CAN-2004-0079) + [Joe Orton, Steve Henson] Changes between 0.9.6k and 0.9.6l [04 Nov 2003] @@ -63,7 +63,7 @@ OpenSSL - Frequently Asked Questions * Which is the current version of OpenSSL? The current version is available from <URL: http://www.openssl.org>. -OpenSSL 0.9.7c was released on September 30, 2003. +OpenSSL 0.9.7d was released on March 17, 2004. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at <URL: @@ -12,7 +12,7 @@ --------------- /* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -5,6 +5,10 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.6l and OpenSSL 0.9.6m: + + o Security: fix null-pointer bug leading to crash + Major changes between OpenSSL 0.9.6k and OpenSSL 0.9.6l: o Security: fix ASN1 bug leading to large recursion @@ -1,7 +1,7 @@ - OpenSSL 0.9.6l 04 Nov 2003 + OpenSSL 0.9.6m 17 Mar 2004 - Copyright (c) 1998-2003 The OpenSSL Project + Copyright (c) 1998-2004 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson All rights reserved. @@ -1,14 +1,16 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2003/11/04 11:30:38 $ + ______________ $Date: 2004/03/17 11:40:42 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... + o OpenSSL 0.9.7d: Released on March 17th, 2004 o OpenSSL 0.9.7c: Released on September 30th, 2003 o OpenSSL 0.9.7b: Released on April 10th, 2003 o OpenSSL 0.9.7a: Released on February 19th, 2003 o OpenSSL 0.9.7: Released on December 31st, 2002 + o OpenSSL 0.9.6m: Released on March 17th, 2004 o OpenSSL 0.9.6l: Released on November 4th, 2003 o OpenSSL 0.9.6k: Released on September 30th, 2003 o OpenSSL 0.9.6j: Released on April 10th, 2003 diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 1c4bcf26ee..e929524eda 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,8 +25,8 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x009060d0L -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6m-dev xx XXX xxxx" +#define OPENSSL_VERSION_NUMBER 0x009060dfL +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6m 17 Mar 2004" #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/openssl.spec b/openssl.spec index c93b917dfd..757c770bb6 100644 --- a/openssl.spec +++ b/openssl.spec @@ -1,7 +1,7 @@ %define libmaj 0 %define libmin 9 %define librel 6 -%define librev l +%define librev m Release: 1 %define openssldir /var/ssl diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index caf975d688..75b49f715f 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -1079,6 +1079,14 @@ start: goto err; } + /* Check we have a cipher to change to */ + if (s->s3->tmp.new_cipher == NULL) + { + i=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY); + goto err; + } + rr->length=0; s->s3->change_cipher_spec=1; if (!do_change_cipher_spec(s)) |