https://github.com/openssl/openssl
Revision f7fe3d235abf201343c20a59f9d9c8957acc62ff authored by Dr. Stephen Henson on 23 October 2014, 19:36:17 UTC, committed by Matt Caswell on 08 January 2015, 14:14:56 UTC
Fix to prevent use of DH client certificates without sending certificate verify message. If we've used a client certificate to generate the premaster secret ssl3_get_client_key_exchange returns 2 and ssl3_get_cert_verify is never called. We can only skip the certificate verify message in ssl3_get_cert_verify if the client didn't send a certificate. Thanks to Karthikeyan Bhargavan for reporting this issue. CVE-2015-0205 Reviewed-by: Matt Caswell <matt@openssl.org>
1 parent b2688c9
Tip revision: f7fe3d235abf201343c20a59f9d9c8957acc62ff authored by Dr. Stephen Henson on 23 October 2014, 19:36:17 UTC
Unauthenticated DH client certificate fix.
Unauthenticated DH client certificate fix.
Tip revision: f7fe3d2
| File | Mode | Size |
|---|---|---|
| MacOS | ||
| Netware | ||
| VMS | ||
| apps | ||
| bugs | ||
| certs | ||
| crypto | ||
| demos | ||
| doc | ||
| engines | ||
| include | ||
| ms | ||
| os2 | ||
| perl | ||
| shlib | ||
| ssl | ||
| test | ||
| times | ||
| tools | ||
| util | ||
| .cvsignore | -rw-r--r-- | 193 bytes |
| .gitignore | -rw-r--r-- | 1.0 KB |
| ACKNOWLEDGMENTS | -rw-r--r-- | 1.0 KB |
| CHANGES | -rw-r--r-- | 423.2 KB |
| CHANGES.SSLeay | -rw-r--r-- | 41.7 KB |
| Configure | -rwxr-xr-x | 96.0 KB |
| FAQ | -rw-r--r-- | 45.4 KB |
| INSTALL | -rw-r--r-- | 14.3 KB |
| INSTALL.DJGPP | -rw-r--r-- | 2.0 KB |
| INSTALL.MacOS | -rw-r--r-- | 3.2 KB |
| INSTALL.NW | -rw-r--r-- | 18.4 KB |
| INSTALL.OS2 | -rw-r--r-- | 744 bytes |
| INSTALL.VMS | -rw-r--r-- | 10.7 KB |
| INSTALL.W32 | -rw-r--r-- | 11.6 KB |
| INSTALL.W64 | -rw-r--r-- | 2.1 KB |
| INSTALL.WCE | -rw-r--r-- | 3.2 KB |
| LICENSE | -rw-r--r-- | 6.1 KB |
| Makefile.org | -rw-r--r-- | 22.1 KB |
| Makefile.shared | -rw-r--r-- | 21.4 KB |
| NEWS | -rw-r--r-- | 28.9 KB |
| PROBLEMS | -rw-r--r-- | 8.5 KB |
| README | -rw-r--r-- | 8.9 KB |
| README.ASN1 | -rw-r--r-- | 7.5 KB |
| README.ENGINE | -rw-r--r-- | 15.7 KB |
| TABLE | -rw-r--r-- | 133.2 KB |
| config | -rwxr-xr-x | 26.6 KB |
| e_os.h | -rw-r--r-- | 23.7 KB |
| e_os2.h | -rw-r--r-- | 9.8 KB |
| install.com | -rw-r--r-- | 3.6 KB |
| makevms.com | -rwxr-xr-x | 38.6 KB |
| openssl.doxy | -rw-r--r-- | 137 bytes |
| openssl.spec | -rw-r--r-- | 7.7 KB |
Computing file changes ...
