[Pkg-openssl-changes] r408 - in openssl/branches/lenny: debian ssl

Kurt Roeckx kroeckx at alioth.debian.org
Mon Jun 8 17:45:23 UTC 2009 

Author: kroeckx
Date: 2009-06-08 17:45:22 +0000 (Mon, 08 Jun 2009)
New Revision: 408

Modified:
   openssl/branches/lenny/debian/changelog
   openssl/branches/lenny/ssl/s3_pkt.c
   openssl/branches/lenny/ssl/ssl.h
   openssl/branches/lenny/ssl/ssl_err.c
Log:
Fix CVE-2009-1386


Modified: openssl/branches/lenny/debian/changelog
===================================================================
--- openssl/branches/lenny/debian/changelog	2009-06-08 17:43:54 UTC (rev 407)
+++ openssl/branches/lenny/debian/changelog	2009-06-08 17:45:22 UTC (rev 408)
@@ -1,3 +1,10 @@
+openssl (0.9.8g-15+lenny3) stable-security; urgency=low
+
+  * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello
+    (CVE-2009-1386)
+
+ -- Kurt Roeckx <kurt at roeckx.be>  Mon, 08 Jun 2009 19:40:22 +0200
+
 openssl (0.9.8g-15+lenny2) stable-security; urgency=low
 
   * Fix "DTLS record buffer limitation bug." (CVE-2009-1377)

Modified: openssl/branches/lenny/ssl/s3_pkt.c
===================================================================
--- openssl/branches/lenny/ssl/s3_pkt.c	2009-06-08 17:43:54 UTC (rev 407)
+++ openssl/branches/lenny/ssl/s3_pkt.c	2009-06-08 17:45:22 UTC (rev 408)
@@ -1225,6 +1225,13 @@
 
 	if (s->s3->tmp.key_block == NULL)
 		{
+		if (s->session == NULL) 
+			{
+			/* might happen if dtls1_read_bytes() calls this */
+			SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);
+			return (0);
+			}
+
 		s->session->cipher=s->s3->tmp.new_cipher;
 		if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
 		}

Modified: openssl/branches/lenny/ssl/ssl.h
===================================================================
--- openssl/branches/lenny/ssl/ssl.h	2009-06-08 17:43:54 UTC (rev 407)
+++ openssl/branches/lenny/ssl/ssl.h	2009-06-08 17:45:22 UTC (rev 408)
@@ -1666,6 +1666,7 @@
 #define SSL_F_SSL3_CONNECT				 132
 #define SSL_F_SSL3_CTRL					 213
 #define SSL_F_SSL3_CTX_CTRL				 133
+#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC		 292
 #define SSL_F_SSL3_ENC					 134
 #define SSL_F_SSL3_GENERATE_KEY_BLOCK			 238
 #define SSL_F_SSL3_GET_CERTIFICATE_REQUEST		 135

Modified: openssl/branches/lenny/ssl/ssl_err.c
===================================================================
--- openssl/branches/lenny/ssl/ssl_err.c	2009-06-08 17:43:54 UTC (rev 407)
+++ openssl/branches/lenny/ssl/ssl_err.c	2009-06-08 17:45:22 UTC (rev 408)
@@ -138,6 +138,7 @@
 {ERR_FUNC(SSL_F_SSL3_CONNECT),	"SSL3_CONNECT"},
 {ERR_FUNC(SSL_F_SSL3_CTRL),	"SSL3_CTRL"},
 {ERR_FUNC(SSL_F_SSL3_CTX_CTRL),	"SSL3_CTX_CTRL"},
+{ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),	"SSL3_DO_CHANGE_CIPHER_SPEC"},
 {ERR_FUNC(SSL_F_SSL3_ENC),	"SSL3_ENC"},
 {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK),	"SSL3_GENERATE_KEY_BLOCK"},
 {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),	"SSL3_GET_CERTIFICATE_REQUEST"},

More information about the Pkg-openssl-changes mailing list