Correct problem in the 2006-09-28 patch concerning the handling of

excessively large DH moduli.

Reported by:	Steve Kiernan (Juniper SIRT)
Security:	FreeBSD-SA-06:23.openssl
Approved by:	so (cperciva)

3 files changed, 6 insertions, 2 deletions

diff --git a/UPDATING b/UPDATING
index 3c448e1d5bd2..9fdb427036bb 100644
--- a/UPDATING
+++ b/UPDATING
@@ -8,6 +8,10 @@ Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before running
 portupgrade.  Important recent entries: 20040724 (default X changes).
 
+20060929:	p36	FreeBSD-SA-06:23.openssl
+	Correct problem in the 2006-09-28 patch concerning the handling of
+	excessively large DH moduli.
+
 20060928:	p35	FreeBSD-SA-06:23.openssl
 	Correct multiple vulnerabilities in crypto(3).
 	Limit the size of public keys used in order to protect applications
diff --git a/crypto/openssl/crypto/dh/dh_key.c b/crypto/openssl/crypto/dh/dh_key.c
index 649aa5cffde4..3faf94a7f704 100644
--- a/crypto/openssl/crypto/dh/dh_key.c
+++ b/crypto/openssl/crypto/dh/dh_key.c
@@ -165,7 +165,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 	if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
 		{
 		DHerr(DH_F_DH_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
-		goto err;
+		return -1;
 		}
 
 	ctx = BN_CTX_new();
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index e6dff66adfda..01c8caed7f29 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -32,7 +32,7 @@
 
 TYPE="FreeBSD"
 REVISION="5.3"
-BRANCH="RELEASE-p35"
+BRANCH="RELEASE-p36"
 RELEASE="${REVISION}-${BRANCH}"
 VERSION="${TYPE} ${RELEASE}"