aboutsummaryrefslogtreecommitdiff
path: root/ssl/d1_clnt.c
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2014-08-07 16:51:50 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2014-08-07 16:51:50 +0000
commit6846a6dfd06216c71f1c9d1da1fa957d0f9ce016 (patch)
treeb4301f78efe63b5c59d963d87744b03588432bd4 /ssl/d1_clnt.c
parentf2c8f580eb02fc9ff060de5b242c825113c7a065 (diff)
vendor/openssl/0.9.8zb
Diffstat (limited to 'ssl/d1_clnt.c')
-rw-r--r--ssl/d1_clnt.c16
1 files changed, 14 insertions, 2 deletions
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index ac24bfb35ed8..58a3b469940b 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -796,6 +796,13 @@ int dtls1_send_client_key_exchange(SSL *s)
RSA *rsa;
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+ if (s->session->sess_cert == NULL)
+ {
+ /* We should always have a server certificate with SSL_kRSA. */
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
if (s->session->sess_cert->peer_rsa_tmp != NULL)
rsa=s->session->sess_cert->peer_rsa_tmp;
else
@@ -986,6 +993,13 @@ int dtls1_send_client_key_exchange(SSL *s)
{
DH *dh_srvr,*dh_clnt;
+ if (s->session->sess_cert == NULL)
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
+ goto err;
+ }
+
if (s->session->sess_cert->peer_dh_tmp != NULL)
dh_srvr=s->session->sess_cert->peer_dh_tmp;
else
@@ -1226,5 +1240,3 @@ int dtls1_send_client_certificate(SSL *s)
/* SSL3_ST_CW_CERT_D */
return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
}
-
-
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-26 02:41:47 +0000