Premaster secret handling fixes
authorAdam Langley <agl@chromium.org>
Tue, 16 Dec 2014 13:03:47 +0000 (14:03 +0100)
committerEmilia Kasper <emilia@openssl.org>
Wed, 17 Dec 2014 13:03:43 +0000 (14:03 +0100)
commit1ecfb673358ccc1129899e5854e6275520b2be65
tree09a6c63637216cfbc6957dbf1daec3c4c08c650c
parentbb565cd29e34caeeaf12ecfdbe6273c2c794f5a2
Premaster secret handling fixes

From BoringSSL
- Send an alert when the client key exchange isn't correctly formatted.
- Reject overly short RSA ciphertexts to avoid a (benign) out-of-bounds memory access.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 4aecfd4d9f366c849c9627ab666d1b1addc024e6)
ssl/s3_srvr.c