From: Matt Caswell <matt@openssl.org>
Date: Wed, 10 Jun 2015 08:32:34 +0000 (+0100)
Subject: Fix Kerberos issue in ssl_session_dup
X-Git-Tag: OpenSSL_1_0_0s~8
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=9545eac45bc79496763d2ded02629f88a8629fb9;p=oweals%2Fopenssl.git

Fix Kerberos issue in ssl_session_dup

The fix for CVE-2015-1791 introduced an error in ssl_session_dup for
Kerberos.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit dcad51bc13c9b716d9a66248bcc4038c071ff158)
---

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 98b9107b5a..1fb682a9b3 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -239,7 +239,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     memcpy(dest, src, sizeof(*dest));
 
 #ifndef OPENSSL_NO_KRB5
-    dest->krb5_client_princ_len = dest->krb5_client_princ_len;
+    dest->krb5_client_princ_len = src->krb5_client_princ_len;
     if (src->krb5_client_princ_len > 0)
         memcpy(dest->krb5_client_princ, src->krb5_client_princ,
                src->krb5_client_princ_len);