From: Bodo Möller <bodo@openssl.org>
Date: Wed, 13 Aug 2008 19:44:44 +0000 (+0000)
Subject: sanity check
X-Git-Tag: OpenSSL_0_9_8i~22
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f9f6f0e9f0a9f91a4e4a5c3c165b1f5486e75213;p=oweals%2Fopenssl.git

sanity check

PR: 1679
---

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 44c7c143fe..72853a2e72 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1225,6 +1225,13 @@ int ssl3_do_change_cipher_spec(SSL *s)
 
 	if (s->s3->tmp.key_block == NULL)
 		{
+		if (s->session == NULL) 
+			{
+			/* might happen if dtls1_read_bytes() calls this */
+			SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);
+			return (0);
+			}
+
 		s->session->cipher=s->s3->tmp.new_cipher;
 		if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
 		}
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 6360521fd5..ff8a128d3c 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1709,6 +1709,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL3_CONNECT				 132
 #define SSL_F_SSL3_CTRL					 213
 #define SSL_F_SSL3_CTX_CTRL				 133
+#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC		 279
 #define SSL_F_SSL3_ENC					 134
 #define SSL_F_SSL3_GENERATE_KEY_BLOCK			 238
 #define SSL_F_SSL3_GET_CERTIFICATE_REQUEST		 135
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 2f6f192e86..24a994fe01 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -138,6 +138,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_FUNC(SSL_F_SSL3_CONNECT),	"SSL3_CONNECT"},
 {ERR_FUNC(SSL_F_SSL3_CTRL),	"SSL3_CTRL"},
 {ERR_FUNC(SSL_F_SSL3_CTX_CTRL),	"SSL3_CTX_CTRL"},
+{ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),	"SSL3_DO_CHANGE_CIPHER_SPEC"},
 {ERR_FUNC(SSL_F_SSL3_ENC),	"SSL3_ENC"},
 {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK),	"SSL3_GENERATE_KEY_BLOCK"},
 {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),	"SSL3_GET_CERTIFICATE_REQUEST"},