From 0742ac3b05413210ed7dacd1271f95ecc9352b27 Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Tue, 6 Jan 2015 09:59:55 +0000 Subject: openssl: fix CVE-2014-3569 Signed-off-by: Steven Barth git-svn-id: svn://svn.openwrt.org/openwrt/trunk@43858 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- .../openssl/patches/001-fix-CVE-2014-3569.patch | 38 ++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 package/libs/openssl/patches/001-fix-CVE-2014-3569.patch (limited to 'package/libs/openssl/patches') diff --git a/package/libs/openssl/patches/001-fix-CVE-2014-3569.patch b/package/libs/openssl/patches/001-fix-CVE-2014-3569.patch new file mode 100644 index 0000000000..26dfb29452 --- /dev/null +++ b/package/libs/openssl/patches/001-fix-CVE-2014-3569.patch @@ -0,0 +1,38 @@ +From: Kurt Roeckx +Date: Tue, 21 Oct 2014 18:45:15 +0000 (+0200) +Subject: Keep old method in case of an unsupported protocol +X-Git-Url: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=392fa7a952e97d82eac6958c81ed1e256e6b8ca5 + +Keep old method in case of an unsupported protocol + +When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set +the method to NULL. We didn't used to do that, and it breaks things. This is a +regression introduced in 62f45cc27d07187b59551e4fad3db4e52ea73f2c. Keep the old +method since the code is not able to deal with a NULL method at this time. + +CVE-2014-3569, PR#3571 + +Reviewed-by: Emilia Käsper +--- + +diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c +index 38960ba..858420d 100644 +--- a/ssl/s23_srvr.c ++++ b/ssl/s23_srvr.c +@@ -615,12 +615,14 @@ int ssl23_get_client_hello(SSL *s) + if ((type == 2) || (type == 3)) + { + /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ +- s->method = ssl23_get_server_method(s->version); +- if (s->method == NULL) ++ const SSL_METHOD *new_method; ++ new_method = ssl23_get_server_method(s->version); ++ if (new_method == NULL) + { + SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); + goto err; + } ++ s->method = new_method; + + if (!ssl_init_wbio_buffer(s,1)) goto err; + -- cgit v1.2.3