Check EVP errors for handshake digests. Partial mitigation of PR#3200 (cherry picked from commit 0294b2be5f4c11e60620c0018674ff0e17b14238)

commit: ed496b3d42e908e9edee0da7585e25d0e2075910 [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Sat Dec 14 13:55:48 2013 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Wed Dec 18 13:29:07 2013 +0000
tree: 8de7f23d47c2e7176aae44a5eeb0cd4a8fd4529b
parent: 88c21c47a3d187d4f8c4e87e3c6088198cb08a99 [diff] [blame]
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 33286b8..a6fd3bf 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c

@@ -1563,8 +1563,14 @@
 		slen=s->method->ssl3_enc->client_finished_label_len;
 		}
 
-	s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
+	i = s->method->ssl3_enc->final_finish_mac(s,
 		sender,slen,s->s3->tmp.peer_finish_md);
+	if (i == 0)
+		{
+		SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
+		return 0;
+		}
+	s->s3->tmp.peer_finish_md_len = i;
 
 	return(1);
 	}
commit	ed496b3d42e908e9edee0da7585e25d0e2075910	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Sat Dec 14 13:55:48 2013 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Wed Dec 18 13:29:07 2013 +0000
tree	8de7f23d47c2e7176aae44a5eeb0cd4a8fd4529b
parent	88c21c47a3d187d4f8c4e87e3c6088198cb08a99 [diff] [blame]