base/SOURCES/openssl-1.0.1e-cve-2015-319...

diff -up openssl-1.0.1e/ssl/s3_clnt.c.psk-identity openssl-1.0.1e/ssl/s3_clnt.c
--- openssl-1.0.1e/ssl/s3_clnt.c.psk-identity	2015-12-04 09:01:53.000000000 +0100
+++ openssl-1.0.1e/ssl/s3_clnt.c	2015-12-04 09:36:24.182010426 +0100
@@ -1367,8 +1367,6 @@ int ssl3_get_key_exchange(SSL *s)
 #ifndef OPENSSL_NO_PSK
 	if (alg_k & SSL_kPSK)
 		{
-		char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1];
-
 		al=SSL_AD_HANDSHAKE_FAILURE;
 		n2s(p,i);
 		param_len=i+2;
@@ -1389,16 +1387,8 @@ int ssl3_get_key_exchange(SSL *s)
 				SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
 			goto f_err;
 			}
-		/* If received PSK identity hint contains NULL
-		 * characters, the hint is truncated from the first
-		 * NULL. p may not be ending with NULL, so create a
-		 * NULL-terminated string. */
-		memcpy(tmp_id_hint, p, i);
-		memset(tmp_id_hint+i, 0, PSK_MAX_IDENTITY_LEN+1-i);
-		if (s->ctx->psk_identity_hint != NULL)
-			OPENSSL_free(s->ctx->psk_identity_hint);
-		s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);
-		if (s->ctx->psk_identity_hint == NULL)
+		s->session->psk_identity_hint = BUF_strndup((char *)p, i);
+		if (s->session->psk_identity_hint == NULL)
 			{
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
 			goto f_err;
@@ -2904,7 +2894,7 @@ int ssl3_send_client_key_exchange(SSL *s
 				goto err;
 				}
 
-			psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
+			psk_len = s->psk_client_callback(s, s->session->psk_identity_hint,
 				identity, PSK_MAX_IDENTITY_LEN,
 				psk_or_pre_ms, sizeof(psk_or_pre_ms));
 			if (psk_len > PSK_MAX_PSK_LEN)
diff -up openssl-1.0.1e/ssl/s3_srvr.c.psk-identity openssl-1.0.1e/ssl/s3_srvr.c
--- openssl-1.0.1e/ssl/s3_srvr.c.psk-identity	2015-12-04 09:01:53.000000000 +0100
+++ openssl-1.0.1e/ssl/s3_srvr.c	2015-12-04 09:43:45.144086868 +0100
@@ -2751,7 +2751,7 @@ int ssl3_get_client_key_exchange(SSL *s)
 
 			if (s->session->psk_identity != NULL)
 				OPENSSL_free(s->session->psk_identity);
-			s->session->psk_identity = BUF_strdup((char *)p);
+			s->session->psk_identity = BUF_strndup((char *)p, i);
 			if (s->session->psk_identity == NULL)
 				{
 				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
openssl package update Signed-off-by: basebuilder_pel7ppc64bebuilder0 <basebuilder@powerel.org> 7 years ago			`diff -up openssl-1.0.1e/ssl/s3_clnt.c.psk-identity openssl-1.0.1e/ssl/s3_clnt.c`
			`--- openssl-1.0.1e/ssl/s3_clnt.c.psk-identity 2015-12-04 09:01:53.000000000 +0100`
			`+++ openssl-1.0.1e/ssl/s3_clnt.c 2015-12-04 09:36:24.182010426 +0100`
			`@@ -1367,8 +1367,6 @@ int ssl3_get_key_exchange(SSL *s)`
			`#ifndef OPENSSL_NO_PSK`
			`if (alg_k & SSL_kPSK)`
			`{`
			`- char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1];`
			`-`
			`al=SSL_AD_HANDSHAKE_FAILURE;`
			`n2s(p,i);`
			`param_len=i+2;`
			`@@ -1389,16 +1387,8 @@ int ssl3_get_key_exchange(SSL *s)`
			`SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);`
			`goto f_err;`
			`}`
			`- /* If received PSK identity hint contains NULL`
			`- * characters, the hint is truncated from the first`
			`- * NULL. p may not be ending with NULL, so create a`
			`- * NULL-terminated string. */`
			`- memcpy(tmp_id_hint, p, i);`
			`- memset(tmp_id_hint+i, 0, PSK_MAX_IDENTITY_LEN+1-i);`
			`- if (s->ctx->psk_identity_hint != NULL)`
			`- OPENSSL_free(s->ctx->psk_identity_hint);`
			`- s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);`
			`- if (s->ctx->psk_identity_hint == NULL)`
			`+ s->session->psk_identity_hint = BUF_strndup((char *)p, i);`
			`+ if (s->session->psk_identity_hint == NULL)`
			`{`
			`SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);`
			`goto f_err;`
			`@@ -2904,7 +2894,7 @@ int ssl3_send_client_key_exchange(SSL *s`
			`goto err;`
			`}`

			`- psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,`
			`+ psk_len = s->psk_client_callback(s, s->session->psk_identity_hint,`
			`identity, PSK_MAX_IDENTITY_LEN,`
			`psk_or_pre_ms, sizeof(psk_or_pre_ms));`
			`if (psk_len > PSK_MAX_PSK_LEN)`
			`diff -up openssl-1.0.1e/ssl/s3_srvr.c.psk-identity openssl-1.0.1e/ssl/s3_srvr.c`
			`--- openssl-1.0.1e/ssl/s3_srvr.c.psk-identity 2015-12-04 09:01:53.000000000 +0100`
			`+++ openssl-1.0.1e/ssl/s3_srvr.c 2015-12-04 09:43:45.144086868 +0100`
			`@@ -2751,7 +2751,7 @@ int ssl3_get_client_key_exchange(SSL *s)`

			`if (s->session->psk_identity != NULL)`
			`OPENSSL_free(s->session->psk_identity);`
			`- s->session->psk_identity = BUF_strdup((char *)p);`
			`+ s->session->psk_identity = BUF_strndup((char *)p, i);`
			`if (s->session->psk_identity == NULL)`
			`{`
			`SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,`