aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/openssl/ssl/s3_srvr.c
diff options
context:
space:
mode:
authorColin Percival <cperciva@FreeBSD.org>2006-09-28 13:06:23 +0000
committerColin Percival <cperciva@FreeBSD.org>2006-09-28 13:06:23 +0000
commit30a6ffb3330a4ce39d12906a7dda5c4d9ed91dc3 (patch)
treedd781c2038cbc6db2809f44aae4144784fa53814 /crypto/openssl/ssl/s3_srvr.c
parentb55396780782c474e291f8557a14c033f4c6941d (diff)
downloadsrc-30a6ffb3330a4ce39d12906a7dda5c4d9ed91dc3.tar.gz
src-30a6ffb3330a4ce39d12906a7dda5c4d9ed91dc3.zip
Correct multiple vulnerabilities in crypto(3).
Limit the size of public keys used in order to protect applications from a denial of service via insane key sizes. Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva)
Notes
Notes: svn path=/releng/4.11/; revision=162724
Diffstat (limited to 'crypto/openssl/ssl/s3_srvr.c')
-rw-r--r--crypto/openssl/ssl/s3_srvr.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/s3_srvr.c b/crypto/openssl/ssl/s3_srvr.c
index deb3cffabeb5..1a261cc7bb8b 100644
--- a/crypto/openssl/ssl/s3_srvr.c
+++ b/crypto/openssl/ssl/s3_srvr.c
@@ -1722,7 +1722,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
if (kssl_ctx->client_princ)
{
- int len = strlen(kssl_ctx->client_princ);
+ size_t len = strlen(kssl_ctx->client_princ);
if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH )
{
s->session->krb5_client_princ_len = len;