Prevent SLOTH attacks

commit: 6eb6e1bdc3ae45104f33642c6e1fd271dc543a84 [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Tue Oct 25 10:50:22 2016 +0100
committer: Janos Follath <janos.follath@arm.com> Tue Oct 25 10:50:22 2016 +0100
tree: 662d9ce6db0b1565b8dad518f6f94469525d3267
parent: 1a6a15c795922f05bd2ea17addf27eddcd256a15 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 84a04ae..ee3cadb 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -7644,8 +7644,7 @@
 #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
 #if defined(MBEDTLS_MD5_C)
         case MBEDTLS_SSL_HASH_MD5:
-            ssl->handshake->calc_verify = ssl_calc_verify_tls;
-            break;
+            return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
 #endif
 #if defined(MBEDTLS_SHA1_C)
         case MBEDTLS_SSL_HASH_SHA1:
commit	6eb6e1bdc3ae45104f33642c6e1fd271dc543a84	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Tue Oct 25 10:50:22 2016 +0100
committer	Janos Follath <janos.follath@arm.com>	Tue Oct 25 10:50:22 2016 +0100
tree	662d9ce6db0b1565b8dad518f6f94469525d3267
parent	1a6a15c795922f05bd2ea17addf27eddcd256a15 [diff] [blame]