commit bb564e0fb498c9c2feb5bdde0cd1d4d4ef65e72d
author Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Thu Sep 03 10:44:32 2015 +0200
committer Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Thu Sep 03 10:44:32 2015 +0200
tree b7172185e6623d566dca27ec04cfba56d5680d35
parent b0282eaf141ce1695f7c45a0193cb2d29dfa48d1

Fix possible client crash on API misuse

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 7f46cbb..f603cff 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1602,6 +1602,12 @@
 
     ssl->handshake->pmslen = 48;
 
+    if( ssl->session_negotiate->peer_cert == NULL )
+    {
+        SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+        return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
     /*
      * Now write it out, encrypted
      */
@@ -1699,6 +1705,12 @@
     int ret;
     const ecp_keypair *peer_key;
 
+    if( ssl->session_negotiate->peer_cert == NULL )
+    {
+        SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+        return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
     if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk,
                      POLARSSL_PK_ECKEY ) )
     {
@@ -2012,6 +2024,12 @@
         SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
                 (unsigned int) ( md_info_from_type( md_alg ) )->size );
 
+        if( ssl->session_negotiate->peer_cert == NULL )
+        {
+            SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+            return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
+        }
+
         /*
          * Verify signature
          */