Fix possible client crash on API misuse

commit: fa566e354549ab76bc3bd9bea0c06b259668ef59 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Thu Sep 03 10:44:32 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Thu Sep 03 11:01:37 2015 +0200
tree: 3735561a80dcc2e3297048e394cd81a0da890a76
parent: aa4e55bd230e0db31756c1260f090ecfdc89e14c [diff] [blame]
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index db9e179..f4b1c4d 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -693,6 +693,12 @@
         return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
     }
 
+    if( ssl->session_negotiate->peer_cert == NULL )
+    {
+        SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+        return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
     SSL_DEBUG_BUF( 3,   "server key exchange", ssl->in_msg + 4, ssl->in_hslen - 4 );
 
     /*
@@ -1119,6 +1125,12 @@
         /*
          * RSA key exchange -- send rsa_public(pkcs1 v1.5(premaster))
          */
+        if( ssl->session_negotiate->peer_cert == NULL )
+        {
+            SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+            return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
+        }
+
         ssl->handshake->premaster[0] = (unsigned char) ssl->max_major_ver;
         ssl->handshake->premaster[1] = (unsigned char) ssl->max_minor_ver;
         ssl->handshake->pmslen = 48;
commit	fa566e354549ab76bc3bd9bea0c06b259668ef59	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Thu Sep 03 10:44:32 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Thu Sep 03 11:01:37 2015 +0200
tree	3735561a80dcc2e3297048e394cd81a0da890a76
parent	aa4e55bd230e0db31756c1260f090ecfdc89e14c [diff] [blame]