MFH: r352928

- Security patch
Security: CVE-2014-0198
Security: http://seclists.org/oss-sec/2014/q2/232
Security: https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321
Obtained from:	OpenBSD

security/openssl/Makefile

@@ -4,7 +4,7 @@
 PORTNAME=	openssl
 PORTVERSION=	1.0.1
 DISTVERSIONSUFFIX=	g
-PORTREVISION=	11
+PORTREVISION=	12
 CATEGORIES=	security devel
 MASTER_SITES=	http://www.openssl.org/%SUBDIR%/ \
 		ftp://ftp.openssl.org/%SUBDIR%/ \

security/openssl/files/patch-ssl-s3_pkt.c

@@ -1,13 +1,22 @@
-Index: crypto/openssl/ssl/s3_pkt.c
-===================================================================
---- ssl/s3_pkt.c	(revision 264309)
-+++ ssl/s3_pkt.c	(working copy)
-@@ -1055,7 +1055,7 @@ start:
-				{
-				s->rstate=SSL_ST_READ_HEADER;
-				rr->off=0;
+--- ssl/s3_pkt.c.orig	2014-03-17 17:14:20.000000000 +0100
++++ ssl/s3_pkt.c	2014-05-03 18:07:28.000000000 +0200
+@@ -657,6 +657,10 @@
+ 		if (i <= 0)
+ 			return(i);
+ 		/* if it went, fall through and send more stuff */
++		/* we may have released our buffer, so get it again */
++		if (wb->buf == NULL)
++			if (!ssl3_setup_write_buffer(s))
++				return -1;
+ 		}
+ 
+ 	if (len == 0 && !create_empty_fragment)
+@@ -1055,7 +1059,7 @@
+ 				{
+ 				s->rstate=SSL_ST_READ_HEADER;
+ 				rr->off=0;
 -				if (s->mode & SSL_MODE_RELEASE_BUFFERS)
 +				if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
-					ssl3_release_read_buffer(s);
-				}
-			}
+ 					ssl3_release_read_buffer(s);
+ 				}
+ 			}