diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-08-08 11:24:25 +0100 |
|---|---|---|
| committer | Janusz Kozerski <j.kozerski@samsung.com> | 2014-10-20 15:25:34 +0200 |
| commit | d5bfb4d5ec4ef9f7a8159fe034239a96819cc543 (patch) | |
| tree | af19b8a2c72c477e63bab1331c4dd874f12a8f42 | |
| parent | 2728a859336194c8737fc84486df3c95105a70c4 (diff) | |
| download | openssl-d5bfb4d5ec4ef9f7a8159fe034239a96819cc543.tar.gz openssl-d5bfb4d5ec4ef9f7a8159fe034239a96819cc543.tar.bz2 openssl-d5bfb4d5ec4ef9f7a8159fe034239a96819cc543.zip | |
Fix SRP authentication ciphersuites.
The addition of SRP authentication needs to be checked in various places
to work properly. Specifically:
A certificate is not sent.
A certificate request must not be sent.
Server key exchange message must not contain a signature.
If appropriate SRP authentication ciphersuites should be chosen.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 8f5a8805b82d1ae81168b11b7f1506db9e047dec)
Conflicts:
ssl/s3_clnt.c
ssl/s3_lib.c
| -rw-r--r-- | ssl/s3_clnt.c | 8 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 11 |
2 files changed, 10 insertions, 9 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index ea0c82d..2ceaa1e 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -326,9 +326,9 @@ int ssl3_connect(SSL *s) break; } #endif - /* Check if it is anon DH/ECDH */ + /* Check if it is anon DH/ECDH, SRP auth */ /* or PSK */ - if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) && + if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aSRP)) && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) { ret=ssl3_get_server_certificate(s); @@ -1835,8 +1835,8 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); } else { - if (!(alg_a & SSL_aNULL) && !(alg_k & SSL_kPSK)) - /* aNULL or kPSK do not need public keys */ + /* aNULL, aSRP or kPSK do not need public keys */ + if (!(alg_a & (SSL_aNULL|SSL_aSRP)) && !(alg_k & SSL_kPSK)) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR); goto err; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 2867501..c907f2b 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -410,9 +410,8 @@ int ssl3_accept(SSL *s) case SSL3_ST_SW_CERT_B: /* Check if it is anon DH or anon ECDH, */ /* normal PSK or KRB5 or SRP */ - if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) - && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK) - && !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)) + if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aKRB5|SSL_aSRP)) + && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) { ret=ssl3_send_server_certificate(s); if (ret <= 0) goto end; @@ -515,7 +514,9 @@ int ssl3_accept(SSL *s) * (against the specs, but s3_clnt.c accepts this for SSL 3) */ !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) || /* never request cert in Kerberos ciphersuites */ - (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) + (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) || + /* don't request certificate for SRP auth */ + (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP) /* With normal PSK Certificates and * Certificate Requests are omitted */ || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) @@ -1846,7 +1847,7 @@ int ssl3_send_server_key_exchange(SSL *s) n+=2+nr[i]; } - if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) + if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aSRP)) && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) { if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher,&md)) |