diff options
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/Makefile | 69 | ||||
| -rw-r--r-- | ssl/d1_both.c | 70 | ||||
| -rw-r--r-- | ssl/kssl.c | 2 | ||||
| -rw-r--r-- | ssl/kssl.h | 2 | ||||
| -rw-r--r-- | ssl/kssl_lcl.h | 2 | ||||
| -rw-r--r-- | ssl/s2_lib.c | 6 | ||||
| -rw-r--r-- | ssl/s2_srvr.c | 20 | ||||
| -rw-r--r-- | ssl/s3_clnt.c | 63 | ||||
| -rw-r--r-- | ssl/s3_lib.c | 73 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 25 | ||||
| -rw-r--r-- | ssl/ssl.h | 5 | ||||
| -rw-r--r-- | ssl/ssl_conf.c | 10 | ||||
| -rw-r--r-- | ssl/ssl_err.c | 1 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 17 | ||||
| -rw-r--r-- | ssl/ssl_sess.c | 3 | ||||
| -rw-r--r-- | ssl/sslv2conftest.c | 231 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 2 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 22 |
18 files changed, 481 insertions, 142 deletions
diff --git a/ssl/Makefile b/ssl/Makefile index 7b90fb0..b6dee5b 100644 --- a/ssl/Makefile +++ b/ssl/Makefile @@ -15,7 +15,7 @@ KRB5_INCLUDES= CFLAGS= $(INCLUDES) $(CFLAG) GENERAL=Makefile README ssl-lib.com install.com -TEST=ssltest.c heartbeat_test.c clienthellotest.c +TEST=ssltest.c heartbeat_test.c clienthellotest.c sslv2conftest.c APPS= LIB=$(TOP)/libssl.a @@ -399,14 +399,14 @@ s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h -s2_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h -s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h +s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h +s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h +s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_clnt.c +s2_clnt.o: ssl_locl.h s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -435,18 +435,18 @@ s2_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h s2_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h -s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s2_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s2_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h -s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h -s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h -s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h +s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s2_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h +s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s2_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h +s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h +s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h +s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h +s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_lib.c +s2_lib.o: ssl_locl.h s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -487,20 +487,19 @@ s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c s2_pkt.o: ssl_locl.h -s2_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h -s2_srvr.o: ../include/openssl/bio.h ../include/openssl/buffer.h -s2_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h -s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h -s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -s2_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -s2_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h -s2_srvr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h -s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s2_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s2_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h +s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h +s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h +s2_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h +s2_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +s2_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h +s2_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h +s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h s2_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h diff --git a/ssl/d1_both.c b/ssl/d1_both.c index c2c8d57..d1fc716 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -295,8 +295,44 @@ int dtls1_do_write(SSL *s, int type) blocksize = 0; frag_off = 0; + s->rwstate = SSL_NOTHING; + /* s->init_num shouldn't ever be < 0...but just in case */ while (s->init_num > 0) { + if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) { + /* We must be writing a fragment other than the first one */ + + if (frag_off > 0) { + /* This is the first attempt at writing out this fragment */ + + if (s->init_off <= DTLS1_HM_HEADER_LENGTH) { + /* + * Each fragment that was already sent must at least have + * contained the message header plus one other byte. + * Therefore |init_off| must have progressed by at least + * |DTLS1_HM_HEADER_LENGTH + 1| bytes. If not something went + * wrong. + */ + return -1; + } + + /* + * Adjust |init_off| and |init_num| to allow room for a new + * message header for this fragment. + */ + s->init_off -= DTLS1_HM_HEADER_LENGTH; + s->init_num += DTLS1_HM_HEADER_LENGTH; + } else { + /* + * We must have been called again after a retry so use the + * fragment offset from our last attempt. We do not need + * to adjust |init_off| and |init_num| as above, because + * that should already have been done before the retry. + */ + frag_off = s->d1->w_msg_hdr.frag_off; + } + } + used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH + mac_size + blocksize; if (s->d1->mtu > used_len) @@ -309,8 +345,10 @@ int dtls1_do_write(SSL *s, int type) * grr.. we could get an error if MTU picked was wrong */ ret = BIO_flush(SSL_get_wbio(s)); - if (ret <= 0) + if (ret <= 0) { + s->rwstate = SSL_WRITING; return ret; + } used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize; if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) { curr_mtu = s->d1->mtu - used_len; @@ -336,25 +374,6 @@ int dtls1_do_write(SSL *s, int type) * XDTLS: this function is too long. split out the CCS part */ if (type == SSL3_RT_HANDSHAKE) { - if (s->init_off != 0) { - OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH); - s->init_off -= DTLS1_HM_HEADER_LENGTH; - s->init_num += DTLS1_HM_HEADER_LENGTH; - - /* - * We just checked that s->init_num > 0 so this cast should - * be safe - */ - if (((unsigned int)s->init_num) > curr_mtu) - len = curr_mtu; - else - len = s->init_num; - } - - /* Shouldn't ever happen */ - if (len > INT_MAX) - len = INT_MAX; - if (len < DTLS1_HM_HEADER_LENGTH) { /* * len is so small that we really can't do anything sensible @@ -442,7 +461,16 @@ int dtls1_do_write(SSL *s, int type) } s->init_off += ret; s->init_num -= ret; - frag_off += (ret -= DTLS1_HM_HEADER_LENGTH); + ret -= DTLS1_HM_HEADER_LENGTH; + frag_off += ret; + + /* + * We save the fragment offset for the next fragment so we have it + * available in case of an IO retry. We don't know the length of the + * next fragment yet so just set that to 0 for now. It will be + * updated again later. + */ + dtls1_fix_message_header(s, frag_off, 0); } } return (0); @@ -1,4 +1,4 @@ -/* ssl/kssl.c -*- mode: C; c-file-style: "eay" -*- */ +/* ssl/kssl.c */ /* * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project * 2000. @@ -1,4 +1,4 @@ -/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */ +/* ssl/kssl.h */ /* * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project * 2000. project 2000. diff --git a/ssl/kssl_lcl.h b/ssl/kssl_lcl.h index 46dcef2..8e6a6d6 100644 --- a/ssl/kssl_lcl.h +++ b/ssl/kssl_lcl.h @@ -1,4 +1,4 @@ -/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */ +/* ssl/kssl.h */ /* * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project * 2000. project 2000. diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index d55b93f..a8036b3 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -156,6 +156,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { 128, }, +# if 0 /* RC4_128_EXPORT40_WITH_MD5 */ { 1, @@ -171,6 +172,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { 40, 128, }, +# endif /* RC2_128_CBC_WITH_MD5 */ { @@ -188,6 +190,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { 128, }, +# if 0 /* RC2_128_CBC_EXPORT40_WITH_MD5 */ { 1, @@ -203,6 +206,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { 40, 128, }, +# endif # ifndef OPENSSL_NO_IDEA /* IDEA_128_CBC_WITH_MD5 */ @@ -222,6 +226,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { }, # endif +# if 0 /* DES_64_CBC_WITH_MD5 */ { 1, @@ -237,6 +242,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = { 56, 56, }, +# endif /* DES_192_EDE3_CBC_WITH_MD5 */ { diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 4289272..07e9df8 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -402,7 +402,7 @@ static int get_client_master_key(SSL *s) } cp = ssl2_get_cipher_by_char(p); - if (cp == NULL) { + if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) { ssl2_return_error(s, SSL2_PE_NO_CIPHER); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); return (-1); @@ -598,6 +598,11 @@ static int get_client_hello(SSL *s) s->s2->tmp.cipher_spec_length = i; n2s(p, i); s->s2->tmp.session_id_length = i; + if ((i < 0) || (i > SSL_MAX_SSL_SESSION_ID_LENGTH)) { + ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); + SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); + return -1; + } n2s(p, i); s->s2->challenge_length = i; if ((i < SSL2_MIN_CHALLENGE_LENGTH) || @@ -687,8 +692,12 @@ static int get_client_hello(SSL *s) prio = cs; allow = cl; } + + /* Generate list of SSLv2 ciphers shared between client and server */ for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) { - if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) { + const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z); + if ((cp->algorithm_ssl & SSL_SSLV2) == 0 || + sk_SSL_CIPHER_find(allow, cp) < 0) { (void)sk_SSL_CIPHER_delete(prio, z); z--; } @@ -697,6 +706,13 @@ static int get_client_hello(SSL *s) sk_SSL_CIPHER_free(s->session->ciphers); s->session->ciphers = prio; } + + /* Make sure we have at least one cipher in common */ + if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) { + ssl2_return_error(s, SSL2_PE_NO_CIPHER); + SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); + return -1; + } /* * s->session->ciphers should now have a list of ciphers that are on * both the client and server. This list is ordered by the order the diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index bc5254c..04cc9f5 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -2350,37 +2350,44 @@ int ssl3_get_cert_status(SSL *s) n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_STATUS_A, SSL3_ST_CR_CERT_STATUS_B, - SSL3_MT_CERTIFICATE_STATUS, 16384, &ok); + -1, 16384, &ok); if (!ok) return ((int)n); - if (n < 4) { - /* need at least status type + length */ - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH); - goto f_err; - } - p = (unsigned char *)s->init_msg; - if (*p++ != TLSEXT_STATUSTYPE_ocsp) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE); - goto f_err; - } - n2l3(p, resplen); - if (resplen + 4 != n) { - al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH); - goto f_err; - } - if (s->tlsext_ocsp_resp) - OPENSSL_free(s->tlsext_ocsp_resp); - s->tlsext_ocsp_resp = BUF_memdup(p, resplen); - if (!s->tlsext_ocsp_resp) { - al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE); - goto f_err; + + if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_STATUS) { + /* + * The CertificateStatus message is optional even if + * tlsext_status_expected is set + */ + s->s3->tmp.reuse_message = 1; + } else { + if (n < 4) { + /* need at least status type + length */ + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH); + goto f_err; + } + p = (unsigned char *)s->init_msg; + if (*p++ != TLSEXT_STATUSTYPE_ocsp) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE); + goto f_err; + } + n2l3(p, resplen); + if (resplen + 4 != n) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH); + goto f_err; + } + s->tlsext_ocsp_resp = BUF_memdup(p, resplen); + if (s->tlsext_ocsp_resp == NULL) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE); + goto f_err; + } + s->tlsext_ocsp_resplen = resplen; } - s->tlsext_ocsp_resplen = resplen; if (s->ctx->tlsext_status_cb) { int ret; ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg); @@ -3603,7 +3610,7 @@ int ssl3_check_cert_and_algorithm(SSL *s) DH_free(dh_srvr); } - if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 768) + if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 1024) || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) { SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL); goto f_err; diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 64793d6..4aac3b2 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -198,6 +198,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { }, /* Cipher 03 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_RSA_RC4_40_MD5, @@ -212,6 +213,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 128, }, +#endif /* Cipher 04 */ { @@ -246,6 +248,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { }, /* Cipher 06 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_RSA_RC2_40_MD5, @@ -260,6 +263,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 128, }, +#endif /* Cipher 07 */ #ifndef OPENSSL_NO_IDEA @@ -280,6 +284,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { #endif /* Cipher 08 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_RSA_DES_40_CBC_SHA, @@ -294,8 +299,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 56, }, +#endif /* Cipher 09 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_RSA_DES_64_CBC_SHA, @@ -310,6 +317,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +#endif /* Cipher 0A */ { @@ -329,6 +337,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { /* The DH ciphers */ /* Cipher 0B */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 0, SSL3_TXT_DH_DSS_DES_40_CBC_SHA, @@ -343,8 +352,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 56, }, +#endif /* Cipher 0C */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_DH_DSS_DES_64_CBC_SHA, @@ -359,6 +370,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +#endif /* Cipher 0D */ { @@ -377,6 +389,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { }, /* Cipher 0E */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 0, SSL3_TXT_DH_RSA_DES_40_CBC_SHA, @@ -391,8 +404,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 56, }, +#endif /* Cipher 0F */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_DH_RSA_DES_64_CBC_SHA, @@ -407,6 +422,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +#endif /* Cipher 10 */ { @@ -426,6 +442,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { /* The Ephemeral DH ciphers */ /* Cipher 11 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, @@ -440,8 +457,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 56, }, +#endif /* Cipher 12 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, @@ -456,6 +475,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +#endif /* Cipher 13 */ { @@ -474,6 +494,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { }, /* Cipher 14 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, @@ -488,8 +509,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 56, }, +#endif /* Cipher 15 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, @@ -504,6 +527,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +#endif /* Cipher 16 */ { @@ -522,6 +546,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { }, /* Cipher 17 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_ADH_RC4_40_MD5, @@ -536,6 +561,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 128, }, +#endif /* Cipher 18 */ { @@ -554,6 +580,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { }, /* Cipher 19 */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_ADH_DES_40_CBC_SHA, @@ -568,8 +595,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 128, }, +#endif /* Cipher 1A */ +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_ADH_DES_64_CBC_SHA, @@ -584,6 +613,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +#endif /* Cipher 1B */ { @@ -655,6 +685,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { #ifndef OPENSSL_NO_KRB5 /* The Kerberos ciphers*/ /* Cipher 1E */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_KRB5_DES_64_CBC_SHA, @@ -669,6 +700,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +# endif /* Cipher 1F */ { @@ -719,6 +751,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { }, /* Cipher 22 */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_KRB5_DES_64_CBC_MD5, @@ -733,6 +766,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +# endif /* Cipher 23 */ { @@ -783,6 +817,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { }, /* Cipher 26 */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_KRB5_DES_40_CBC_SHA, @@ -797,8 +832,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 56, }, +# endif /* Cipher 27 */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_KRB5_RC2_40_CBC_SHA, @@ -813,8 +850,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 128, }, +# endif /* Cipher 28 */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_KRB5_RC4_40_SHA, @@ -829,8 +868,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 128, }, +# endif /* Cipher 29 */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_KRB5_DES_40_CBC_MD5, @@ -845,8 +886,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 56, }, +# endif /* Cipher 2A */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_KRB5_RC2_40_CBC_MD5, @@ -861,8 +904,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 128, }, +# endif /* Cipher 2B */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, SSL3_TXT_KRB5_RC4_40_MD5, @@ -877,6 +922,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 40, 128, }, +# endif #endif /* OPENSSL_NO_KRB5 */ /* New AES ciphersuites */ @@ -1300,6 +1346,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { # endif /* Cipher 62 */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, @@ -1314,8 +1361,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +# endif /* Cipher 63 */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, @@ -1330,8 +1379,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 56, }, +# endif /* Cipher 64 */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, @@ -1346,8 +1397,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 128, }, +# endif /* Cipher 65 */ +# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, @@ -1362,6 +1415,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 56, 128, }, +# endif /* Cipher 66 */ { @@ -3206,13 +3260,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); return (ret); } - if (!(s->options & SSL_OP_SINGLE_DH_USE)) { - if (!DH_generate_key(dh)) { - DH_free(dh); - SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); - return (ret); - } - } if (s->cert->dh_tmp != NULL) DH_free(s->cert->dh_tmp); s->cert->dh_tmp = dh; @@ -3263,6 +3310,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) #ifndef OPENSSL_NO_TLSEXT case SSL_CTRL_SET_TLSEXT_HOSTNAME: if (larg == TLSEXT_NAMETYPE_host_name) { + size_t len; + if (s->tlsext_hostname != NULL) OPENSSL_free(s->tlsext_hostname); s->tlsext_hostname = NULL; @@ -3270,7 +3319,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) ret = 1; if (parg == NULL) break; - if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) { + len = strlen((char *)parg); + if (len == 0 || len > TLSEXT_MAXLEN_host_name) { SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); return 0; } @@ -3710,13 +3760,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); return 0; } - if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) { - if (!DH_generate_key(new)) { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); - DH_free(new); - return 0; - } - } if (cert->dh_tmp != NULL) DH_free(cert->dh_tmp); cert->dh_tmp = new; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index ee83105..ab28702 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* ssl/s3_srvr.c -*- mode:C; c-file-style: "eay" -*- */ +/* ssl/s3_srvr.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1004,6 +1004,12 @@ int ssl3_get_client_hello(SSL *s) goto f_err; } + if ((j < 0) || (j > SSL_MAX_SSL_SESSION_ID_LENGTH)) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); + goto f_err; + } + s->hit = 0; /* * Versions before 0.9.7 always allow clients to resume sessions in @@ -1681,20 +1687,9 @@ int ssl3_send_server_key_exchange(SSL *s) } s->s3->tmp.dh = dh; - if ((dhp->pub_key == NULL || - dhp->priv_key == NULL || - (s->options & SSL_OP_SINGLE_DH_USE))) { - if (!DH_generate_key(dh)) { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); - goto err; - } - } else { - dh->pub_key = BN_dup(dhp->pub_key); - dh->priv_key = BN_dup(dhp->priv_key); - if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); - goto err; - } + if (!DH_generate_key(dh)) { + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); + goto err; } r[0] = dh->p; r[1] = dh->g; @@ -625,7 +625,7 @@ struct ssl_session_st { # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L /* If set, always create a new key when using tmp_ecdh parameters */ # define SSL_OP_SINGLE_ECDH_USE 0x00080000L -/* If set, always create a new key when using tmp_dh parameters */ +/* Does nothing: retained for compatibility */ # define SSL_OP_SINGLE_DH_USE 0x00100000L /* Does nothing: retained for compatibiity */ # define SSL_OP_EPHEMERAL_RSA 0x0 @@ -2092,7 +2092,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) # define SSL_CTX_set1_sigalgs_list(ctx, s) \ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s) # define SSL_set1_sigalgs(ctx, slist, slistlen) \ - SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,clistlen,(int *)slist) + SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist) # define SSL_set1_sigalgs_list(ctx, s) \ SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s) # define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \ @@ -3056,6 +3056,7 @@ void ERR_load_SSL_strings(void); # define SSL_R_SERVERHELLO_TLSEXT 275 # define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 # define SSL_R_SHORT_READ 219 +# define SSL_R_SHUTDOWN_WHILE_IN_INIT 407 # define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360 # define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 # define SSL_R_SRP_A_CALC 361 diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 5478840..8d3709d 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -330,11 +330,19 @@ static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value) SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1), SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2) }; + int ret; + int sslv2off; + if (!(cctx->flags & SSL_CONF_FLAG_FILE)) return -2; cctx->tbl = ssl_protocol_list; cctx->ntbl = sizeof(ssl_protocol_list) / sizeof(ssl_flag_tbl); - return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); + + sslv2off = *cctx->poptions & SSL_OP_NO_SSLv2; + ret = CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); + /* Never turn on SSLv2 through configuration */ + *cctx->poptions |= sslv2off; + return ret; } static int cmd_Options(SSL_CONF_CTX *cctx, const char *value) diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 6d1366f..704088d 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -647,6 +647,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED), "session id context uninitialized"}, {ERR_REASON(SSL_R_SHORT_READ), "short read"}, + {ERR_REASON(SSL_R_SHUTDOWN_WHILE_IN_INIT), "shutdown while in init"}, {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR), "signature algorithms error"}, {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE), diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index f2071db..f1279bb 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1060,10 +1060,12 @@ int SSL_shutdown(SSL *s) return -1; } - if ((s != NULL) && !SSL_in_init(s)) - return (s->method->ssl_shutdown(s)); - else - return (1); + if (!SSL_in_init(s)) { + return s->method->ssl_shutdown(s); + } else { + SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_SHUTDOWN_WHILE_IN_INIT); + return -1; + } } int SSL_renegotiate(SSL *s) @@ -2052,6 +2054,13 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) */ ret->options |= SSL_OP_LEGACY_SERVER_CONNECT; + /* + * Disable SSLv2 by default, callers that want to enable SSLv2 will have to + * explicitly clear this option via either of SSL_CTX_clear_options() or + * SSL_clear_options(). + */ + ret->options |= SSL_OP_NO_SSLv2; + return (ret); err: SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE); diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 68390d3..b182998 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -573,9 +573,6 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, int r; #endif - if (len < 0 || len > SSL_MAX_SSL_SESSION_ID_LENGTH) - goto err; - if (session_id + len > limit) { fatal = 1; goto err; diff --git a/ssl/sslv2conftest.c b/ssl/sslv2conftest.c new file mode 100644 index 0000000..1fd748b --- /dev/null +++ b/ssl/sslv2conftest.c @@ -0,0 +1,231 @@ +/* Written by Matt Caswell for the OpenSSL Project */ +/* ==================================================================== + * Copyright (c) 2016 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include <stdlib.h> +#include <openssl/bio.h> +#include <openssl/ssl.h> +#include <openssl/err.h> + + +#define TOTAL_NUM_TESTS 2 +#define TEST_SSL_CTX 0 + +#define SSLV2ON 1 +#define SSLV2OFF 0 + +SSL_CONF_CTX *confctx; +SSL_CTX *ctx; +SSL *ssl; + +static int checksslv2(int test, int sslv2) +{ + int options; + if (test == TEST_SSL_CTX) { + options = SSL_CTX_get_options(ctx); + } else { + options = SSL_get_options(ssl); + } + return ((options & SSL_OP_NO_SSLv2) == 0) ^ (sslv2 == SSLV2OFF); +} + +int main(int argc, char *argv[]) +{ + BIO *err; + int testresult = 0; + int currtest; + + SSL_library_init(); + SSL_load_error_strings(); + + err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); + + CRYPTO_malloc_debug_init(); + CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + + + confctx = SSL_CONF_CTX_new(); + ctx = SSL_CTX_new(SSLv23_method()); + ssl = SSL_new(ctx); + if (confctx == NULL || ctx == NULL) + goto end; + + SSL_CONF_CTX_set_flags(confctx, SSL_CONF_FLAG_FILE + | SSL_CONF_FLAG_CLIENT + | SSL_CONF_FLAG_SERVER); + + /* + * For each test set up an SSL_CTX and SSL and see whether SSLv2 is enabled + * as expected after various SSL_CONF_cmd("Protocol", ...) calls. + */ + for (currtest = 0; currtest < TOTAL_NUM_TESTS; currtest++) { + BIO_printf(err, "SSLv2 CONF Test number %d\n", currtest); + if (currtest == TEST_SSL_CTX) + SSL_CONF_CTX_set_ssl_ctx(confctx, ctx); + else + SSL_CONF_CTX_set_ssl(confctx, ssl); + + /* SSLv2 should be off by default */ + if (!checksslv2(currtest, SSLV2OFF)) { + BIO_printf(err, "SSLv2 CONF Test: Off by default test FAIL\n"); + goto end; + } + + if (SSL_CONF_cmd(confctx, "Protocol", "ALL") != 2 + || !SSL_CONF_CTX_finish(confctx)) { + BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n"); + goto end; + } + + /* Should still be off even after ALL Protocols on */ + if (!checksslv2(currtest, SSLV2OFF)) { + BIO_printf(err, "SSLv2 CONF Test: Off after config #1 FAIL\n"); + goto end; + } + + if (SSL_CONF_cmd(confctx, "Protocol", "SSLv2") != 2 + || !SSL_CONF_CTX_finish(confctx)) { + BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n"); + goto end; + } + + /* Should still be off even if explicitly asked for */ + if (!checksslv2(currtest, SSLV2OFF)) { + BIO_printf(err, "SSLv2 CONF Test: Off after config #2 FAIL\n"); + goto end; + } + + if (SSL_CONF_cmd(confctx, "Protocol", "-SSLv2") != 2 + || !SSL_CONF_CTX_finish(confctx)) { + BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n");; + goto end; + } + + if (!checksslv2(currtest, SSLV2OFF)) { + BIO_printf(err, "SSLv2 CONF Test: Off after config #3 FAIL\n"); + goto end; + } + + if (currtest == TEST_SSL_CTX) + SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); + else + SSL_clear_options(ssl, SSL_OP_NO_SSLv2); + + if (!checksslv2(currtest, SSLV2ON)) { + BIO_printf(err, "SSLv2 CONF Test: On after clear FAIL\n"); + goto end; + } + + if (SSL_CONF_cmd(confctx, "Protocol", "ALL") != 2 + || !SSL_CONF_CTX_finish(confctx)) { + BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n"); + goto end; + } + + /* Option has been cleared and config says have SSLv2 so should be on */ + if (!checksslv2(currtest, SSLV2ON)) { + BIO_printf(err, "SSLv2 CONF Test: On after config #1 FAIL\n"); + goto end; + } + + if (SSL_CONF_cmd(confctx, "Protocol", "SSLv2") != 2 + || !SSL_CONF_CTX_finish(confctx)) { + BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n"); + goto end; + } + + /* Option has been cleared and config says have SSLv2 so should be on */ + if (!checksslv2(currtest, SSLV2ON)) { + BIO_printf(err, "SSLv2 CONF Test: On after config #2 FAIL\n"); + goto end; + } + + if (SSL_CONF_cmd(confctx, "Protocol", "-SSLv2") != 2 + || !SSL_CONF_CTX_finish(confctx)) { + BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n"); + goto end; + } + + /* Option has been cleared but config says no SSLv2 so should be off */ + if (!checksslv2(currtest, SSLV2OFF)) { + BIO_printf(err, "SSLv2 CONF Test: Off after config #4 FAIL\n"); + goto end; + } + + } + + testresult = 1; + + end: + SSL_free(ssl); + SSL_CTX_free(ctx); + SSL_CONF_CTX_free(confctx); + + if (!testresult) { + printf("SSLv2 CONF test: FAILED (Test %d)\n", currtest); + ERR_print_errors(err); + } else { + printf("SSLv2 CONF test: PASSED\n"); + } + + ERR_free_strings(); + ERR_remove_thread_state(NULL); + EVP_cleanup(); + CRYPTO_cleanup_all_ex_data(); + CRYPTO_mem_leaks(err); + BIO_free(err); + + return testresult ? EXIT_SUCCESS : EXIT_FAILURE; +} diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index f46544b..514fcb3 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -1155,7 +1155,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, so = s->s3->server_opaque_prf_input; /* * must be same as col (see - * draft-resc-00.txts-opaque-prf-input-00.txt, section 3.1) + * draft-rescorla-tls-opaque-prf-input-00.txt, section 3.1) */ sol = s->s3->client_opaque_prf_input_len; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 3176d1e..d9ba99d 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3157,22 +3157,20 @@ int ssl_check_serverhello_tlsext(SSL *s) } # endif + OPENSSL_free(s->tlsext_ocsp_resp); + s->tlsext_ocsp_resp = NULL; + s->tlsext_ocsp_resplen = -1; /* * If we've requested certificate status and we wont get one tell the * callback */ if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected) - && s->ctx && s->ctx->tlsext_status_cb) { + && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) { int r; /* - * Set resp to NULL, resplen to -1 so callback knows there is no - * response. + * Call callback with resp == NULL and resplen == -1 so callback + * knows there is no response */ - if (s->tlsext_ocsp_resp) { - OPENSSL_free(s->tlsext_ocsp_resp); - s->tlsext_ocsp_resp = NULL; - } - s->tlsext_ocsp_resplen = -1; r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg); if (r == 0) { al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; @@ -3583,7 +3581,7 @@ static int tls12_get_pkey_idx(unsigned char sig_alg) static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid, int *psignhash_nid, const unsigned char *data) { - int sign_nid = 0, hash_nid = 0; + int sign_nid = NID_undef, hash_nid = NID_undef; if (!phash_nid && !psign_nid && !psignhash_nid) return; if (phash_nid || psignhash_nid) { @@ -3599,9 +3597,9 @@ static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid, *psign_nid = sign_nid; } if (psignhash_nid) { - if (sign_nid && hash_nid) - OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, sign_nid); - else + if (sign_nid == NID_undef || hash_nid == NID_undef + || OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, + sign_nid) <= 0) *psignhash_nid = NID_undef; } } |