Ensure ssl3_final_finish_mac() returns failure if either the MD5 or SHA1

handshake MAC calculation fails. Currently, the result from both ssl3_handshake_mac() calls is added together. This means that unless both MD5 and SHA1 fail, a positive value will be returned to the caller, indicating success rather than failure. ok deraadt@ miod@ sthen@
author: jsing <> 2014-06-10 11:26:34 +0000
committer: jsing <> 2014-06-10 11:26:34 +0000
commit: 27401a154671ed8905576e4c6e0a9da73f2ac294 (patch)
tree: a4fd1f8ebbb194eedf6b70d53ea5b7a81d76c9c0
parent: a13b202796a212c4c4e553e85d8bad24bbdffe07 (diff)
download: openbsd-27401a154671ed8905576e4c6e0a9da73f2ac294.tar.gz
openbsd-27401a154671ed8905576e4c6e0a9da73f2ac294.tar.bz2
openbsd-27401a154671ed8905576e4c6e0a9da73f2ac294.zip
1 files changed, 10 insertions, 5 deletions
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c
index 8a1758f8b7..dbefad77b2 100644
--- a/src/lib/libssl/src/ssl/s3_enc.c
+++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -625,11 +625,16 @@ ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
 int
 ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p)
 {
-        int ret;
+        int ret_md5, ret_sha1;
-        ret = ssl3_handshake_mac(s, NID_md5, sender, len, p);
-        p += ret;
+        ret_md5 = ssl3_handshake_mac(s, NID_md5, sender, len, p);
-        ret += ssl3_handshake_mac(s, NID_sha1, sender, len, p);
+        if (ret_md5 == 0)
-        return (ret);
+                return 0;
+        p += ret_md5;
+        ret_sha1 = ssl3_handshake_mac(s, NID_sha1, sender, len, p);
+        if (ret_sha1 == 0)
+                return 0;
+        return (ret_md5 + ret_sha1);
 }
 static int
author	jsing <>	2014-06-10 11:26:34 +0000
committer	jsing <>	2014-06-10 11:26:34 +0000
commit	27401a154671ed8905576e4c6e0a9da73f2ac294 (patch)
tree	a4fd1f8ebbb194eedf6b70d53ea5b7a81d76c9c0
parent	a13b202796a212c4c4e553e85d8bad24bbdffe07 (diff)
download	openbsd-27401a154671ed8905576e4c6e0a9da73f2ac294.tar.gz openbsd-27401a154671ed8905576e4c6e0a9da73f2ac294.tar.bz2 openbsd-27401a154671ed8905576e4c6e0a9da73f2ac294.zip

diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c index 8a1758f8b7..dbefad77b2 100644 --- a/src/lib/libssl/src/ssl/s3_enc.c +++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -625,11 +625,16 @@ ssl3_cert_verify_mac(SSL s, int md_nid, unsigned char p)
625	int	625	int
626	ssl3_final_finish_mac(SSL s, const char sender, int len, unsigned char *p)	626	ssl3_final_finish_mac(SSL s, const char sender, int len, unsigned char *p)
627	{	627	{
628	int ret;	628	int ret_md5, ret_sha1;
629	ret = ssl3_handshake_mac(s, NID_md5, sender, len, p);	629
630	p += ret;	630	ret_md5 = ssl3_handshake_mac(s, NID_md5, sender, len, p);
631	ret += ssl3_handshake_mac(s, NID_sha1, sender, len, p);	631	if (ret_md5 == 0)
632	return (ret);	632	return 0;
		633	p += ret_md5;
		634	ret_sha1 = ssl3_handshake_mac(s, NID_sha1, sender, len, p);
		635	if (ret_sha1 == 0)
		636	return 0;
		637	return (ret_md5 + ret_sha1);
633	}	638	}
634		639
635	static int	640	static int