Pull patch from -current:OPENBSD_3_2

SECURITY FIX
Fixed by markus@
security fix from http://www.openssl.org/news/secadv_20030930.txt

ok markus@ deraadt@

5 files changed, 22 insertions, 6 deletions

diff --git a/src/lib/libssl/src/crypto/asn1/asn1_lib.c b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
index 0638870ab7..e30d5dd303 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_lib.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
@@ -104,10 +104,12 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
                         l<<=7L;
                         l|= *(p++)&0x7f;
                         if (--max == 0) goto err;
+                        if (l > (INT_MAX >> 7L)) goto err;
                         }
                 l<<=7L;
                 l|= *(p++)&0x7f;
                 tag=(int)l;
+                if (--max == 0) goto err;
                 }
         else
                 { 
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_dec.c b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
index f87c08793a..666061e2b7 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_dec.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
@@ -691,6 +691,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl
 
 int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
 {
+        ASN1_VALUE **opval = NULL;
         ASN1_STRING *stmp;
         ASN1_TYPE *typ = NULL;
         int ret = 0;
@@ -705,6 +706,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
                         *pval = (ASN1_VALUE *)typ;
                 } else typ = (ASN1_TYPE *)*pval;
                 if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL);
+                opval = pval;
                 pval = (ASN1_VALUE **)&typ->value.ptr;
         }
         switch(utype) {
@@ -796,7 +798,12 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
 
         ret = 1;
         err:
-        if(!ret) ASN1_TYPE_free(typ);
+        if(!ret)
+                {
+                ASN1_TYPE_free(typ);
+                if (opval)
+                        *opval = NULL;
+                }
         return ret;
 }
 
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.c b/src/lib/libssl/src/crypto/x509/x509_vfy.c
index db12f7bd35..372e58a597 100644
--- a/src/lib/libssl/src/crypto/x509/x509_vfy.c
+++ b/src/lib/libssl/src/crypto/x509/x509_vfy.c
@@ -674,7 +674,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
                                 ok=(*cb)(0,ctx);
                                 if (!ok) goto end;
                                 }
-                        if (X509_verify(xs,pkey) <= 0)
+                        else if (X509_verify(xs,pkey) <= 0)
                                 /* XXX  For the final trusted self-signed cert,
                                  * this is a waste of time.  That check should
                                  * optional so that e.g. 'openssl x509' can be
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index 7da9363ef5..1b14954afe 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -1752,6 +1752,7 @@ static int ssl3_send_client_verify(SSL *s)
                 *(d++)=SSL3_MT_CERTIFICATE_VERIFY;
                 l2n3(n,d);
 
+                s->state=SSL3_ST_CW_CERT_VRFY_B;
                 s->init_num=(int)n+4;
                 s->init_off=0;
                 }
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index a2c17f2950..bdf3854dc0 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -425,10 +425,11 @@ int ssl3_accept(SSL *s)
                         if (ret == 2)
                                 s->state = SSL3_ST_SR_CLNT_HELLO_C;
                         else {
-                                /* could be sent for a DH cert, even if we
-                                 * have not asked for it :-) */
-                                ret=ssl3_get_client_certificate(s);
-                                if (ret <= 0) goto end;
+                                if (s->s3->tmp.cert_request)
+                                        {
+                                        ret=ssl3_get_client_certificate(s);
+                                        if (ret <= 0) goto end;
+                                        }
                                 s->init_num=0;
                                 s->state=SSL3_ST_SR_KEY_EXCH_A;
                         }
@@ -838,6 +839,9 @@ static int ssl3_get_client_hello(SSL *s)
                 }
 
         /* TLS does not mind if there is extra stuff */
+#if 0   /* SSL 3.0 does not mind either, so we should disable this test
+         * (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
+         * in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
         if (s->version == SSL3_VERSION)
                 {
                 if (p < (d+n))
@@ -849,6 +853,7 @@ static int ssl3_get_client_hello(SSL *s)
                         goto f_err;
                         }
                 }
+#endif
 
         /* Given s->session->ciphers and SSL_get_ciphers, we must
          * pick a cipher */
@@ -1346,6 +1351,7 @@ static int ssl3_send_certificate_request(SSL *s)
                 s->init_num += 4;
 #endif
 
+                s->state = SSL3_ST_SW_CERT_REQ_B;
                 }
 
         /* SSL3_ST_SW_CERT_REQ_B */