diff options
| author | doug <> | 2015-09-12 16:10:08 +0000 |
|---|---|---|
| committer | doug <> | 2015-09-12 16:10:08 +0000 |
| commit | 56a3e20d1e41c02e4afd069925ec512ebb40b905 (patch) | |
| tree | ecc6c8f80b7c9e9b5057a82b1842ccf8724eb149 | |
| parent | efc74c6a34e219450e0cc4dd809c41889209b98d (diff) | |
| download | openbsd-56a3e20d1e41c02e4afd069925ec512ebb40b905.tar.gz openbsd-56a3e20d1e41c02e4afd069925ec512ebb40b905.tar.bz2 openbsd-56a3e20d1e41c02e4afd069925ec512ebb40b905.zip | |
Remove most of the SSLv3 version checks and a few TLS v1.0.
We can now assume >= TLS v1.0 since SSL2_VERSION, SSL3_VERSION and
DTLS1_BAD_VER support was removed.
"reads ok" miod@
| -rw-r--r-- | src/lib/libssl/d1_clnt.c | 14 | ||||
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 60 | ||||
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 15 | ||||
| -rw-r--r-- | src/lib/libssl/s3_pkt.c | 7 | ||||
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 61 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/d1_clnt.c | 14 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_clnt.c | 60 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_lib.c | 15 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_pkt.c | 7 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_srvr.c | 61 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl_lib.c | 5 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_lib.c | 13 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 5 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 13 |
14 files changed, 114 insertions, 236 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index 4b02fcf3c4..fd26bb5a1e 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_clnt.c,v 1.54 2015/09/12 12:58:15 jsing Exp $ */ | 1 | /* $OpenBSD: d1_clnt.c,v 1.55 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -700,16 +700,8 @@ dtls1_send_client_certificate(SSL *s) | |||
| 700 | if (x509 != NULL) | 700 | if (x509 != NULL) |
| 701 | X509_free(x509); | 701 | X509_free(x509); |
| 702 | EVP_PKEY_free(pkey); | 702 | EVP_PKEY_free(pkey); |
| 703 | if (i == 0) { | 703 | if (i == 0) |
| 704 | if (s->version == SSL3_VERSION) { | 704 | s->s3->tmp.cert_req = 2; |
| 705 | s->s3->tmp.cert_req = 0; | ||
| 706 | ssl3_send_alert(s, SSL3_AL_WARNING, | ||
| 707 | SSL_AD_NO_CERTIFICATE); | ||
| 708 | return (1); | ||
| 709 | } else { | ||
| 710 | s->s3->tmp.cert_req = 2; | ||
| 711 | } | ||
| 712 | } | ||
| 713 | 705 | ||
| 714 | /* Ok, we have a cert */ | 706 | /* Ok, we have a cert */ |
| 715 | s->state = SSL3_ST_CW_CERT_C; | 707 | s->state = SSL3_ST_CW_CERT_C; |
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 12677319cc..2863b7380e 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.130 2015/09/12 12:17:00 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.131 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -795,7 +795,7 @@ ssl3_get_server_hello(SSL *s) | |||
| 795 | * Check if we want to resume the session based on external | 795 | * Check if we want to resume the session based on external |
| 796 | * pre-shared secret | 796 | * pre-shared secret |
| 797 | */ | 797 | */ |
| 798 | if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) { | 798 | if (s->tls_session_secret_cb) { |
| 799 | SSL_CIPHER *pref_cipher = NULL; | 799 | SSL_CIPHER *pref_cipher = NULL; |
| 800 | s->session->master_key_length = sizeof(s->session->master_key); | 800 | s->session->master_key_length = sizeof(s->session->master_key); |
| 801 | if (s->tls_session_secret_cb(s, s->session->master_key, | 801 | if (s->tls_session_secret_cb(s, s->session->master_key, |
| @@ -901,19 +901,14 @@ ssl3_get_server_hello(SSL *s) | |||
| 901 | } | 901 | } |
| 902 | 902 | ||
| 903 | /* TLS extensions*/ | 903 | /* TLS extensions*/ |
| 904 | if (s->version >= SSL3_VERSION) { | 904 | if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) { |
| 905 | if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) { | 905 | /* 'al' set by ssl_parse_serverhello_tlsext */ |
| 906 | /* 'al' set by ssl_parse_serverhello_tlsext */ | 906 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_PARSE_TLSEXT); |
| 907 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, | 907 | goto f_err; |
| 908 | SSL_R_PARSE_TLSEXT); | 908 | } |
| 909 | goto f_err; | 909 | if (ssl_check_serverhello_tlsext(s) <= 0) { |
| 910 | 910 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT); | |
| 911 | } | 911 | goto err; |
| 912 | if (ssl_check_serverhello_tlsext(s) <= 0) { | ||
| 913 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, | ||
| 914 | SSL_R_SERVERHELLO_TLSEXT); | ||
| 915 | goto err; | ||
| 916 | } | ||
| 917 | } | 912 | } |
| 918 | 913 | ||
| 919 | if (p != d + n) | 914 | if (p != d + n) |
| @@ -1538,14 +1533,11 @@ ssl3_get_certificate_request(SSL *s) | |||
| 1538 | } | 1533 | } |
| 1539 | 1534 | ||
| 1540 | /* TLS does not like anon-DH with client cert */ | 1535 | /* TLS does not like anon-DH with client cert */ |
| 1541 | if (s->version > SSL3_VERSION) { | 1536 | if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) { |
| 1542 | if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) { | 1537 | ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); |
| 1543 | ssl3_send_alert(s, SSL3_AL_FATAL, | 1538 | SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, |
| 1544 | SSL_AD_UNEXPECTED_MESSAGE); | 1539 | SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); |
| 1545 | SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, | 1540 | goto err; |
| 1546 | SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); | ||
| 1547 | goto err; | ||
| 1548 | } | ||
| 1549 | } | 1541 | } |
| 1550 | 1542 | ||
| 1551 | if (n < 0) | 1543 | if (n < 0) |
| @@ -1914,8 +1906,8 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 1914 | 1906 | ||
| 1915 | q = p; | 1907 | q = p; |
| 1916 | /* Fix buf for TLS and beyond */ | 1908 | /* Fix buf for TLS and beyond */ |
| 1917 | if (s->version > SSL3_VERSION) | 1909 | p += 2; |
| 1918 | p += 2; | 1910 | |
| 1919 | n = RSA_public_encrypt(sizeof tmp_buf, | 1911 | n = RSA_public_encrypt(sizeof tmp_buf, |
| 1920 | tmp_buf, p, rsa, RSA_PKCS1_PADDING); | 1912 | tmp_buf, p, rsa, RSA_PKCS1_PADDING); |
| 1921 | if (n <= 0) { | 1913 | if (n <= 0) { |
| @@ -1925,10 +1917,8 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 1925 | } | 1917 | } |
| 1926 | 1918 | ||
| 1927 | /* Fix buf for TLS and beyond */ | 1919 | /* Fix buf for TLS and beyond */ |
| 1928 | if (s->version > SSL3_VERSION) { | 1920 | s2n(n, q); |
| 1929 | s2n(n, q); | 1921 | n += 2; |
| 1930 | n += 2; | ||
| 1931 | } | ||
| 1932 | 1922 | ||
| 1933 | s->session->master_key_length = | 1923 | s->session->master_key_length = |
| 1934 | s->method->ssl3_enc->generate_master_secret( | 1924 | s->method->ssl3_enc->generate_master_secret( |
| @@ -2448,16 +2438,8 @@ ssl3_send_client_certificate(SSL *s) | |||
| 2448 | if (x509 != NULL) | 2438 | if (x509 != NULL) |
| 2449 | X509_free(x509); | 2439 | X509_free(x509); |
| 2450 | EVP_PKEY_free(pkey); | 2440 | EVP_PKEY_free(pkey); |
| 2451 | if (i == 0) { | 2441 | if (i == 0) |
| 2452 | if (s->version == SSL3_VERSION) { | 2442 | s->s3->tmp.cert_req = 2; |
| 2453 | s->s3->tmp.cert_req = 0; | ||
| 2454 | ssl3_send_alert(s, SSL3_AL_WARNING, | ||
| 2455 | SSL_AD_NO_CERTIFICATE); | ||
| 2456 | return (1); | ||
| 2457 | } else { | ||
| 2458 | s->s3->tmp.cert_req = 2; | ||
| 2459 | } | ||
| 2460 | } | ||
| 2461 | 2443 | ||
| 2462 | /* Ok, we have a cert */ | 2444 | /* Ok, we have a cert */ |
| 2463 | s->state = SSL3_ST_CW_CERT_C; | 2445 | s->state = SSL3_ST_CW_CERT_C; |
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 912ac8dbdb..ce383bb209 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.105 2015/09/12 15:03:39 jsing Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.106 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2598,7 +2598,7 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) | |||
| 2598 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; | 2598 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; |
| 2599 | 2599 | ||
| 2600 | #ifndef OPENSSL_NO_GOST | 2600 | #ifndef OPENSSL_NO_GOST |
| 2601 | if ((alg_k & SSL_kGOST) && (s->version >= TLS1_VERSION)) { | 2601 | if ((alg_k & SSL_kGOST)) { |
| 2602 | p[ret++] = TLS_CT_GOST94_SIGN; | 2602 | p[ret++] = TLS_CT_GOST94_SIGN; |
| 2603 | p[ret++] = TLS_CT_GOST01_SIGN; | 2603 | p[ret++] = TLS_CT_GOST01_SIGN; |
| 2604 | p[ret++] = TLS_CT_GOST12_256_SIGN; | 2604 | p[ret++] = TLS_CT_GOST12_256_SIGN; |
| @@ -2610,13 +2610,9 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) | |||
| 2610 | p[ret++] = SSL3_CT_RSA_FIXED_DH; | 2610 | p[ret++] = SSL3_CT_RSA_FIXED_DH; |
| 2611 | p[ret++] = SSL3_CT_DSS_FIXED_DH; | 2611 | p[ret++] = SSL3_CT_DSS_FIXED_DH; |
| 2612 | } | 2612 | } |
| 2613 | if (s->version == SSL3_VERSION && (alg_k & SSL_kDHE)) { | ||
| 2614 | p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; | ||
| 2615 | p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; | ||
| 2616 | } | ||
| 2617 | p[ret++] = SSL3_CT_RSA_SIGN; | 2613 | p[ret++] = SSL3_CT_RSA_SIGN; |
| 2618 | p[ret++] = SSL3_CT_DSS_SIGN; | 2614 | p[ret++] = SSL3_CT_DSS_SIGN; |
| 2619 | if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { | 2615 | if ((alg_k & (SSL_kECDHr|SSL_kECDHe))) { |
| 2620 | p[ret++] = TLS_CT_RSA_FIXED_ECDH; | 2616 | p[ret++] = TLS_CT_RSA_FIXED_ECDH; |
| 2621 | p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; | 2617 | p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; |
| 2622 | } | 2618 | } |
| @@ -2625,9 +2621,8 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) | |||
| 2625 | * ECDSA certs can be used with RSA cipher suites as well | 2621 | * ECDSA certs can be used with RSA cipher suites as well |
| 2626 | * so we don't need to check for SSL_kECDH or SSL_kECDHE | 2622 | * so we don't need to check for SSL_kECDH or SSL_kECDHE |
| 2627 | */ | 2623 | */ |
| 2628 | if (s->version >= TLS1_VERSION) { | 2624 | p[ret++] = TLS_CT_ECDSA_SIGN; |
| 2629 | p[ret++] = TLS_CT_ECDSA_SIGN; | 2625 | |
| 2630 | } | ||
| 2631 | return (ret); | 2626 | return (ret); |
| 2632 | } | 2627 | } |
| 2633 | 2628 | ||
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c index 33fee732d1..153b37612f 100644 --- a/src/lib/libssl/s3_pkt.c +++ b/src/lib/libssl/s3_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_pkt.c,v 1.56 2015/07/24 02:39:43 doug Exp $ */ | 1 | /* $OpenBSD: s3_pkt.c,v 1.57 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1074,7 +1074,6 @@ start: | |||
| 1074 | if (s->server && | 1074 | if (s->server && |
| 1075 | SSL_is_init_finished(s) && | 1075 | SSL_is_init_finished(s) && |
| 1076 | !s->s3->send_connection_binding && | 1076 | !s->s3->send_connection_binding && |
| 1077 | (s->version > SSL3_VERSION) && | ||
| 1078 | (s->s3->handshake_fragment_len >= 4) && | 1077 | (s->s3->handshake_fragment_len >= 4) && |
| 1079 | (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && | 1078 | (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && |
| 1080 | (s->session != NULL) && (s->session->cipher != NULL)) { | 1079 | (s->session != NULL) && (s->session->cipher != NULL)) { |
| @@ -1339,10 +1338,6 @@ ssl3_send_alert(SSL *s, int level, int desc) | |||
| 1339 | { | 1338 | { |
| 1340 | /* Map tls/ssl alert value to correct one */ | 1339 | /* Map tls/ssl alert value to correct one */ |
| 1341 | desc = s->method->ssl3_enc->alert_value(desc); | 1340 | desc = s->method->ssl3_enc->alert_value(desc); |
| 1342 | if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) { | ||
| 1343 | /* SSL 3.0 does not have protocol_version alerts */ | ||
| 1344 | desc = SSL_AD_HANDSHAKE_FAILURE; | ||
| 1345 | } | ||
| 1346 | if (desc < 0) | 1341 | if (desc < 0) |
| 1347 | return -1; | 1342 | return -1; |
| 1348 | /* If a fatal one, remove from cache */ | 1343 | /* If a fatal one, remove from cache */ |
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index dbcbc9b709..2fbf063140 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.120 2015/09/12 15:03:39 jsing Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.121 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -942,13 +942,10 @@ ssl3_get_client_hello(SSL *s) | |||
| 942 | } | 942 | } |
| 943 | 943 | ||
| 944 | /* TLS extensions*/ | 944 | /* TLS extensions*/ |
| 945 | if (s->version >= SSL3_VERSION) { | 945 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { |
| 946 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { | 946 | /* 'al' set by ssl_parse_clienthello_tlsext */ |
| 947 | /* 'al' set by ssl_parse_clienthello_tlsext */ | 947 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT); |
| 948 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 948 | goto f_err; |
| 949 | SSL_R_PARSE_TLSEXT); | ||
| 950 | goto f_err; | ||
| 951 | } | ||
| 952 | } | 949 | } |
| 953 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { | 950 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { |
| 954 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 951 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, |
| @@ -964,7 +961,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 964 | */ | 961 | */ |
| 965 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); | 962 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); |
| 966 | 963 | ||
| 967 | if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) { | 964 | if (!s->hit && s->tls_session_secret_cb) { |
| 968 | SSL_CIPHER *pref_cipher = NULL; | 965 | SSL_CIPHER *pref_cipher = NULL; |
| 969 | 966 | ||
| 970 | s->session->master_key_length = sizeof(s->session->master_key); | 967 | s->session->master_key_length = sizeof(s->session->master_key); |
| @@ -1054,12 +1051,9 @@ ssl3_get_client_hello(SSL *s) | |||
| 1054 | */ | 1051 | */ |
| 1055 | 1052 | ||
| 1056 | /* Handles TLS extensions that we couldn't check earlier */ | 1053 | /* Handles TLS extensions that we couldn't check earlier */ |
| 1057 | if (s->version >= SSL3_VERSION) { | 1054 | if (ssl_check_clienthello_tlsext_late(s) <= 0) { |
| 1058 | if (ssl_check_clienthello_tlsext_late(s) <= 0) { | 1055 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); |
| 1059 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 1056 | goto err; |
| 1060 | SSL_R_CLIENTHELLO_TLSEXT); | ||
| 1061 | goto err; | ||
| 1062 | } | ||
| 1063 | } | 1057 | } |
| 1064 | 1058 | ||
| 1065 | if (ret < 0) | 1059 | if (ret < 0) |
| @@ -1646,18 +1640,15 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 1646 | } | 1640 | } |
| 1647 | rsa = pkey->pkey.rsa; | 1641 | rsa = pkey->pkey.rsa; |
| 1648 | 1642 | ||
| 1649 | /* TLS and [incidentally] DTLS{0xFEFF} */ | 1643 | if (2 > n) |
| 1650 | if (s->version > SSL3_VERSION) { | 1644 | goto truncated; |
| 1651 | if (2 > n) | 1645 | n2s(p, i); |
| 1652 | goto truncated; | 1646 | if (n != i + 2) { |
| 1653 | n2s(p, i); | 1647 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |
| 1654 | if (n != i + 2) { | 1648 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); |
| 1655 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1649 | goto err; |
| 1656 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); | 1650 | } else |
| 1657 | goto err; | 1651 | n = i; |
| 1658 | } else | ||
| 1659 | n = i; | ||
| 1660 | } | ||
| 1661 | 1652 | ||
| 1662 | i = RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING); | 1653 | i = RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING); |
| 1663 | 1654 | ||
| @@ -2300,7 +2291,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2300 | * If tls asked for a client cert, | 2291 | * If tls asked for a client cert, |
| 2301 | * the client must return a 0 list. | 2292 | * the client must return a 0 list. |
| 2302 | */ | 2293 | */ |
| 2303 | if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) { | 2294 | if (s->s3->tmp.cert_request) { |
| 2304 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2295 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, |
| 2305 | SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST | 2296 | SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST |
| 2306 | ); | 2297 | ); |
| @@ -2365,15 +2356,11 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2365 | } | 2356 | } |
| 2366 | 2357 | ||
| 2367 | if (sk_X509_num(sk) <= 0) { | 2358 | if (sk_X509_num(sk) <= 0) { |
| 2368 | /* TLS does not mind 0 certs returned */ | 2359 | /* |
| 2369 | if (s->version == SSL3_VERSION) { | 2360 | * TLS does not mind 0 certs returned. |
| 2370 | al = SSL_AD_HANDSHAKE_FAILURE; | 2361 | * Fail for TLS only if we required a certificate. |
| 2371 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2362 | */ |
| 2372 | SSL_R_NO_CERTIFICATES_RETURNED); | 2363 | if ((s->verify_mode & SSL_VERIFY_PEER) && |
| 2373 | goto f_err; | ||
| 2374 | } | ||
| 2375 | /* Fail for TLS only if we required a certificate */ | ||
| 2376 | else if ((s->verify_mode & SSL_VERIFY_PEER) && | ||
| 2377 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { | 2364 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { |
| 2378 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2365 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, |
| 2379 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); | 2366 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); |
diff --git a/src/lib/libssl/src/ssl/d1_clnt.c b/src/lib/libssl/src/ssl/d1_clnt.c index 4b02fcf3c4..fd26bb5a1e 100644 --- a/src/lib/libssl/src/ssl/d1_clnt.c +++ b/src/lib/libssl/src/ssl/d1_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_clnt.c,v 1.54 2015/09/12 12:58:15 jsing Exp $ */ | 1 | /* $OpenBSD: d1_clnt.c,v 1.55 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -700,16 +700,8 @@ dtls1_send_client_certificate(SSL *s) | |||
| 700 | if (x509 != NULL) | 700 | if (x509 != NULL) |
| 701 | X509_free(x509); | 701 | X509_free(x509); |
| 702 | EVP_PKEY_free(pkey); | 702 | EVP_PKEY_free(pkey); |
| 703 | if (i == 0) { | 703 | if (i == 0) |
| 704 | if (s->version == SSL3_VERSION) { | 704 | s->s3->tmp.cert_req = 2; |
| 705 | s->s3->tmp.cert_req = 0; | ||
| 706 | ssl3_send_alert(s, SSL3_AL_WARNING, | ||
| 707 | SSL_AD_NO_CERTIFICATE); | ||
| 708 | return (1); | ||
| 709 | } else { | ||
| 710 | s->s3->tmp.cert_req = 2; | ||
| 711 | } | ||
| 712 | } | ||
| 713 | 705 | ||
| 714 | /* Ok, we have a cert */ | 706 | /* Ok, we have a cert */ |
| 715 | s->state = SSL3_ST_CW_CERT_C; | 707 | s->state = SSL3_ST_CW_CERT_C; |
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index 12677319cc..2863b7380e 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.130 2015/09/12 12:17:00 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.131 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -795,7 +795,7 @@ ssl3_get_server_hello(SSL *s) | |||
| 795 | * Check if we want to resume the session based on external | 795 | * Check if we want to resume the session based on external |
| 796 | * pre-shared secret | 796 | * pre-shared secret |
| 797 | */ | 797 | */ |
| 798 | if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) { | 798 | if (s->tls_session_secret_cb) { |
| 799 | SSL_CIPHER *pref_cipher = NULL; | 799 | SSL_CIPHER *pref_cipher = NULL; |
| 800 | s->session->master_key_length = sizeof(s->session->master_key); | 800 | s->session->master_key_length = sizeof(s->session->master_key); |
| 801 | if (s->tls_session_secret_cb(s, s->session->master_key, | 801 | if (s->tls_session_secret_cb(s, s->session->master_key, |
| @@ -901,19 +901,14 @@ ssl3_get_server_hello(SSL *s) | |||
| 901 | } | 901 | } |
| 902 | 902 | ||
| 903 | /* TLS extensions*/ | 903 | /* TLS extensions*/ |
| 904 | if (s->version >= SSL3_VERSION) { | 904 | if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) { |
| 905 | if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) { | 905 | /* 'al' set by ssl_parse_serverhello_tlsext */ |
| 906 | /* 'al' set by ssl_parse_serverhello_tlsext */ | 906 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_PARSE_TLSEXT); |
| 907 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, | 907 | goto f_err; |
| 908 | SSL_R_PARSE_TLSEXT); | 908 | } |
| 909 | goto f_err; | 909 | if (ssl_check_serverhello_tlsext(s) <= 0) { |
| 910 | 910 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT); | |
| 911 | } | 911 | goto err; |
| 912 | if (ssl_check_serverhello_tlsext(s) <= 0) { | ||
| 913 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, | ||
| 914 | SSL_R_SERVERHELLO_TLSEXT); | ||
| 915 | goto err; | ||
| 916 | } | ||
| 917 | } | 912 | } |
| 918 | 913 | ||
| 919 | if (p != d + n) | 914 | if (p != d + n) |
| @@ -1538,14 +1533,11 @@ ssl3_get_certificate_request(SSL *s) | |||
| 1538 | } | 1533 | } |
| 1539 | 1534 | ||
| 1540 | /* TLS does not like anon-DH with client cert */ | 1535 | /* TLS does not like anon-DH with client cert */ |
| 1541 | if (s->version > SSL3_VERSION) { | 1536 | if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) { |
| 1542 | if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) { | 1537 | ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); |
| 1543 | ssl3_send_alert(s, SSL3_AL_FATAL, | 1538 | SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, |
| 1544 | SSL_AD_UNEXPECTED_MESSAGE); | 1539 | SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); |
| 1545 | SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, | 1540 | goto err; |
| 1546 | SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); | ||
| 1547 | goto err; | ||
| 1548 | } | ||
| 1549 | } | 1541 | } |
| 1550 | 1542 | ||
| 1551 | if (n < 0) | 1543 | if (n < 0) |
| @@ -1914,8 +1906,8 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 1914 | 1906 | ||
| 1915 | q = p; | 1907 | q = p; |
| 1916 | /* Fix buf for TLS and beyond */ | 1908 | /* Fix buf for TLS and beyond */ |
| 1917 | if (s->version > SSL3_VERSION) | 1909 | p += 2; |
| 1918 | p += 2; | 1910 | |
| 1919 | n = RSA_public_encrypt(sizeof tmp_buf, | 1911 | n = RSA_public_encrypt(sizeof tmp_buf, |
| 1920 | tmp_buf, p, rsa, RSA_PKCS1_PADDING); | 1912 | tmp_buf, p, rsa, RSA_PKCS1_PADDING); |
| 1921 | if (n <= 0) { | 1913 | if (n <= 0) { |
| @@ -1925,10 +1917,8 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 1925 | } | 1917 | } |
| 1926 | 1918 | ||
| 1927 | /* Fix buf for TLS and beyond */ | 1919 | /* Fix buf for TLS and beyond */ |
| 1928 | if (s->version > SSL3_VERSION) { | 1920 | s2n(n, q); |
| 1929 | s2n(n, q); | 1921 | n += 2; |
| 1930 | n += 2; | ||
| 1931 | } | ||
| 1932 | 1922 | ||
| 1933 | s->session->master_key_length = | 1923 | s->session->master_key_length = |
| 1934 | s->method->ssl3_enc->generate_master_secret( | 1924 | s->method->ssl3_enc->generate_master_secret( |
| @@ -2448,16 +2438,8 @@ ssl3_send_client_certificate(SSL *s) | |||
| 2448 | if (x509 != NULL) | 2438 | if (x509 != NULL) |
| 2449 | X509_free(x509); | 2439 | X509_free(x509); |
| 2450 | EVP_PKEY_free(pkey); | 2440 | EVP_PKEY_free(pkey); |
| 2451 | if (i == 0) { | 2441 | if (i == 0) |
| 2452 | if (s->version == SSL3_VERSION) { | 2442 | s->s3->tmp.cert_req = 2; |
| 2453 | s->s3->tmp.cert_req = 0; | ||
| 2454 | ssl3_send_alert(s, SSL3_AL_WARNING, | ||
| 2455 | SSL_AD_NO_CERTIFICATE); | ||
| 2456 | return (1); | ||
| 2457 | } else { | ||
| 2458 | s->s3->tmp.cert_req = 2; | ||
| 2459 | } | ||
| 2460 | } | ||
| 2461 | 2443 | ||
| 2462 | /* Ok, we have a cert */ | 2444 | /* Ok, we have a cert */ |
| 2463 | s->state = SSL3_ST_CW_CERT_C; | 2445 | s->state = SSL3_ST_CW_CERT_C; |
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c index 912ac8dbdb..ce383bb209 100644 --- a/src/lib/libssl/src/ssl/s3_lib.c +++ b/src/lib/libssl/src/ssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.105 2015/09/12 15:03:39 jsing Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.106 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2598,7 +2598,7 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) | |||
| 2598 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; | 2598 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; |
| 2599 | 2599 | ||
| 2600 | #ifndef OPENSSL_NO_GOST | 2600 | #ifndef OPENSSL_NO_GOST |
| 2601 | if ((alg_k & SSL_kGOST) && (s->version >= TLS1_VERSION)) { | 2601 | if ((alg_k & SSL_kGOST)) { |
| 2602 | p[ret++] = TLS_CT_GOST94_SIGN; | 2602 | p[ret++] = TLS_CT_GOST94_SIGN; |
| 2603 | p[ret++] = TLS_CT_GOST01_SIGN; | 2603 | p[ret++] = TLS_CT_GOST01_SIGN; |
| 2604 | p[ret++] = TLS_CT_GOST12_256_SIGN; | 2604 | p[ret++] = TLS_CT_GOST12_256_SIGN; |
| @@ -2610,13 +2610,9 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) | |||
| 2610 | p[ret++] = SSL3_CT_RSA_FIXED_DH; | 2610 | p[ret++] = SSL3_CT_RSA_FIXED_DH; |
| 2611 | p[ret++] = SSL3_CT_DSS_FIXED_DH; | 2611 | p[ret++] = SSL3_CT_DSS_FIXED_DH; |
| 2612 | } | 2612 | } |
| 2613 | if (s->version == SSL3_VERSION && (alg_k & SSL_kDHE)) { | ||
| 2614 | p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; | ||
| 2615 | p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; | ||
| 2616 | } | ||
| 2617 | p[ret++] = SSL3_CT_RSA_SIGN; | 2613 | p[ret++] = SSL3_CT_RSA_SIGN; |
| 2618 | p[ret++] = SSL3_CT_DSS_SIGN; | 2614 | p[ret++] = SSL3_CT_DSS_SIGN; |
| 2619 | if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { | 2615 | if ((alg_k & (SSL_kECDHr|SSL_kECDHe))) { |
| 2620 | p[ret++] = TLS_CT_RSA_FIXED_ECDH; | 2616 | p[ret++] = TLS_CT_RSA_FIXED_ECDH; |
| 2621 | p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; | 2617 | p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; |
| 2622 | } | 2618 | } |
| @@ -2625,9 +2621,8 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) | |||
| 2625 | * ECDSA certs can be used with RSA cipher suites as well | 2621 | * ECDSA certs can be used with RSA cipher suites as well |
| 2626 | * so we don't need to check for SSL_kECDH or SSL_kECDHE | 2622 | * so we don't need to check for SSL_kECDH or SSL_kECDHE |
| 2627 | */ | 2623 | */ |
| 2628 | if (s->version >= TLS1_VERSION) { | 2624 | p[ret++] = TLS_CT_ECDSA_SIGN; |
| 2629 | p[ret++] = TLS_CT_ECDSA_SIGN; | 2625 | |
| 2630 | } | ||
| 2631 | return (ret); | 2626 | return (ret); |
| 2632 | } | 2627 | } |
| 2633 | 2628 | ||
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c index 33fee732d1..153b37612f 100644 --- a/src/lib/libssl/src/ssl/s3_pkt.c +++ b/src/lib/libssl/src/ssl/s3_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_pkt.c,v 1.56 2015/07/24 02:39:43 doug Exp $ */ | 1 | /* $OpenBSD: s3_pkt.c,v 1.57 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1074,7 +1074,6 @@ start: | |||
| 1074 | if (s->server && | 1074 | if (s->server && |
| 1075 | SSL_is_init_finished(s) && | 1075 | SSL_is_init_finished(s) && |
| 1076 | !s->s3->send_connection_binding && | 1076 | !s->s3->send_connection_binding && |
| 1077 | (s->version > SSL3_VERSION) && | ||
| 1078 | (s->s3->handshake_fragment_len >= 4) && | 1077 | (s->s3->handshake_fragment_len >= 4) && |
| 1079 | (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && | 1078 | (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && |
| 1080 | (s->session != NULL) && (s->session->cipher != NULL)) { | 1079 | (s->session != NULL) && (s->session->cipher != NULL)) { |
| @@ -1339,10 +1338,6 @@ ssl3_send_alert(SSL *s, int level, int desc) | |||
| 1339 | { | 1338 | { |
| 1340 | /* Map tls/ssl alert value to correct one */ | 1339 | /* Map tls/ssl alert value to correct one */ |
| 1341 | desc = s->method->ssl3_enc->alert_value(desc); | 1340 | desc = s->method->ssl3_enc->alert_value(desc); |
| 1342 | if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) { | ||
| 1343 | /* SSL 3.0 does not have protocol_version alerts */ | ||
| 1344 | desc = SSL_AD_HANDSHAKE_FAILURE; | ||
| 1345 | } | ||
| 1346 | if (desc < 0) | 1341 | if (desc < 0) |
| 1347 | return -1; | 1342 | return -1; |
| 1348 | /* If a fatal one, remove from cache */ | 1343 | /* If a fatal one, remove from cache */ |
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c index dbcbc9b709..2fbf063140 100644 --- a/src/lib/libssl/src/ssl/s3_srvr.c +++ b/src/lib/libssl/src/ssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.120 2015/09/12 15:03:39 jsing Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.121 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -942,13 +942,10 @@ ssl3_get_client_hello(SSL *s) | |||
| 942 | } | 942 | } |
| 943 | 943 | ||
| 944 | /* TLS extensions*/ | 944 | /* TLS extensions*/ |
| 945 | if (s->version >= SSL3_VERSION) { | 945 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { |
| 946 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { | 946 | /* 'al' set by ssl_parse_clienthello_tlsext */ |
| 947 | /* 'al' set by ssl_parse_clienthello_tlsext */ | 947 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT); |
| 948 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 948 | goto f_err; |
| 949 | SSL_R_PARSE_TLSEXT); | ||
| 950 | goto f_err; | ||
| 951 | } | ||
| 952 | } | 949 | } |
| 953 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { | 950 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { |
| 954 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 951 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, |
| @@ -964,7 +961,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 964 | */ | 961 | */ |
| 965 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); | 962 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); |
| 966 | 963 | ||
| 967 | if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) { | 964 | if (!s->hit && s->tls_session_secret_cb) { |
| 968 | SSL_CIPHER *pref_cipher = NULL; | 965 | SSL_CIPHER *pref_cipher = NULL; |
| 969 | 966 | ||
| 970 | s->session->master_key_length = sizeof(s->session->master_key); | 967 | s->session->master_key_length = sizeof(s->session->master_key); |
| @@ -1054,12 +1051,9 @@ ssl3_get_client_hello(SSL *s) | |||
| 1054 | */ | 1051 | */ |
| 1055 | 1052 | ||
| 1056 | /* Handles TLS extensions that we couldn't check earlier */ | 1053 | /* Handles TLS extensions that we couldn't check earlier */ |
| 1057 | if (s->version >= SSL3_VERSION) { | 1054 | if (ssl_check_clienthello_tlsext_late(s) <= 0) { |
| 1058 | if (ssl_check_clienthello_tlsext_late(s) <= 0) { | 1055 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); |
| 1059 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 1056 | goto err; |
| 1060 | SSL_R_CLIENTHELLO_TLSEXT); | ||
| 1061 | goto err; | ||
| 1062 | } | ||
| 1063 | } | 1057 | } |
| 1064 | 1058 | ||
| 1065 | if (ret < 0) | 1059 | if (ret < 0) |
| @@ -1646,18 +1640,15 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 1646 | } | 1640 | } |
| 1647 | rsa = pkey->pkey.rsa; | 1641 | rsa = pkey->pkey.rsa; |
| 1648 | 1642 | ||
| 1649 | /* TLS and [incidentally] DTLS{0xFEFF} */ | 1643 | if (2 > n) |
| 1650 | if (s->version > SSL3_VERSION) { | 1644 | goto truncated; |
| 1651 | if (2 > n) | 1645 | n2s(p, i); |
| 1652 | goto truncated; | 1646 | if (n != i + 2) { |
| 1653 | n2s(p, i); | 1647 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |
| 1654 | if (n != i + 2) { | 1648 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); |
| 1655 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1649 | goto err; |
| 1656 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); | 1650 | } else |
| 1657 | goto err; | 1651 | n = i; |
| 1658 | } else | ||
| 1659 | n = i; | ||
| 1660 | } | ||
| 1661 | 1652 | ||
| 1662 | i = RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING); | 1653 | i = RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING); |
| 1663 | 1654 | ||
| @@ -2300,7 +2291,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2300 | * If tls asked for a client cert, | 2291 | * If tls asked for a client cert, |
| 2301 | * the client must return a 0 list. | 2292 | * the client must return a 0 list. |
| 2302 | */ | 2293 | */ |
| 2303 | if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) { | 2294 | if (s->s3->tmp.cert_request) { |
| 2304 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2295 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, |
| 2305 | SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST | 2296 | SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST |
| 2306 | ); | 2297 | ); |
| @@ -2365,15 +2356,11 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2365 | } | 2356 | } |
| 2366 | 2357 | ||
| 2367 | if (sk_X509_num(sk) <= 0) { | 2358 | if (sk_X509_num(sk) <= 0) { |
| 2368 | /* TLS does not mind 0 certs returned */ | 2359 | /* |
| 2369 | if (s->version == SSL3_VERSION) { | 2360 | * TLS does not mind 0 certs returned. |
| 2370 | al = SSL_AD_HANDSHAKE_FAILURE; | 2361 | * Fail for TLS only if we required a certificate. |
| 2371 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2362 | */ |
| 2372 | SSL_R_NO_CERTIFICATES_RETURNED); | 2363 | if ((s->verify_mode & SSL_VERIFY_PEER) && |
| 2373 | goto f_err; | ||
| 2374 | } | ||
| 2375 | /* Fail for TLS only if we required a certificate */ | ||
| 2376 | else if ((s->verify_mode & SSL_VERIFY_PEER) && | ||
| 2377 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { | 2364 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { |
| 2378 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2365 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, |
| 2379 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); | 2366 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); |
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c index fe73046366..660ff99e27 100644 --- a/src/lib/libssl/src/ssl/ssl_lib.c +++ b/src/lib/libssl/src/ssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.110 2015/09/11 17:35:36 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.111 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1731,9 +1731,6 @@ SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, | |||
| 1731 | const char *label, size_t llen, const unsigned char *p, size_t plen, | 1731 | const char *label, size_t llen, const unsigned char *p, size_t plen, |
| 1732 | int use_context) | 1732 | int use_context) |
| 1733 | { | 1733 | { |
| 1734 | if (s->version < TLS1_VERSION) | ||
| 1735 | return (-1); | ||
| 1736 | |||
| 1737 | return (s->method->ssl3_enc->export_keying_material(s, out, olen, | 1734 | return (s->method->ssl3_enc->export_keying_material(s, out, olen, |
| 1738 | label, llen, p, plen, use_context)); | 1735 | label, llen, p, plen, use_context)); |
| 1739 | } | 1736 | } |
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c index fc54fe1e6d..f3522a02be 100644 --- a/src/lib/libssl/src/ssl/t1_lib.c +++ b/src/lib/libssl/src/ssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.84 2015/09/01 13:38:27 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.85 2015/09/12 16:10:08 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -659,11 +659,6 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 659 | } | 659 | } |
| 660 | } | 660 | } |
| 661 | 661 | ||
| 662 | /* don't add extensions for SSLv3 unless doing secure renegotiation */ | ||
| 663 | if (s->client_version == SSL3_VERSION && | ||
| 664 | !s->s3->send_connection_binding) | ||
| 665 | return p; | ||
| 666 | |||
| 667 | ret += 2; | 662 | ret += 2; |
| 668 | 663 | ||
| 669 | if (ret >= limit) | 664 | if (ret >= limit) |
| @@ -973,10 +968,6 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 973 | alg_a & SSL_aECDSA) && | 968 | alg_a & SSL_aECDSA) && |
| 974 | s->session->tlsext_ecpointformatlist != NULL; | 969 | s->session->tlsext_ecpointformatlist != NULL; |
| 975 | 970 | ||
| 976 | /* don't add extensions for SSLv3, unless doing secure renegotiation */ | ||
| 977 | if (s->version == SSL3_VERSION && !s->s3->send_connection_binding) | ||
| 978 | return p; | ||
| 979 | |||
| 980 | ret += 2; | 971 | ret += 2; |
| 981 | if (ret >= limit) | 972 | if (ret >= limit) |
| 982 | return NULL; /* this really never occurs, but ... */ | 973 | return NULL; /* this really never occurs, but ... */ |
| @@ -2048,7 +2039,7 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2048 | */ | 2039 | */ |
| 2049 | if (SSL_get_options(s) & SSL_OP_NO_TICKET) | 2040 | if (SSL_get_options(s) & SSL_OP_NO_TICKET) |
| 2050 | return 0; | 2041 | return 0; |
| 2051 | if (s->version <= SSL3_VERSION || !limit) | 2042 | if (!limit) |
| 2052 | return 0; | 2043 | return 0; |
| 2053 | 2044 | ||
| 2054 | if (limit < session) | 2045 | if (limit < session) |
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index fe73046366..660ff99e27 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.110 2015/09/11 17:35:36 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.111 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1731,9 +1731,6 @@ SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, | |||
| 1731 | const char *label, size_t llen, const unsigned char *p, size_t plen, | 1731 | const char *label, size_t llen, const unsigned char *p, size_t plen, |
| 1732 | int use_context) | 1732 | int use_context) |
| 1733 | { | 1733 | { |
| 1734 | if (s->version < TLS1_VERSION) | ||
| 1735 | return (-1); | ||
| 1736 | |||
| 1737 | return (s->method->ssl3_enc->export_keying_material(s, out, olen, | 1734 | return (s->method->ssl3_enc->export_keying_material(s, out, olen, |
| 1738 | label, llen, p, plen, use_context)); | 1735 | label, llen, p, plen, use_context)); |
| 1739 | } | 1736 | } |
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index fc54fe1e6d..f3522a02be 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.84 2015/09/01 13:38:27 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.85 2015/09/12 16:10:08 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -659,11 +659,6 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 659 | } | 659 | } |
| 660 | } | 660 | } |
| 661 | 661 | ||
| 662 | /* don't add extensions for SSLv3 unless doing secure renegotiation */ | ||
| 663 | if (s->client_version == SSL3_VERSION && | ||
| 664 | !s->s3->send_connection_binding) | ||
| 665 | return p; | ||
| 666 | |||
| 667 | ret += 2; | 662 | ret += 2; |
| 668 | 663 | ||
| 669 | if (ret >= limit) | 664 | if (ret >= limit) |
| @@ -973,10 +968,6 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 973 | alg_a & SSL_aECDSA) && | 968 | alg_a & SSL_aECDSA) && |
| 974 | s->session->tlsext_ecpointformatlist != NULL; | 969 | s->session->tlsext_ecpointformatlist != NULL; |
| 975 | 970 | ||
| 976 | /* don't add extensions for SSLv3, unless doing secure renegotiation */ | ||
| 977 | if (s->version == SSL3_VERSION && !s->s3->send_connection_binding) | ||
| 978 | return p; | ||
| 979 | |||
| 980 | ret += 2; | 971 | ret += 2; |
| 981 | if (ret >= limit) | 972 | if (ret >= limit) |
| 982 | return NULL; /* this really never occurs, but ... */ | 973 | return NULL; /* this really never occurs, but ... */ |
| @@ -2048,7 +2039,7 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2048 | */ | 2039 | */ |
| 2049 | if (SSL_get_options(s) & SSL_OP_NO_TICKET) | 2040 | if (SSL_get_options(s) & SSL_OP_NO_TICKET) |
| 2050 | return 0; | 2041 | return 0; |
| 2051 | if (s->version <= SSL3_VERSION || !limit) | 2042 | if (!limit) |
| 2052 | return 0; | 2043 | return 0; |
| 2053 | 2044 | ||
| 2054 | if (limit < session) | 2045 | if (limit < session) |