diff options
| author | guenther <> | 2014-07-28 04:23:12 +0000 |
|---|---|---|
| committer | guenther <> | 2014-07-28 04:23:12 +0000 |
| commit | 224cc55e7b0aa21110d14dd564e88e13893a294e (patch) | |
| tree | 51d2af22ad1dd980f4ce9c87fa7c5ea39efd7be6 /src/lib/libssl/d1_srvr.c | |
| parent | 23872c177fa5acf651189cdfcafd44e94da780ef (diff) | |
| download | openbsd-224cc55e7b0aa21110d14dd564e88e13893a294e.tar.gz openbsd-224cc55e7b0aa21110d14dd564e88e13893a294e.tar.bz2 openbsd-224cc55e7b0aa21110d14dd564e88e13893a294e.zip | |
The RSA, DH, and ECDH temporary key callbacks expect the number of keybits
for the key (expressed in RSA key bits, which makes *no sense* for ECDH) as
their second argument, not zero.
(jsing@ notes that the RSA callback is only invoked for 'export' ciphers,
which have been removed from LibreSSL, and for the SSL_OP_EPHEMERAL_RSA
option, which is makes the application non-compliant. More fuel for the
tedu fire...)
jasper@ noted the breakage and bisected it down to the diff that broke this
ok jsing@ miod@
Diffstat (limited to 'src/lib/libssl/d1_srvr.c')
| -rw-r--r-- | src/lib/libssl/d1_srvr.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index ecf4a198b1..6f1d436d18 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_srvr.c,v 1.33 2014/07/12 22:33:39 jsing Exp $ */ | 1 | /* $OpenBSD: d1_srvr.c,v 1.34 2014/07/28 04:23:12 guenther Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -1034,7 +1034,8 @@ dtls1_send_server_key_exchange(SSL *s) | |||
| 1034 | if (type & SSL_kRSA) { | 1034 | if (type & SSL_kRSA) { |
| 1035 | rsa = cert->rsa_tmp; | 1035 | rsa = cert->rsa_tmp; |
| 1036 | if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) { | 1036 | if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) { |
| 1037 | rsa = s->cert->rsa_tmp_cb(s, 0, 0); | 1037 | rsa = s->cert->rsa_tmp_cb(s, 0, |
| 1038 | SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher)); | ||
| 1038 | if (rsa == NULL) { | 1039 | if (rsa == NULL) { |
| 1039 | al = SSL_AD_HANDSHAKE_FAILURE; | 1040 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1040 | SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY); | 1041 | SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY); |
| @@ -1055,7 +1056,8 @@ dtls1_send_server_key_exchange(SSL *s) | |||
| 1055 | if (type & SSL_kDHE) { | 1056 | if (type & SSL_kDHE) { |
| 1056 | dhp = cert->dh_tmp; | 1057 | dhp = cert->dh_tmp; |
| 1057 | if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) | 1058 | if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) |
| 1058 | dhp = s->cert->dh_tmp_cb(s, 0, 0); | 1059 | dhp = s->cert->dh_tmp_cb(s, 0, |
| 1060 | SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher)); | ||
| 1059 | if (dhp == NULL) { | 1061 | if (dhp == NULL) { |
| 1060 | al = SSL_AD_HANDSHAKE_FAILURE; | 1062 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1061 | SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY); | 1063 | SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY); |
| @@ -1099,7 +1101,8 @@ dtls1_send_server_key_exchange(SSL *s) | |||
| 1099 | 1101 | ||
| 1100 | ecdhp = cert->ecdh_tmp; | 1102 | ecdhp = cert->ecdh_tmp; |
| 1101 | if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL) | 1103 | if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL) |
| 1102 | ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0); | 1104 | ecdhp = s->cert->ecdh_tmp_cb(s, 0, |
| 1105 | SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher)); | ||
| 1103 | if (ecdhp == NULL) { | 1106 | if (ecdhp == NULL) { |
| 1104 | al = SSL_AD_HANDSHAKE_FAILURE; | 1107 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1105 | SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_ECDH_KEY); | 1108 | SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_ECDH_KEY); |