diff options
| author | jca <> | 2014-02-27 21:04:57 +0000 |
|---|---|---|
| committer | jca <> | 2014-02-27 21:04:57 +0000 |
| commit | 3b6d92e82b1421b811bcdec7f7fdfb31eeef18de (patch) | |
| tree | 40e788c732b30794928787a09a2b41e34c4772bb /src/lib/libssl/t1_enc.c | |
| parent | 76214748f84ef8bbc3833462e40ef29a1e84a02c (diff) | |
| download | openbsd-3b6d92e82b1421b811bcdec7f7fdfb31eeef18de.tar.gz openbsd-3b6d92e82b1421b811bcdec7f7fdfb31eeef18de.tar.bz2 openbsd-3b6d92e82b1421b811bcdec7f7fdfb31eeef18de.zip | |
SECURITY fixes backported from openssl-1.0.1f. ok mikeb@
CVE-2013-4353 NULL pointer dereference with crafted Next Protocol
Negotiation record in TLS handshake.
Upstream: 197e0ea
CVE-2013-6449 Fix crash with crafted traffic from a TLS 1.2 client.
Upstream: ca98926, 0294b2b
CVE-2013-6450 Fix DTLS retransmission from previous session.
Upstream: 3462896
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 28 |
1 files changed, 17 insertions, 11 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 448eef274f..638405ec39 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -414,15 +414,20 @@ int tls1_change_cipher_state(SSL *s, int which) | |||
| 414 | s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; | 414 | s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; |
| 415 | else | 415 | else |
| 416 | s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; | 416 | s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; |
| 417 | if (s->enc_write_ctx != NULL) | 417 | if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s)) |
| 418 | reuse_dd = 1; | 418 | reuse_dd = 1; |
| 419 | else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL) | 419 | else if ((s->enc_write_ctx=EVP_CIPHER_CTX_new()) == NULL) |
| 420 | goto err; | 420 | goto err; |
| 421 | else | ||
| 422 | /* make sure it's intialized in case we exit later with an error */ | ||
| 423 | EVP_CIPHER_CTX_init(s->enc_write_ctx); | ||
| 424 | dd= s->enc_write_ctx; | 421 | dd= s->enc_write_ctx; |
| 425 | mac_ctx = ssl_replace_hash(&s->write_hash,NULL); | 422 | if (SSL_IS_DTLS(s)) |
| 423 | { | ||
| 424 | mac_ctx = EVP_MD_CTX_create(); | ||
| 425 | if (!mac_ctx) | ||
| 426 | goto err; | ||
| 427 | s->write_hash = mac_ctx; | ||
| 428 | } | ||
| 429 | else | ||
| 430 | mac_ctx = ssl_replace_hash(&s->write_hash,NULL); | ||
| 426 | #ifndef OPENSSL_NO_COMP | 431 | #ifndef OPENSSL_NO_COMP |
| 427 | if (s->compress != NULL) | 432 | if (s->compress != NULL) |
| 428 | { | 433 | { |
| @@ -915,18 +920,19 @@ int tls1_final_finish_mac(SSL *s, | |||
| 915 | if (mask & ssl_get_algorithm2(s)) | 920 | if (mask & ssl_get_algorithm2(s)) |
| 916 | { | 921 | { |
| 917 | int hashsize = EVP_MD_size(md); | 922 | int hashsize = EVP_MD_size(md); |
| 918 | if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf))) | 923 | EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx]; |
| 924 | if (!hdgst || hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf))) | ||
| 919 | { | 925 | { |
| 920 | /* internal error: 'buf' is too small for this cipersuite! */ | 926 | /* internal error: 'buf' is too small for this cipersuite! */ |
| 921 | err = 1; | 927 | err = 1; |
| 922 | } | 928 | } |
| 923 | else | 929 | else |
| 924 | { | 930 | { |
| 925 | EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]); | 931 | if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) || |
| 926 | EVP_DigestFinal_ex(&ctx,q,&i); | 932 | !EVP_DigestFinal_ex(&ctx,q,&i) || |
| 927 | if (i != (unsigned int)hashsize) /* can't really happen */ | 933 | (i != (unsigned int)hashsize)) |
| 928 | err = 1; | 934 | err = 1; |
| 929 | q+=i; | 935 | q+=hashsize; |
| 930 | } | 936 | } |
| 931 | } | 937 | } |
| 932 | } | 938 | } |