summaryrefslogtreecommitdiff
path: root/src/lib/libssl
diff options
context:
space:
mode:
authordjm <>2009-01-09 12:14:11 +0000
committerdjm <>2009-01-09 12:14:11 +0000
commita0fdc9ec41594852f67ec77dfad9cb06bacc4186 (patch)
treec43f6b3a4d93ad2cb3dcf93275295679d895a033 /src/lib/libssl
parent5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80 (diff)
downloadopenbsd-a0fdc9ec41594852f67ec77dfad9cb06bacc4186.tar.gz
openbsd-a0fdc9ec41594852f67ec77dfad9cb06bacc4186.tar.bz2
openbsd-a0fdc9ec41594852f67ec77dfad9cb06bacc4186.zip
import openssl-0.9.8j
Diffstat (limited to 'src/lib/libssl')
-rw-r--r--src/lib/libssl/d1_clnt.c3
-rw-r--r--src/lib/libssl/d1_enc.c19
-rw-r--r--src/lib/libssl/d1_lib.c1
-rw-r--r--src/lib/libssl/d1_pkt.c22
-rw-r--r--src/lib/libssl/d1_srvr.c6
-rw-r--r--src/lib/libssl/dtls1.h7
-rw-r--r--src/lib/libssl/s23_clnt.c16
-rw-r--r--src/lib/libssl/s23_srvr.c9
-rw-r--r--src/lib/libssl/s3_clnt.c52
-rw-r--r--src/lib/libssl/s3_lib.c40
-rw-r--r--src/lib/libssl/s3_pkt.c16
-rw-r--r--src/lib/libssl/s3_srvr.c42
-rw-r--r--src/lib/libssl/ssl.h16
-rw-r--r--src/lib/libssl/ssl_asn1.c2
-rw-r--r--src/lib/libssl/ssl_ciph.c13
-rw-r--r--src/lib/libssl/ssl_err.c5
-rw-r--r--src/lib/libssl/ssl_lib.c36
-rw-r--r--src/lib/libssl/ssl_locl.h8
-rw-r--r--src/lib/libssl/ssl_sess.c22
-rw-r--r--src/lib/libssl/t1_enc.c42
-rw-r--r--src/lib/libssl/t1_lib.c14
-rw-r--r--src/lib/libssl/test/CAss.cnf2
-rw-r--r--src/lib/libssl/test/Uss.cnf2
23 files changed, 299 insertions, 96 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 5e59dc845a..49c6760d19 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1095,8 +1095,7 @@ int dtls1_send_client_certificate(SSL *s)
1095 * ssl->rwstate=SSL_X509_LOOKUP; return(-1); 1095 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
1096 * We then get retied later */ 1096 * We then get retied later */
1097 i=0; 1097 i=0;
1098 if (s->ctx->client_cert_cb != NULL) 1098 i = ssl_do_client_cert_cb(s, &x509, &pkey);
1099 i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
1100 if (i < 0) 1099 if (i < 0)
1101 { 1100 {
1102 s->rwstate=SSL_X509_LOOKUP; 1101 s->rwstate=SSL_X509_LOOKUP;
diff --git a/src/lib/libssl/d1_enc.c b/src/lib/libssl/d1_enc.c
index cbff7495c5..cf3332e4e4 100644
--- a/src/lib/libssl/d1_enc.c
+++ b/src/lib/libssl/d1_enc.c
@@ -115,12 +115,16 @@
115 115
116#include <stdio.h> 116#include <stdio.h>
117#include "ssl_locl.h" 117#include "ssl_locl.h"
118#ifndef OPENSSL_NO_COMP
118#include <openssl/comp.h> 119#include <openssl/comp.h>
120#endif
119#include <openssl/evp.h> 121#include <openssl/evp.h>
120#include <openssl/hmac.h> 122#include <openssl/hmac.h>
121#include <openssl/md5.h> 123#include <openssl/md5.h>
122#include <openssl/rand.h> 124#include <openssl/rand.h>
123 125#ifdef KSSL_DEBUG
126#include <openssl/des.h>
127#endif
124 128
125int dtls1_enc(SSL *s, int send) 129int dtls1_enc(SSL *s, int send)
126 { 130 {
@@ -202,10 +206,11 @@ int dtls1_enc(SSL *s, int send)
202 { 206 {
203 unsigned long ui; 207 unsigned long ui;
204 printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n", 208 printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
205 ds,rec->data,rec->input,l); 209 (void *)ds,rec->data,rec->input,l);
206 printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n", 210 printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%ld %ld], %d iv_len\n",
207 ds->buf_len, ds->cipher->key_len, 211 ds->buf_len, ds->cipher->key_len,
208 DES_KEY_SZ, DES_SCHEDULE_SZ, 212 (unsigned long)DES_KEY_SZ,
213 (unsigned long)DES_SCHEDULE_SZ,
209 ds->cipher->iv_len); 214 ds->cipher->iv_len);
210 printf("\t\tIV: "); 215 printf("\t\tIV: ");
211 for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); 216 for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
@@ -230,10 +235,10 @@ int dtls1_enc(SSL *s, int send)
230 235
231#ifdef KSSL_DEBUG 236#ifdef KSSL_DEBUG
232 { 237 {
233 unsigned long i; 238 unsigned long ki;
234 printf("\trec->data="); 239 printf("\trec->data=");
235 for (i=0; i<l; i++) 240 for (ki=0; ki<l; ki++)
236 printf(" %02x", rec->data[i]); printf("\n"); 241 printf(" %02x", rec->data[ki]); printf("\n");
237 } 242 }
238#endif /* KSSL_DEBUG */ 243#endif /* KSSL_DEBUG */
239 244
diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c
index fc088b4148..3568e97a87 100644
--- a/src/lib/libssl/d1_lib.c
+++ b/src/lib/libssl/d1_lib.c
@@ -106,6 +106,7 @@ int dtls1_new(SSL *s)
106 pq_64bit_init(&(d1->bitmap.map)); 106 pq_64bit_init(&(d1->bitmap.map));
107 pq_64bit_init(&(d1->bitmap.max_seq_num)); 107 pq_64bit_init(&(d1->bitmap.max_seq_num));
108 108
109 d1->next_bitmap.length = d1->bitmap.length;
109 pq_64bit_init(&(d1->next_bitmap.map)); 110 pq_64bit_init(&(d1->next_bitmap.map));
110 pq_64bit_init(&(d1->next_bitmap.max_seq_num)); 111 pq_64bit_init(&(d1->next_bitmap.max_seq_num));
111 112
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 377696deac..eb56cf987b 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -597,6 +597,7 @@ again:
597 /* check whether this is a repeat, or aged record */ 597 /* check whether this is a repeat, or aged record */
598 if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num))) 598 if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
599 { 599 {
600 rr->length = 0;
600 s->packet_length=0; /* dump this record */ 601 s->packet_length=0; /* dump this record */
601 goto again; /* get another record */ 602 goto again; /* get another record */
602 } 603 }
@@ -811,6 +812,14 @@ start:
811 * may be fragmented--don't always expect dest_maxlen bytes */ 812 * may be fragmented--don't always expect dest_maxlen bytes */
812 if ( rr->length < dest_maxlen) 813 if ( rr->length < dest_maxlen)
813 { 814 {
815#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
816 /*
817 * for normal alerts rr->length is 2, while
818 * dest_maxlen is 7 if we were to handle this
819 * non-existing alert...
820 */
821 FIX ME
822#endif
814 s->rstate=SSL_ST_READ_HEADER; 823 s->rstate=SSL_ST_READ_HEADER;
815 rr->length = 0; 824 rr->length = 0;
816 goto start; 825 goto start;
@@ -1251,7 +1260,7 @@ int dtls1_write_bytes(SSL *s, int type, const void *buf_, int len)
1251 else 1260 else
1252 s->s3->wnum += i; 1261 s->s3->wnum += i;
1253 1262
1254 return tot + i; 1263 return i;
1255 } 1264 }
1256 1265
1257int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment) 1266int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
@@ -1576,7 +1585,7 @@ int dtls1_dispatch_alert(SSL *s)
1576 { 1585 {
1577 int i,j; 1586 int i,j;
1578 void (*cb)(const SSL *ssl,int type,int val)=NULL; 1587 void (*cb)(const SSL *ssl,int type,int val)=NULL;
1579 unsigned char buf[2 + 2 + 3]; /* alert level + alert desc + message seq +frag_off */ 1588 unsigned char buf[DTLS1_AL_HEADER_LENGTH];
1580 unsigned char *ptr = &buf[0]; 1589 unsigned char *ptr = &buf[0];
1581 1590
1582 s->s3->alert_dispatch=0; 1591 s->s3->alert_dispatch=0;
@@ -1585,6 +1594,7 @@ int dtls1_dispatch_alert(SSL *s)
1585 *ptr++ = s->s3->send_alert[0]; 1594 *ptr++ = s->s3->send_alert[0];
1586 *ptr++ = s->s3->send_alert[1]; 1595 *ptr++ = s->s3->send_alert[1];
1587 1596
1597#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
1588 if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) 1598 if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
1589 { 1599 {
1590 s2n(s->d1->handshake_read_seq, ptr); 1600 s2n(s->d1->handshake_read_seq, ptr);
@@ -1600,6 +1610,7 @@ int dtls1_dispatch_alert(SSL *s)
1600#endif 1610#endif
1601 l2n3(s->d1->r_msg_hdr.frag_off, ptr); 1611 l2n3(s->d1->r_msg_hdr.frag_off, ptr);
1602 } 1612 }
1613#endif
1603 1614
1604 i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0); 1615 i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
1605 if (i <= 0) 1616 if (i <= 0)
@@ -1609,8 +1620,11 @@ int dtls1_dispatch_alert(SSL *s)
1609 } 1620 }
1610 else 1621 else
1611 { 1622 {
1612 if ( s->s3->send_alert[0] == SSL3_AL_FATAL || 1623 if (s->s3->send_alert[0] == SSL3_AL_FATAL
1613 s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) 1624#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
1625 || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
1626#endif
1627 )
1614 (void)BIO_flush(s->wbio); 1628 (void)BIO_flush(s->wbio);
1615 1629
1616 if (s->msg_callback) 1630 if (s->msg_callback)
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 927b01f3c4..0bbf8ae7f3 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -732,7 +732,7 @@ int dtls1_send_server_hello(SSL *s)
732 732
733 d = dtls1_set_message_header(s, d, SSL3_MT_SERVER_HELLO, l, 0, l); 733 d = dtls1_set_message_header(s, d, SSL3_MT_SERVER_HELLO, l, 0, l);
734 734
735 s->state=SSL3_ST_CW_CLNT_HELLO_B; 735 s->state=SSL3_ST_SW_SRVR_HELLO_B;
736 /* number of bytes to write */ 736 /* number of bytes to write */
737 s->init_num=p-buf; 737 s->init_num=p-buf;
738 s->init_off=0; 738 s->init_off=0;
@@ -741,7 +741,7 @@ int dtls1_send_server_hello(SSL *s)
741 dtls1_buffer_message(s, 0); 741 dtls1_buffer_message(s, 0);
742 } 742 }
743 743
744 /* SSL3_ST_CW_CLNT_HELLO_B */ 744 /* SSL3_ST_SW_SRVR_HELLO_B */
745 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); 745 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
746 } 746 }
747 747
@@ -765,7 +765,7 @@ int dtls1_send_server_done(SSL *s)
765 dtls1_buffer_message(s, 0); 765 dtls1_buffer_message(s, 0);
766 } 766 }
767 767
768 /* SSL3_ST_CW_CLNT_HELLO_B */ 768 /* SSL3_ST_SW_SRVR_DONE_B */
769 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); 769 return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
770 } 770 }
771 771
diff --git a/src/lib/libssl/dtls1.h b/src/lib/libssl/dtls1.h
index a663cf85f2..f159d37110 100644
--- a/src/lib/libssl/dtls1.h
+++ b/src/lib/libssl/dtls1.h
@@ -70,7 +70,10 @@ extern "C" {
70#define DTLS1_VERSION 0xFEFF 70#define DTLS1_VERSION 0xFEFF
71#define DTLS1_BAD_VER 0x0100 71#define DTLS1_BAD_VER 0x0100
72 72
73#if 0
74/* this alert description is not specified anywhere... */
73#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110 75#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
76#endif
74 77
75/* lengths of messages */ 78/* lengths of messages */
76#define DTLS1_COOKIE_LENGTH 32 79#define DTLS1_COOKIE_LENGTH 32
@@ -84,7 +87,11 @@ extern "C" {
84 87
85#define DTLS1_CCS_HEADER_LENGTH 1 88#define DTLS1_CCS_HEADER_LENGTH 1
86 89
90#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
87#define DTLS1_AL_HEADER_LENGTH 7 91#define DTLS1_AL_HEADER_LENGTH 7
92#else
93#define DTLS1_AL_HEADER_LENGTH 2
94#endif
88 95
89 96
90typedef struct dtls1_bitmap_st 97typedef struct dtls1_bitmap_st
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index c45a8e0a04..bc918170e1 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -257,6 +257,14 @@ static int ssl23_client_hello(SSL *s)
257 version_major = TLS1_VERSION_MAJOR; 257 version_major = TLS1_VERSION_MAJOR;
258 version_minor = TLS1_VERSION_MINOR; 258 version_minor = TLS1_VERSION_MINOR;
259 } 259 }
260#ifdef OPENSSL_FIPS
261 else if(FIPS_mode())
262 {
263 SSLerr(SSL_F_SSL23_CLIENT_HELLO,
264 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
265 return -1;
266 }
267#endif
260 else if (version == SSL3_VERSION) 268 else if (version == SSL3_VERSION)
261 { 269 {
262 version_major = SSL3_VERSION_MAJOR; 270 version_major = SSL3_VERSION_MAJOR;
@@ -536,6 +544,14 @@ static int ssl23_get_server_hello(SSL *s)
536 if ((p[2] == SSL3_VERSION_MINOR) && 544 if ((p[2] == SSL3_VERSION_MINOR) &&
537 !(s->options & SSL_OP_NO_SSLv3)) 545 !(s->options & SSL_OP_NO_SSLv3))
538 { 546 {
547#ifdef OPENSSL_FIPS
548 if(FIPS_mode())
549 {
550 SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
551 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
552 goto err;
553 }
554#endif
539 s->version=SSL3_VERSION; 555 s->version=SSL3_VERSION;
540 s->method=SSLv3_client_method(); 556 s->method=SSLv3_client_method();
541 } 557 }
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index 6637bb9549..ba06e7ae2e 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -386,6 +386,15 @@ int ssl23_get_client_hello(SSL *s)
386 } 386 }
387 } 387 }
388 388
389#ifdef OPENSSL_FIPS
390 if (FIPS_mode() && (s->version < TLS1_VERSION))
391 {
392 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
393 SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
394 goto err;
395 }
396#endif
397
389 if (s->state == SSL23_ST_SR_CLNT_HELLO_B) 398 if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
390 { 399 {
391 /* we have SSLv3/TLSv1 in an SSLv2 header 400 /* we have SSLv3/TLSv1 in an SSLv2 header
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index f6864cdc50..5fd3520caf 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -130,10 +130,17 @@
130#include <openssl/objects.h> 130#include <openssl/objects.h>
131#include <openssl/evp.h> 131#include <openssl/evp.h>
132#include <openssl/md5.h> 132#include <openssl/md5.h>
133#ifdef OPENSSL_FIPS
134#include <openssl/fips.h>
135#endif
136
133#ifndef OPENSSL_NO_DH 137#ifndef OPENSSL_NO_DH
134#include <openssl/dh.h> 138#include <openssl/dh.h>
135#endif 139#endif
136#include <openssl/bn.h> 140#include <openssl/bn.h>
141#ifndef OPENSSL_NO_ENGINE
142#include <openssl/engine.h>
143#endif
137 144
138static SSL_METHOD *ssl3_get_client_method(int ver); 145static SSL_METHOD *ssl3_get_client_method(int ver);
139static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b); 146static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
@@ -965,7 +972,7 @@ int ssl3_get_server_certificate(SSL *s)
965 } 972 }
966 973
967 i=ssl_verify_cert_chain(s,sk); 974 i=ssl_verify_cert_chain(s,sk);
968 if ((s->verify_mode != SSL_VERIFY_NONE) && (!i) 975 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)
969#ifndef OPENSSL_NO_KRB5 976#ifndef OPENSSL_NO_KRB5
970 && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK)) 977 && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK))
971 != (SSL_aKRB5|SSL_kKRB5) 978 != (SSL_aKRB5|SSL_kKRB5)
@@ -999,7 +1006,7 @@ int ssl3_get_server_certificate(SSL *s)
999 == (SSL_aKRB5|SSL_kKRB5))? 0: 1; 1006 == (SSL_aKRB5|SSL_kKRB5))? 0: 1;
1000 1007
1001#ifdef KSSL_DEBUG 1008#ifdef KSSL_DEBUG
1002 printf("pkey,x = %p, %p\n", pkey,x); 1009 printf("pkey,x = %p, %p\n", (void *)pkey,(void *)x);
1003 printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey)); 1010 printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
1004 printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name, 1011 printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name,
1005 s->s3->tmp.new_cipher->algorithms, need_cert); 1012 s->s3->tmp.new_cipher->algorithms, need_cert);
@@ -1415,6 +1422,8 @@ int ssl3_get_key_exchange(SSL *s)
1415 q=md_buf; 1422 q=md_buf;
1416 for (num=2; num > 0; num--) 1423 for (num=2; num > 0; num--)
1417 { 1424 {
1425 EVP_MD_CTX_set_flags(&md_ctx,
1426 EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
1418 EVP_DigestInit_ex(&md_ctx,(num == 2) 1427 EVP_DigestInit_ex(&md_ctx,(num == 2)
1419 ?s->ctx->md5:s->ctx->sha1, NULL); 1428 ?s->ctx->md5:s->ctx->sha1, NULL);
1420 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); 1429 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
@@ -1450,7 +1459,7 @@ int ssl3_get_key_exchange(SSL *s)
1450 EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); 1459 EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1451 EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); 1460 EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1452 EVP_VerifyUpdate(&md_ctx,param,param_len); 1461 EVP_VerifyUpdate(&md_ctx,param,param_len);
1453 if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey)) 1462 if (EVP_VerifyFinal(&md_ctx,p,(int)n,pkey) <= 0)
1454 { 1463 {
1455 /* bad signature */ 1464 /* bad signature */
1456 al=SSL_AD_DECRYPT_ERROR; 1465 al=SSL_AD_DECRYPT_ERROR;
@@ -1468,7 +1477,7 @@ int ssl3_get_key_exchange(SSL *s)
1468 EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); 1477 EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
1469 EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); 1478 EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
1470 EVP_VerifyUpdate(&md_ctx,param,param_len); 1479 EVP_VerifyUpdate(&md_ctx,param,param_len);
1471 if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey)) 1480 if (EVP_VerifyFinal(&md_ctx,p,(int)n,pkey) <= 0)
1472 { 1481 {
1473 /* bad signature */ 1482 /* bad signature */
1474 al=SSL_AD_DECRYPT_ERROR; 1483 al=SSL_AD_DECRYPT_ERROR;
@@ -1768,7 +1777,7 @@ int ssl3_get_cert_status(SSL *s)
1768 goto f_err; 1777 goto f_err;
1769 } 1778 }
1770 n2l3(p, resplen); 1779 n2l3(p, resplen);
1771 if (resplen + 4 != n) 1780 if (resplen + 4 != (unsigned long)n)
1772 { 1781 {
1773 al = SSL_AD_DECODE_ERROR; 1782 al = SSL_AD_DECODE_ERROR;
1774 SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_LENGTH_MISMATCH); 1783 SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_LENGTH_MISMATCH);
@@ -2061,12 +2070,12 @@ int ssl3_send_client_key_exchange(SSL *s)
2061 { 2070 {
2062 DH *dh_srvr,*dh_clnt; 2071 DH *dh_srvr,*dh_clnt;
2063 2072
2064 if (s->session->sess_cert == NULL) 2073 if (s->session->sess_cert == NULL)
2065 { 2074 {
2066 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); 2075 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
2067 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); 2076 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
2068 goto err; 2077 goto err;
2069 } 2078 }
2070 2079
2071 if (s->session->sess_cert->peer_dh_tmp != NULL) 2080 if (s->session->sess_cert->peer_dh_tmp != NULL)
2072 dh_srvr=s->session->sess_cert->peer_dh_tmp; 2081 dh_srvr=s->session->sess_cert->peer_dh_tmp;
@@ -2448,8 +2457,7 @@ int ssl3_send_client_certificate(SSL *s)
2448 * ssl->rwstate=SSL_X509_LOOKUP; return(-1); 2457 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
2449 * We then get retied later */ 2458 * We then get retied later */
2450 i=0; 2459 i=0;
2451 if (s->ctx->client_cert_cb != NULL) 2460 i = ssl_do_client_cert_cb(s, &x509, &pkey);
2452 i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
2453 if (i < 0) 2461 if (i < 0)
2454 { 2462 {
2455 s->rwstate=SSL_X509_LOOKUP; 2463 s->rwstate=SSL_X509_LOOKUP;
@@ -2716,3 +2724,21 @@ static int ssl3_check_finished(SSL *s)
2716 return 1; 2724 return 1;
2717 } 2725 }
2718#endif 2726#endif
2727
2728int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
2729 {
2730 int i = 0;
2731#ifndef OPENSSL_NO_ENGINE
2732 if (s->ctx->client_cert_engine)
2733 {
2734 i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
2735 SSL_get_client_CA_list(s),
2736 px509, ppkey, NULL, NULL, NULL);
2737 if (i != 0)
2738 return i;
2739 }
2740#endif
2741 if (s->ctx->client_cert_cb)
2742 i = s->ctx->client_cert_cb(s,px509,ppkey);
2743 return i;
2744 }
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index bdbcd44f27..8916a0b1b3 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -158,7 +158,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
158 SSL3_TXT_RSA_NULL_SHA, 158 SSL3_TXT_RSA_NULL_SHA,
159 SSL3_CK_RSA_NULL_SHA, 159 SSL3_CK_RSA_NULL_SHA,
160 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3, 160 SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
161 SSL_NOT_EXP|SSL_STRONG_NONE, 161 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
162 0, 162 0,
163 0, 163 0,
164 0, 164 0,
@@ -264,7 +264,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
264 SSL3_TXT_RSA_DES_192_CBC3_SHA, 264 SSL3_TXT_RSA_DES_192_CBC3_SHA,
265 SSL3_CK_RSA_DES_192_CBC3_SHA, 265 SSL3_CK_RSA_DES_192_CBC3_SHA,
266 SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3, 266 SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
267 SSL_NOT_EXP|SSL_HIGH, 267 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
268 0, 268 0,
269 168, 269 168,
270 168, 270 168,
@@ -304,7 +304,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
304 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 304 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
305 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 305 SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
306 SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3, 306 SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
307 SSL_NOT_EXP|SSL_HIGH, 307 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
308 0, 308 0,
309 168, 309 168,
310 168, 310 168,
@@ -343,7 +343,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
343 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 343 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
344 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 344 SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
345 SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3, 345 SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
346 SSL_NOT_EXP|SSL_HIGH, 346 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
347 0, 347 0,
348 168, 348 168,
349 168, 349 168,
@@ -384,7 +384,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
384 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 384 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
385 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 385 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
386 SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3, 386 SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
387 SSL_NOT_EXP|SSL_HIGH, 387 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
388 0, 388 0,
389 168, 389 168,
390 168, 390 168,
@@ -423,7 +423,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
423 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 423 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
424 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 424 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
425 SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3, 425 SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
426 SSL_NOT_EXP|SSL_HIGH, 426 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
427 0, 427 0,
428 168, 428 168,
429 168, 429 168,
@@ -488,7 +488,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
488 SSL3_TXT_ADH_DES_192_CBC_SHA, 488 SSL3_TXT_ADH_DES_192_CBC_SHA,
489 SSL3_CK_ADH_DES_192_CBC_SHA, 489 SSL3_CK_ADH_DES_192_CBC_SHA,
490 SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3, 490 SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
491 SSL_NOT_EXP|SSL_HIGH, 491 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
492 0, 492 0,
493 168, 493 168,
494 168, 494 168,
@@ -563,7 +563,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
563 SSL3_TXT_KRB5_DES_192_CBC3_SHA, 563 SSL3_TXT_KRB5_DES_192_CBC3_SHA,
564 SSL3_CK_KRB5_DES_192_CBC3_SHA, 564 SSL3_CK_KRB5_DES_192_CBC3_SHA,
565 SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, 565 SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3,
566 SSL_NOT_EXP|SSL_HIGH, 566 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
567 0, 567 0,
568 168, 568 168,
569 168, 569 168,
@@ -747,7 +747,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
747 TLS1_TXT_RSA_WITH_AES_128_SHA, 747 TLS1_TXT_RSA_WITH_AES_128_SHA,
748 TLS1_CK_RSA_WITH_AES_128_SHA, 748 TLS1_CK_RSA_WITH_AES_128_SHA,
749 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1, 749 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
750 SSL_NOT_EXP|SSL_HIGH, 750 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
751 0, 751 0,
752 128, 752 128,
753 128, 753 128,
@@ -760,7 +760,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
760 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 760 TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
761 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 761 TLS1_CK_DH_DSS_WITH_AES_128_SHA,
762 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, 762 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
763 SSL_NOT_EXP|SSL_HIGH, 763 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
764 0, 764 0,
765 128, 765 128,
766 128, 766 128,
@@ -773,7 +773,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
773 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 773 TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
774 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 774 TLS1_CK_DH_RSA_WITH_AES_128_SHA,
775 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, 775 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
776 SSL_NOT_EXP|SSL_HIGH, 776 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
777 0, 777 0,
778 128, 778 128,
779 128, 779 128,
@@ -786,7 +786,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
786 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 786 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
787 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 787 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
788 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1, 788 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
789 SSL_NOT_EXP|SSL_HIGH, 789 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
790 0, 790 0,
791 128, 791 128,
792 128, 792 128,
@@ -799,7 +799,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
799 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 799 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
800 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 800 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
801 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1, 801 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
802 SSL_NOT_EXP|SSL_HIGH, 802 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
803 0, 803 0,
804 128, 804 128,
805 128, 805 128,
@@ -812,7 +812,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
812 TLS1_TXT_ADH_WITH_AES_128_SHA, 812 TLS1_TXT_ADH_WITH_AES_128_SHA,
813 TLS1_CK_ADH_WITH_AES_128_SHA, 813 TLS1_CK_ADH_WITH_AES_128_SHA,
814 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1, 814 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
815 SSL_NOT_EXP|SSL_HIGH, 815 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
816 0, 816 0,
817 128, 817 128,
818 128, 818 128,
@@ -826,7 +826,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
826 TLS1_TXT_RSA_WITH_AES_256_SHA, 826 TLS1_TXT_RSA_WITH_AES_256_SHA,
827 TLS1_CK_RSA_WITH_AES_256_SHA, 827 TLS1_CK_RSA_WITH_AES_256_SHA,
828 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1, 828 SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
829 SSL_NOT_EXP|SSL_HIGH, 829 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
830 0, 830 0,
831 256, 831 256,
832 256, 832 256,
@@ -839,7 +839,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
839 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 839 TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
840 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 840 TLS1_CK_DH_DSS_WITH_AES_256_SHA,
841 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, 841 SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
842 SSL_NOT_EXP|SSL_HIGH, 842 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
843 0, 843 0,
844 256, 844 256,
845 256, 845 256,
@@ -852,7 +852,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
852 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 852 TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
853 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 853 TLS1_CK_DH_RSA_WITH_AES_256_SHA,
854 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, 854 SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
855 SSL_NOT_EXP|SSL_HIGH, 855 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
856 0, 856 0,
857 256, 857 256,
858 256, 858 256,
@@ -865,7 +865,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
865 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 865 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
866 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 866 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
867 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1, 867 SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
868 SSL_NOT_EXP|SSL_HIGH, 868 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
869 0, 869 0,
870 256, 870 256,
871 256, 871 256,
@@ -878,7 +878,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
878 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 878 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
879 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 879 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
880 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1, 880 SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
881 SSL_NOT_EXP|SSL_HIGH, 881 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
882 0, 882 0,
883 256, 883 256,
884 256, 884 256,
@@ -891,7 +891,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
891 TLS1_TXT_ADH_WITH_AES_256_SHA, 891 TLS1_TXT_ADH_WITH_AES_256_SHA,
892 TLS1_CK_ADH_WITH_AES_256_SHA, 892 TLS1_CK_ADH_WITH_AES_256_SHA,
893 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1, 893 SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
894 SSL_NOT_EXP|SSL_HIGH, 894 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
895 0, 895 0,
896 256, 896 256,
897 256, 897 256,
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
index 44c7c143fe..9476dcddf6 100644
--- a/src/lib/libssl/s3_pkt.c
+++ b/src/lib/libssl/s3_pkt.c
@@ -753,8 +753,15 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
753 s->rwstate=SSL_NOTHING; 753 s->rwstate=SSL_NOTHING;
754 return(s->s3->wpend_ret); 754 return(s->s3->wpend_ret);
755 } 755 }
756 else if (i <= 0) 756 else if (i <= 0) {
757 if (s->version == DTLS1_VERSION ||
758 s->version == DTLS1_BAD_VER) {
759 /* For DTLS, just drop it. That's kind of the whole
760 point in using a datagram service */
761 s->s3->wbuf.left = 0;
762 }
757 return(i); 763 return(i);
764 }
758 s->s3->wbuf.offset+=i; 765 s->s3->wbuf.offset+=i;
759 s->s3->wbuf.left-=i; 766 s->s3->wbuf.left-=i;
760 } 767 }
@@ -1225,6 +1232,13 @@ int ssl3_do_change_cipher_spec(SSL *s)
1225 1232
1226 if (s->s3->tmp.key_block == NULL) 1233 if (s->s3->tmp.key_block == NULL)
1227 { 1234 {
1235 if (s->session == NULL)
1236 {
1237 /* might happen if dtls1_read_bytes() calls this */
1238 SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);
1239 return (0);
1240 }
1241
1228 s->session->cipher=s->s3->tmp.new_cipher; 1242 s->session->cipher=s->s3->tmp.new_cipher;
1229 if (!s->method->ssl3_enc->setup_key_block(s)) return(0); 1243 if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
1230 } 1244 }
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 903522ab59..80b45eb86f 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -902,22 +902,28 @@ int ssl3_get_client_hello(SSL *s)
902 break; 902 break;
903 } 903 }
904 } 904 }
905 if (j == 0) 905 if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
906 { 906 {
907 if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) 907 /* Special case as client bug workaround: the previously used cipher may
908 { 908 * not be in the current list, the client instead might be trying to
909 /* Very bad for multi-threading.... */ 909 * continue using a cipher that before wasn't chosen due to server
910 s->session->cipher=sk_SSL_CIPHER_value(ciphers, 0); 910 * preferences. We'll have to reject the connection if the cipher is not
911 } 911 * enabled, though. */
912 else 912 c = sk_SSL_CIPHER_value(ciphers, 0);
913 if (sk_SSL_CIPHER_find(SSL_get_ciphers(s), c) >= 0)
913 { 914 {
914 /* we need to have the cipher in the cipher 915 s->session->cipher = c;
915 * list if we are asked to reuse it */ 916 j = 1;
916 al=SSL_AD_ILLEGAL_PARAMETER;
917 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
918 goto f_err;
919 } 917 }
920 } 918 }
919 if (j == 0)
920 {
921 /* we need to have the cipher in the cipher
922 * list if we are asked to reuse it */
923 al=SSL_AD_ILLEGAL_PARAMETER;
924 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
925 goto f_err;
926 }
921 } 927 }
922 928
923 /* compression */ 929 /* compression */
@@ -1172,13 +1178,13 @@ int ssl3_send_server_hello(SSL *s)
1172 *(d++)=SSL3_MT_SERVER_HELLO; 1178 *(d++)=SSL3_MT_SERVER_HELLO;
1173 l2n3(l,d); 1179 l2n3(l,d);
1174 1180
1175 s->state=SSL3_ST_CW_CLNT_HELLO_B; 1181 s->state=SSL3_ST_SW_SRVR_HELLO_B;
1176 /* number of bytes to write */ 1182 /* number of bytes to write */
1177 s->init_num=p-buf; 1183 s->init_num=p-buf;
1178 s->init_off=0; 1184 s->init_off=0;
1179 } 1185 }
1180 1186
1181 /* SSL3_ST_CW_CLNT_HELLO_B */ 1187 /* SSL3_ST_SW_SRVR_HELLO_B */
1182 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); 1188 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1183 } 1189 }
1184 1190
@@ -1202,7 +1208,7 @@ int ssl3_send_server_done(SSL *s)
1202 s->init_off=0; 1208 s->init_off=0;
1203 } 1209 }
1204 1210
1205 /* SSL3_ST_CW_CLNT_HELLO_B */ 1211 /* SSL3_ST_SW_SRVR_DONE_B */
1206 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); 1212 return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
1207 } 1213 }
1208 1214
@@ -1540,6 +1546,8 @@ int ssl3_send_server_key_exchange(SSL *s)
1540 j=0; 1546 j=0;
1541 for (num=2; num > 0; num--) 1547 for (num=2; num > 0; num--)
1542 { 1548 {
1549 EVP_MD_CTX_set_flags(&md_ctx,
1550 EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
1543 EVP_DigestInit_ex(&md_ctx,(num == 2) 1551 EVP_DigestInit_ex(&md_ctx,(num == 2)
1544 ?s->ctx->md5:s->ctx->sha1, NULL); 1552 ?s->ctx->md5:s->ctx->sha1, NULL);
1545 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); 1553 EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
@@ -2558,7 +2566,7 @@ int ssl3_get_client_certificate(SSL *s)
2558 else 2566 else
2559 { 2567 {
2560 i=ssl_verify_cert_chain(s,sk); 2568 i=ssl_verify_cert_chain(s,sk);
2561 if (!i) 2569 if (i <= 0)
2562 { 2570 {
2563 al=ssl_verify_alarm_type(s->verify_result); 2571 al=ssl_verify_alarm_type(s->verify_result);
2564 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED); 2572 SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 6df921f3c1..ff8a128d3c 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -252,6 +252,7 @@ extern "C" {
252#define SSL_TXT_LOW "LOW" 252#define SSL_TXT_LOW "LOW"
253#define SSL_TXT_MEDIUM "MEDIUM" 253#define SSL_TXT_MEDIUM "MEDIUM"
254#define SSL_TXT_HIGH "HIGH" 254#define SSL_TXT_HIGH "HIGH"
255#define SSL_TXT_FIPS "FIPS"
255#define SSL_TXT_kFZA "kFZA" 256#define SSL_TXT_kFZA "kFZA"
256#define SSL_TXT_aFZA "aFZA" 257#define SSL_TXT_aFZA "aFZA"
257#define SSL_TXT_eFZA "eFZA" 258#define SSL_TXT_eFZA "eFZA"
@@ -361,9 +362,6 @@ typedef struct ssl_cipher_st
361 362
362DECLARE_STACK_OF(SSL_CIPHER) 363DECLARE_STACK_OF(SSL_CIPHER)
363 364
364typedef struct ssl_st SSL;
365typedef struct ssl_ctx_st SSL_CTX;
366
367/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ 365/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
368typedef struct ssl_method_st 366typedef struct ssl_method_st
369 { 367 {
@@ -760,6 +758,12 @@ struct ssl_ctx_st
760 758
761 int quiet_shutdown; 759 int quiet_shutdown;
762 760
761#ifndef OPENSSL_ENGINE
762 /* Engine to pass requests for client certs to
763 */
764 ENGINE *client_cert_engine;
765#endif
766
763#ifndef OPENSSL_NO_TLSEXT 767#ifndef OPENSSL_NO_TLSEXT
764 /* TLS extensions servername callback */ 768 /* TLS extensions servername callback */
765 int (*tlsext_servername_callback)(SSL*, int *, void *); 769 int (*tlsext_servername_callback)(SSL*, int *, void *);
@@ -829,6 +833,9 @@ void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,int type,
829void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val); 833void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val);
830void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); 834void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
831int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey); 835int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
836#ifndef OPENSSL_NO_ENGINE
837int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
838#endif
832void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)); 839void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len));
833void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)); 840void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len));
834 841
@@ -1702,6 +1709,7 @@ void ERR_load_SSL_strings(void);
1702#define SSL_F_SSL3_CONNECT 132 1709#define SSL_F_SSL3_CONNECT 132
1703#define SSL_F_SSL3_CTRL 213 1710#define SSL_F_SSL3_CTRL 213
1704#define SSL_F_SSL3_CTX_CTRL 133 1711#define SSL_F_SSL3_CTX_CTRL 133
1712#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 279
1705#define SSL_F_SSL3_ENC 134 1713#define SSL_F_SSL3_ENC 134
1706#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 1714#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
1707#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 1715#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
@@ -1755,6 +1763,7 @@ void ERR_load_SSL_strings(void);
1755#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 1763#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
1756#define SSL_F_SSL_CTX_NEW 169 1764#define SSL_F_SSL_CTX_NEW 169
1757#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269 1765#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
1766#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 278
1758#define SSL_F_SSL_CTX_SET_PURPOSE 226 1767#define SSL_F_SSL_CTX_SET_PURPOSE 226
1759#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 1768#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
1760#define SSL_F_SSL_CTX_SET_SSL_VERSION 170 1769#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
@@ -1935,6 +1944,7 @@ void ERR_load_SSL_strings(void);
1935#define SSL_R_NO_CIPHERS_SPECIFIED 183 1944#define SSL_R_NO_CIPHERS_SPECIFIED 183
1936#define SSL_R_NO_CIPHER_LIST 184 1945#define SSL_R_NO_CIPHER_LIST 184
1937#define SSL_R_NO_CIPHER_MATCH 185 1946#define SSL_R_NO_CIPHER_MATCH 185
1947#define SSL_R_NO_CLIENT_CERT_METHOD 317
1938#define SSL_R_NO_CLIENT_CERT_RECEIVED 186 1948#define SSL_R_NO_CLIENT_CERT_RECEIVED 186
1939#define SSL_R_NO_COMPRESSION_SPECIFIED 187 1949#define SSL_R_NO_COMPRESSION_SPECIFIED 187
1940#define SSL_R_NO_METHOD_SPECIFIED 188 1950#define SSL_R_NO_METHOD_SPECIFIED 188
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
index 6e14f4d834..0f9a3489dd 100644
--- a/src/lib/libssl/ssl_asn1.c
+++ b/src/lib/libssl/ssl_asn1.c
@@ -353,7 +353,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
353 memcpy(ret->session_id,os.data,os.length); 353 memcpy(ret->session_id,os.data,os.length);
354 354
355 M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING); 355 M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
356 if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH) 356 if (os.length > SSL_MAX_MASTER_KEY_LENGTH)
357 ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; 357 ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
358 else 358 else
359 ret->master_key_length=os.length; 359 ret->master_key_length=os.length;
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index 725f7f3c1f..0c2aa249b4 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -115,7 +115,10 @@
115 */ 115 */
116#include <stdio.h> 116#include <stdio.h>
117#include <openssl/objects.h> 117#include <openssl/objects.h>
118#ifndef OPENSSL_NO_COMP
118#include <openssl/comp.h> 119#include <openssl/comp.h>
120#endif
121
119#include "ssl_locl.h" 122#include "ssl_locl.h"
120 123
121#define SSL_ENC_DES_IDX 0 124#define SSL_ENC_DES_IDX 0
@@ -222,6 +225,7 @@ static const SSL_CIPHER cipher_aliases[]={
222 {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK}, 225 {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
223 {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK}, 226 {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
224 {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK}, 227 {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
228 {0,SSL_TXT_FIPS, 0, 0, SSL_FIPS, 0,0,0,0,SSL_FIPS|SSL_STRONG_NONE},
225 }; 229 };
226 230
227void ssl_load_ciphers(void) 231void ssl_load_ciphers(void)
@@ -515,7 +519,12 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
515 c = ssl_method->get_cipher(i); 519 c = ssl_method->get_cipher(i);
516#define IS_MASKED(c) ((c)->algorithms & (((c)->alg_bits == 256) ? m256 : mask)) 520#define IS_MASKED(c) ((c)->algorithms & (((c)->alg_bits == 256) ? m256 : mask))
517 /* drop those that use any of that is not available */ 521 /* drop those that use any of that is not available */
522#ifdef OPENSSL_FIPS
523 if ((c != NULL) && c->valid && !IS_MASKED(c)
524 && (!FIPS_mode() || (c->algo_strength & SSL_FIPS)))
525#else
518 if ((c != NULL) && c->valid && !IS_MASKED(c)) 526 if ((c != NULL) && c->valid && !IS_MASKED(c))
527#endif
519 { 528 {
520 co_list[co_list_num].cipher = c; 529 co_list[co_list_num].cipher = c;
521 co_list[co_list_num].next = NULL; 530 co_list[co_list_num].next = NULL;
@@ -1054,7 +1063,11 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1054 */ 1063 */
1055 for (curr = head; curr != NULL; curr = curr->next) 1064 for (curr = head; curr != NULL; curr = curr->next)
1056 { 1065 {
1066#ifdef OPENSSL_FIPS
1067 if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
1068#else
1057 if (curr->active) 1069 if (curr->active)
1070#endif
1058 { 1071 {
1059 sk_SSL_CIPHER_push(cipherstack, curr->cipher); 1072 sk_SSL_CIPHER_push(cipherstack, curr->cipher);
1060#ifdef CIPHER_DEBUG 1073#ifdef CIPHER_DEBUG
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
index 50779c1632..24a994fe01 100644
--- a/src/lib/libssl/ssl_err.c
+++ b/src/lib/libssl/ssl_err.c
@@ -1,6 +1,6 @@
1/* ssl/ssl_err.c */ 1/* ssl/ssl_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -138,6 +138,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
138{ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"}, 138{ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"},
139{ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"}, 139{ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"},
140{ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"}, 140{ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"},
141{ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC), "SSL3_DO_CHANGE_CIPHER_SPEC"},
141{ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"}, 142{ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"},
142{ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"}, 143{ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
143{ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST), "SSL3_GET_CERTIFICATE_REQUEST"}, 144{ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST), "SSL3_GET_CERTIFICATE_REQUEST"},
@@ -191,6 +192,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
191{ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"}, 192{ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
192{ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"}, 193{ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
193{ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"}, 194{ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
195{ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE), "SSL_CTX_set_client_cert_engine"},
194{ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"}, 196{ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
195{ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT), "SSL_CTX_set_session_id_context"}, 197{ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT), "SSL_CTX_set_session_id_context"},
196{ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"}, 198{ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
@@ -374,6 +376,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
374{ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) ,"no ciphers specified"}, 376{ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) ,"no ciphers specified"},
375{ERR_REASON(SSL_R_NO_CIPHER_LIST) ,"no cipher list"}, 377{ERR_REASON(SSL_R_NO_CIPHER_LIST) ,"no cipher list"},
376{ERR_REASON(SSL_R_NO_CIPHER_MATCH) ,"no cipher match"}, 378{ERR_REASON(SSL_R_NO_CIPHER_MATCH) ,"no cipher match"},
379{ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD) ,"no client cert method"},
377{ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED),"no client cert received"}, 380{ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED),"no client cert received"},
378{ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED),"no compression specified"}, 381{ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED),"no compression specified"},
379{ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) ,"no method specified"}, 382{ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) ,"no method specified"},
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 065411aea8..68eee77e6f 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -130,6 +130,9 @@
130#ifndef OPENSSL_NO_DH 130#ifndef OPENSSL_NO_DH
131#include <openssl/dh.h> 131#include <openssl/dh.h>
132#endif 132#endif
133#ifndef OPENSSL_NO_ENGINE
134#include <openssl/engine.h>
135#endif
133 136
134const char *SSL_version_str=OPENSSL_VERSION_TEXT; 137const char *SSL_version_str=OPENSSL_VERSION_TEXT;
135 138
@@ -1393,6 +1396,14 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
1393 return(NULL); 1396 return(NULL);
1394 } 1397 }
1395 1398
1399#ifdef OPENSSL_FIPS
1400 if (FIPS_mode() && (meth->version < TLS1_VERSION))
1401 {
1402 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
1403 return NULL;
1404 }
1405#endif
1406
1396 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) 1407 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
1397 { 1408 {
1398 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); 1409 SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
@@ -1513,6 +1524,27 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
1513 1524
1514#endif 1525#endif
1515 1526
1527#ifndef OPENSSL_NO_ENGINE
1528 ret->client_cert_engine = NULL;
1529#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
1530#define eng_strx(x) #x
1531#define eng_str(x) eng_strx(x)
1532 /* Use specific client engine automatically... ignore errors */
1533 {
1534 ENGINE *eng;
1535 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1536 if (!eng)
1537 {
1538 ERR_clear_error();
1539 ENGINE_load_builtin_engines();
1540 eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
1541 }
1542 if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
1543 ERR_clear_error();
1544 }
1545#endif
1546#endif
1547
1516 return(ret); 1548 return(ret);
1517err: 1549err:
1518 SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE); 1550 SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
@@ -1583,6 +1615,10 @@ void SSL_CTX_free(SSL_CTX *a)
1583#else 1615#else
1584 a->comp_methods = NULL; 1616 a->comp_methods = NULL;
1585#endif 1617#endif
1618#ifndef OPENSSL_NO_ENGINE
1619 if (a->client_cert_engine)
1620 ENGINE_finish(a->client_cert_engine);
1621#endif
1586 OPENSSL_free(a); 1622 OPENSSL_free(a);
1587 } 1623 }
1588 1624
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index de94c0d0c7..ed4ddbbae6 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -124,7 +124,9 @@
124#include "e_os.h" 124#include "e_os.h"
125 125
126#include <openssl/buffer.h> 126#include <openssl/buffer.h>
127#ifndef OPENSSL_NO_COMP
127#include <openssl/comp.h> 128#include <openssl/comp.h>
129#endif
128#include <openssl/bio.h> 130#include <openssl/bio.h>
129#include <openssl/stack.h> 131#include <openssl/stack.h>
130#ifndef OPENSSL_NO_RSA 132#ifndef OPENSSL_NO_RSA
@@ -330,8 +332,9 @@
330#define SSL_LOW 0x00000020L 332#define SSL_LOW 0x00000020L
331#define SSL_MEDIUM 0x00000040L 333#define SSL_MEDIUM 0x00000040L
332#define SSL_HIGH 0x00000080L 334#define SSL_HIGH 0x00000080L
335#define SSL_FIPS 0x00000100L
333 336
334/* we have used 000000ff - 24 bits left to go */ 337/* we have used 000001ff - 23 bits left to go */
335 338
336/* 339/*
337 * Macros to check the export status and cipher strength for export ciphers. 340 * Macros to check the export status and cipher strength for export ciphers.
@@ -499,6 +502,7 @@ typedef struct ssl3_enc_method
499 int (*alert_value)(int); 502 int (*alert_value)(int);
500 } SSL3_ENC_METHOD; 503 } SSL3_ENC_METHOD;
501 504
505#ifndef OPENSSL_NO_COMP
502/* Used for holding the relevant compression methods loaded into SSL_CTX */ 506/* Used for holding the relevant compression methods loaded into SSL_CTX */
503typedef struct ssl3_comp_st 507typedef struct ssl3_comp_st
504 { 508 {
@@ -506,6 +510,7 @@ typedef struct ssl3_comp_st
506 char *name; /* Text name used for the compression type */ 510 char *name; /* Text name used for the compression type */
507 COMP_METHOD *method; /* The method :-) */ 511 COMP_METHOD *method; /* The method :-) */
508 } SSL3_COMP; 512 } SSL3_COMP;
513#endif
509 514
510extern SSL3_ENC_METHOD ssl3_undef_enc_method; 515extern SSL3_ENC_METHOD ssl3_undef_enc_method;
511OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[]; 516OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
@@ -874,6 +879,7 @@ int ssl3_get_new_session_ticket(SSL *s);
874int ssl3_get_cert_status(SSL *s); 879int ssl3_get_cert_status(SSL *s);
875int ssl3_get_server_done(SSL *s); 880int ssl3_get_server_done(SSL *s);
876int ssl3_send_client_verify(SSL *s); 881int ssl3_send_client_verify(SSL *s);
882int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
877int ssl3_send_client_certificate(SSL *s); 883int ssl3_send_client_certificate(SSL *s);
878int ssl3_send_client_key_exchange(SSL *s); 884int ssl3_send_client_key_exchange(SSL *s);
879int ssl3_get_key_exchange(SSL *s); 885int ssl3_get_key_exchange(SSL *s);
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index ee88be2b88..8391d62212 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -59,6 +59,9 @@
59#include <stdio.h> 59#include <stdio.h>
60#include <openssl/lhash.h> 60#include <openssl/lhash.h>
61#include <openssl/rand.h> 61#include <openssl/rand.h>
62#ifndef OPENSSL_NO_ENGINE
63#include <openssl/engine.h>
64#endif
62#include "ssl_locl.h" 65#include "ssl_locl.h"
63 66
64static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); 67static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
@@ -870,6 +873,25 @@ int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509 , EVP_PK
870 return ctx->client_cert_cb; 873 return ctx->client_cert_cb;
871 } 874 }
872 875
876#ifndef OPENSSL_NO_ENGINE
877int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
878 {
879 if (!ENGINE_init(e))
880 {
881 SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
882 return 0;
883 }
884 if(!ENGINE_get_ssl_client_cert_function(e))
885 {
886 SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, SSL_R_NO_CLIENT_CERT_METHOD);
887 ENGINE_finish(e);
888 return 0;
889 }
890 ctx->client_cert_engine = e;
891 return 1;
892 }
893#endif
894
873void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, 895void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
874 int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)) 896 int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len))
875 { 897 {
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index ed5a4a7255..7cb3e29a41 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -111,10 +111,15 @@
111 111
112#include <stdio.h> 112#include <stdio.h>
113#include "ssl_locl.h" 113#include "ssl_locl.h"
114#ifndef OPENSSL_NO_COMP
114#include <openssl/comp.h> 115#include <openssl/comp.h>
116#endif
115#include <openssl/evp.h> 117#include <openssl/evp.h>
116#include <openssl/hmac.h> 118#include <openssl/hmac.h>
117#include <openssl/md5.h> 119#include <openssl/md5.h>
120#ifdef KSSL_DEBUG
121#include <openssl/des.h>
122#endif
118 123
119static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, 124static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
120 int sec_len, unsigned char *seed, int seed_len, 125 int sec_len, unsigned char *seed, int seed_len,
@@ -131,6 +136,8 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
131 136
132 HMAC_CTX_init(&ctx); 137 HMAC_CTX_init(&ctx);
133 HMAC_CTX_init(&ctx_tmp); 138 HMAC_CTX_init(&ctx_tmp);
139 HMAC_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
140 HMAC_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
134 HMAC_Init_ex(&ctx,sec,sec_len,md, NULL); 141 HMAC_Init_ex(&ctx,sec,sec_len,md, NULL);
135 HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL); 142 HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL);
136 HMAC_Update(&ctx,seed,seed_len); 143 HMAC_Update(&ctx,seed,seed_len);
@@ -249,15 +256,15 @@ int tls1_change_cipher_state(SSL *s, int which)
249#ifdef KSSL_DEBUG 256#ifdef KSSL_DEBUG
250 printf("tls1_change_cipher_state(which= %d) w/\n", which); 257 printf("tls1_change_cipher_state(which= %d) w/\n", which);
251 printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms, 258 printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
252 comp); 259 (void *)comp);
253 printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c); 260 printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", (void *)c);
254 printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n", 261 printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
255 c->nid,c->block_size,c->key_len,c->iv_len); 262 c->nid,c->block_size,c->key_len,c->iv_len);
256 printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length); 263 printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length);
257 { 264 {
258 int i; 265 int ki;
259 for (i=0; i<s->s3->tmp.key_block_length; i++) 266 for (ki=0; ki<s->s3->tmp.key_block_length; ki++)
260 printf("%02x", key_block[i]); printf("\n"); 267 printf("%02x", key_block[ki]); printf("\n");
261 } 268 }
262#endif /* KSSL_DEBUG */ 269#endif /* KSSL_DEBUG */
263 270
@@ -413,11 +420,13 @@ printf("which = %04X\nmac key=",which);
413 s->session->key_arg_length=0; 420 s->session->key_arg_length=0;
414#ifdef KSSL_DEBUG 421#ifdef KSSL_DEBUG
415 { 422 {
416 int i; 423 int ki;
417 printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n"); 424 printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
418 printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]); 425 printf("\tkey= ");
426 for (ki=0; ki<c->key_len; ki++) printf("%02x", key[ki]);
419 printf("\n"); 427 printf("\n");
420 printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]); 428 printf("\t iv= ");
429 for (ki=0; ki<c->iv_len; ki++) printf("%02x", iv[ki]);
421 printf("\n"); 430 printf("\n");
422 } 431 }
423#endif /* KSSL_DEBUG */ 432#endif /* KSSL_DEBUG */
@@ -590,10 +599,11 @@ int tls1_enc(SSL *s, int send)
590 { 599 {
591 unsigned long ui; 600 unsigned long ui;
592 printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n", 601 printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
593 ds,rec->data,rec->input,l); 602 (void *)ds,rec->data,rec->input,l);
594 printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n", 603 printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%ld %ld], %d iv_len\n",
595 ds->buf_len, ds->cipher->key_len, 604 ds->buf_len, ds->cipher->key_len,
596 DES_KEY_SZ, DES_SCHEDULE_SZ, 605 (unsigned long)DES_KEY_SZ,
606 (unsigned long)DES_SCHEDULE_SZ,
597 ds->cipher->iv_len); 607 ds->cipher->iv_len);
598 printf("\t\tIV: "); 608 printf("\t\tIV: ");
599 for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); 609 for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
@@ -618,10 +628,10 @@ int tls1_enc(SSL *s, int send)
618 628
619#ifdef KSSL_DEBUG 629#ifdef KSSL_DEBUG
620 { 630 {
621 unsigned long i; 631 unsigned long ki;
622 printf("\trec->data="); 632 printf("\trec->data=");
623 for (i=0; i<l; i++) 633 for (ki=0; ki<l; i++)
624 printf(" %02x", rec->data[i]); printf("\n"); 634 printf(" %02x", rec->data[ki]); printf("\n");
625 } 635 }
626#endif /* KSSL_DEBUG */ 636#endif /* KSSL_DEBUG */
627 637
@@ -805,7 +815,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
805 unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH]; 815 unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
806 816
807#ifdef KSSL_DEBUG 817#ifdef KSSL_DEBUG
808 printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len); 818 printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", (void *)s,out, p,len);
809#endif /* KSSL_DEBUG */ 819#endif /* KSSL_DEBUG */
810 820
811 /* Setup the stuff to munge */ 821 /* Setup the stuff to munge */
@@ -852,8 +862,10 @@ int tls1_alert_code(int code)
852 case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR); 862 case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR);
853 case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED); 863 case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED);
854 case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION); 864 case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION);
865#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
855 case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return 866 case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return
856 (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE); 867 (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
868#endif
857 default: return(-1); 869 default: return(-1);
858 } 870 }
859 } 871 }
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 35f04afa4a..9ce726996d 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -734,6 +734,13 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
734 /* Point after session ID in client hello */ 734 /* Point after session ID in client hello */
735 const unsigned char *p = session_id + len; 735 const unsigned char *p = session_id + len;
736 unsigned short i; 736 unsigned short i;
737
738 /* If tickets disabled behave as if no ticket present
739 * to permit stateful resumption.
740 */
741 if (SSL_get_options(s) & SSL_OP_NO_TICKET)
742 return 1;
743
737 if ((s->version <= SSL3_VERSION) || !limit) 744 if ((s->version <= SSL3_VERSION) || !limit)
738 return 1; 745 return 1;
739 if (p >= limit) 746 if (p >= limit)
@@ -761,12 +768,7 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
761 return 1; 768 return 1;
762 if (type == TLSEXT_TYPE_session_ticket) 769 if (type == TLSEXT_TYPE_session_ticket)
763 { 770 {
764 /* If tickets disabled indicate cache miss which will 771 /* If zero length note client will accept a ticket
765 * trigger a full handshake
766 */
767 if (SSL_get_options(s) & SSL_OP_NO_TICKET)
768 return 0;
769 /* If zero length not client will accept a ticket
770 * and indicate cache miss to trigger full handshake 772 * and indicate cache miss to trigger full handshake
771 */ 773 */
772 if (size == 0) 774 if (size == 0)
diff --git a/src/lib/libssl/test/CAss.cnf b/src/lib/libssl/test/CAss.cnf
index 20f8f05e3d..546e660626 100644
--- a/src/lib/libssl/test/CAss.cnf
+++ b/src/lib/libssl/test/CAss.cnf
@@ -7,7 +7,7 @@ RANDFILE = ./.rnd
7 7
8#################################################################### 8####################################################################
9[ req ] 9[ req ]
10default_bits = 512 10default_bits = 1024
11default_keyfile = keySS.pem 11default_keyfile = keySS.pem
12distinguished_name = req_distinguished_name 12distinguished_name = req_distinguished_name
13encrypt_rsa_key = no 13encrypt_rsa_key = no
diff --git a/src/lib/libssl/test/Uss.cnf b/src/lib/libssl/test/Uss.cnf
index 0c0ebb5f67..98b2e054b7 100644
--- a/src/lib/libssl/test/Uss.cnf
+++ b/src/lib/libssl/test/Uss.cnf
@@ -7,7 +7,7 @@ RANDFILE = ./.rnd
7 7
8#################################################################### 8####################################################################
9[ req ] 9[ req ]
10default_bits = 512 10default_bits = 1024
11default_keyfile = keySS.pem 11default_keyfile = keySS.pem
12distinguished_name = req_distinguished_name 12distinguished_name = req_distinguished_name
13encrypt_rsa_key = no 13encrypt_rsa_key = no
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-08 23:54:51 +0000