summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authormiod <>2014-08-07 20:02:23 +0000
committermiod <>2014-08-07 20:02:23 +0000
commitcfb04bdfd0fc6c114e72a57e4c98cf38bd7ff605 (patch)
tree3edb8354ad6b2884901d930a4a6006640b51962b /src
parent52fafe121652f8c5058ec964bbbf0d342db8037c (diff)
downloadopenbsd-cfb04bdfd0fc6c114e72a57e4c98cf38bd7ff605.tar.gz
openbsd-cfb04bdfd0fc6c114e72a57e4c98cf38bd7ff605.tar.bz2
openbsd-cfb04bdfd0fc6c114e72a57e4c98cf38bd7ff605.zip
Oops, revert changes commited by mistake. The previous commit was supposed
to only apply to s23_srvr.c.
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/d1_both.c5
-rw-r--r--src/lib/libssl/d1_clnt.c8
-rw-r--r--src/lib/libssl/d1_pkt.c6
-rw-r--r--src/lib/libssl/s3_both.c21
-rw-r--r--src/lib/libssl/s3_lib.c6
-rw-r--r--src/lib/libssl/src/ssl/d1_both.c5
-rw-r--r--src/lib/libssl/src/ssl/d1_clnt.c8
-rw-r--r--src/lib/libssl/src/ssl/d1_pkt.c6
-rw-r--r--src/lib/libssl/src/ssl/s3_both.c21
-rw-r--r--src/lib/libssl/src/ssl/s3_enc.c6
-rw-r--r--src/lib/libssl/src/ssl/s3_lib.c6
-rw-r--r--src/lib/libssl/src/ssl/t1_enc.c7
-rw-r--r--src/lib/libssl/t1_enc.c7
13 files changed, 59 insertions, 53 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 2391d52994..aec6e272bf 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_both.c,v 1.25 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: d1_both.c,v 1.26 2014/08/07 20:02:23 miod Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -903,7 +903,6 @@ dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
903 903
904 i = s->method->ssl3_enc->final_finish_mac(s, sender, slen, 904 i = s->method->ssl3_enc->final_finish_mac(s, sender, slen,
905 s->s3->tmp.finish_md); 905 s->s3->tmp.finish_md);
906 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
907 s->s3->tmp.finish_md_len = i; 906 s->s3->tmp.finish_md_len = i;
908 memcpy(p, s->s3->tmp.finish_md, i); 907 memcpy(p, s->s3->tmp.finish_md, i);
909 p += i; 908 p += i;
@@ -914,10 +913,12 @@ dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
914 * renegotiation checks 913 * renegotiation checks
915 */ 914 */
916 if (s->type == SSL_ST_CONNECT) { 915 if (s->type == SSL_ST_CONNECT) {
916 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
917 memcpy(s->s3->previous_client_finished, 917 memcpy(s->s3->previous_client_finished,
918 s->s3->tmp.finish_md, i); 918 s->s3->tmp.finish_md, i);
919 s->s3->previous_client_finished_len = i; 919 s->s3->previous_client_finished_len = i;
920 } else { 920 } else {
921 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
921 memcpy(s->s3->previous_server_finished, 922 memcpy(s->s3->previous_server_finished,
922 s->s3->tmp.finish_md, i); 923 s->s3->tmp.finish_md, i);
923 s->s3->previous_server_finished_len = i; 924 s->s3->previous_server_finished_len = i;
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 165f9441f6..c9ec32173b 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_clnt.c,v 1.32 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: d1_clnt.c,v 1.33 2014/08/07 20:02:23 miod Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -778,9 +778,8 @@ dtls1_client_hello(SSL *s)
778 778
779 /* if client_random is initialized, reuse it, we are 779 /* if client_random is initialized, reuse it, we are
780 * required to use same upon reply to HelloVerify */ 780 * required to use same upon reply to HelloVerify */
781 for (i = 0; i < sizeof(s->s3->client_random); i++) 781 for (i = 0; p[i]=='\0' && i < sizeof(s->s3->client_random); i++)
782 if (p[i] != '\0') 782 ;
783 break;
784 if (i == sizeof(s->s3->client_random)) 783 if (i == sizeof(s->s3->client_random))
785 RAND_pseudo_bytes(p, sizeof(s->s3->client_random)); 784 RAND_pseudo_bytes(p, sizeof(s->s3->client_random));
786 785
@@ -1339,6 +1338,7 @@ dtls1_send_client_certificate(SSL *s)
1339 /* If we get an error, we need to 1338 /* If we get an error, we need to
1340 * ssl->rwstate=SSL_X509_LOOKUP; return(-1); 1339 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
1341 * We then get retied later */ 1340 * We then get retied later */
1341 i = 0;
1342 i = ssl_do_client_cert_cb(s, &x509, &pkey); 1342 i = ssl_do_client_cert_cb(s, &x509, &pkey);
1343 if (i < 0) { 1343 if (i < 0) {
1344 s->rwstate = SSL_X509_LOOKUP; 1344 s->rwstate = SSL_X509_LOOKUP;
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 5be89f0955..7b0d67bf15 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_pkt.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: d1_pkt.c,v 1.34 2014/08/07 20:02:23 miod Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -414,12 +414,10 @@ dtls1_process_record(SSL *s)
414 } 414 }
415 415
416 i = s->method->ssl3_enc->mac(s, md, 0 /* not send */); 416 i = s->method->ssl3_enc->mac(s, md, 0 /* not send */);
417 if (i < 0 || mac == NULL || 417 if (i < 0 || mac == NULL || timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
418 timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
419 enc_err = -1; 418 enc_err = -1;
420 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size) 419 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
421 enc_err = -1; 420 enc_err = -1;
422 OPENSSL_cleanse(&md, sizeof md);
423 } 421 }
424 422
425 if (enc_err < 0) { 423 if (enc_err < 0) {
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index afcaca3c43..6ba3d4bfce 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_both.c,v 1.27 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: s3_both.c,v 1.28 2014/08/07 20:02:23 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -161,7 +161,7 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
161 p = &(d[4]); 161 p = &(d[4]);
162 162
163 i = s->method->ssl3_enc->final_finish_mac(s, 163 i = s->method->ssl3_enc->final_finish_mac(s,
164 sender, slen, s->s3->tmp.finish_md); 164 sender, slen, s->s3->tmp.finish_md);
165 if (i == 0) 165 if (i == 0)
166 return 0; 166 return 0;
167 s->s3->tmp.finish_md_len = i; 167 s->s3->tmp.finish_md_len = i;
@@ -171,14 +171,15 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
171 171
172 /* Copy the finished so we can use it for 172 /* Copy the finished so we can use it for
173 renegotiation checks */ 173 renegotiation checks */
174 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
175 if (s->type == SSL_ST_CONNECT) { 174 if (s->type == SSL_ST_CONNECT) {
175 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
176 memcpy(s->s3->previous_client_finished, 176 memcpy(s->s3->previous_client_finished,
177 s->s3->tmp.finish_md, i); 177 s->s3->tmp.finish_md, i);
178 s->s3->previous_client_finished_len = i; 178 s->s3->previous_client_finished_len = i;
179 } else { 179 } else {
180 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
180 memcpy(s->s3->previous_server_finished, 181 memcpy(s->s3->previous_server_finished,
181 s->s3->tmp.finish_md, i); 182 s->s3->tmp.finish_md, i);
182 s->s3->previous_server_finished_len = i; 183 s->s3->previous_server_finished_len = i;
183 } 184 }
184 185
@@ -215,7 +216,7 @@ ssl3_take_mac(SSL *s)
215 } 216 }
216 217
217 s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, 218 s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
218 sender, slen, s->s3->tmp.peer_finish_md); 219 sender, slen, s->s3->tmp.peer_finish_md);
219} 220}
220#endif 221#endif
221 222
@@ -249,7 +250,7 @@ ssl3_get_finished(SSL *s, int a, int b)
249 p = (unsigned char *)s->init_msg; 250 p = (unsigned char *)s->init_msg;
250 i = s->s3->tmp.peer_finish_md_len; 251 i = s->s3->tmp.peer_finish_md_len;
251 252
252 if (i != n || i > EVP_MAX_MD_SIZE) { 253 if (i != n) {
253 al = SSL_AD_DECODE_ERROR; 254 al = SSL_AD_DECODE_ERROR;
254 SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH); 255 SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
255 goto f_err; 256 goto f_err;
@@ -264,12 +265,14 @@ ssl3_get_finished(SSL *s, int a, int b)
264 /* Copy the finished so we can use it for 265 /* Copy the finished so we can use it for
265 renegotiation checks */ 266 renegotiation checks */
266 if (s->type == SSL_ST_ACCEPT) { 267 if (s->type == SSL_ST_ACCEPT) {
268 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
267 memcpy(s->s3->previous_client_finished, 269 memcpy(s->s3->previous_client_finished,
268 s->s3->tmp.peer_finish_md, i); 270 s->s3->tmp.peer_finish_md, i);
269 s->s3->previous_client_finished_len = i; 271 s->s3->previous_client_finished_len = i;
270 } else { 272 } else {
273 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
271 memcpy(s->s3->previous_server_finished, 274 memcpy(s->s3->previous_server_finished,
272 s->s3->tmp.peer_finish_md, i); 275 s->s3->tmp.peer_finish_md, i);
273 s->s3->previous_server_finished_len = i; 276 s->s3->previous_server_finished_len = i;
274 } 277 }
275 278
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index aa091f51c7..4631c517cc 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.72 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.73 2014/08/07 20:02:23 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2333,7 +2333,7 @@ ssl3_new(SSL *s)
2333 SSL3_STATE *s3; 2333 SSL3_STATE *s3;
2334 2334
2335 if ((s3 = calloc(1, sizeof *s3)) == NULL) 2335 if ((s3 = calloc(1, sizeof *s3)) == NULL)
2336 return 0; 2336 goto err;
2337 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 2337 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
2338 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); 2338 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
2339 2339
@@ -2341,6 +2341,8 @@ ssl3_new(SSL *s)
2341 2341
2342 s->method->ssl_clear(s); 2342 s->method->ssl_clear(s);
2343 return (1); 2343 return (1);
2344err:
2345 return (0);
2344} 2346}
2345 2347
2346void 2348void
diff --git a/src/lib/libssl/src/ssl/d1_both.c b/src/lib/libssl/src/ssl/d1_both.c
index 2391d52994..aec6e272bf 100644
--- a/src/lib/libssl/src/ssl/d1_both.c
+++ b/src/lib/libssl/src/ssl/d1_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_both.c,v 1.25 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: d1_both.c,v 1.26 2014/08/07 20:02:23 miod Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -903,7 +903,6 @@ dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
903 903
904 i = s->method->ssl3_enc->final_finish_mac(s, sender, slen, 904 i = s->method->ssl3_enc->final_finish_mac(s, sender, slen,
905 s->s3->tmp.finish_md); 905 s->s3->tmp.finish_md);
906 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
907 s->s3->tmp.finish_md_len = i; 906 s->s3->tmp.finish_md_len = i;
908 memcpy(p, s->s3->tmp.finish_md, i); 907 memcpy(p, s->s3->tmp.finish_md, i);
909 p += i; 908 p += i;
@@ -914,10 +913,12 @@ dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
914 * renegotiation checks 913 * renegotiation checks
915 */ 914 */
916 if (s->type == SSL_ST_CONNECT) { 915 if (s->type == SSL_ST_CONNECT) {
916 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
917 memcpy(s->s3->previous_client_finished, 917 memcpy(s->s3->previous_client_finished,
918 s->s3->tmp.finish_md, i); 918 s->s3->tmp.finish_md, i);
919 s->s3->previous_client_finished_len = i; 919 s->s3->previous_client_finished_len = i;
920 } else { 920 } else {
921 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
921 memcpy(s->s3->previous_server_finished, 922 memcpy(s->s3->previous_server_finished,
922 s->s3->tmp.finish_md, i); 923 s->s3->tmp.finish_md, i);
923 s->s3->previous_server_finished_len = i; 924 s->s3->previous_server_finished_len = i;
diff --git a/src/lib/libssl/src/ssl/d1_clnt.c b/src/lib/libssl/src/ssl/d1_clnt.c
index 165f9441f6..c9ec32173b 100644
--- a/src/lib/libssl/src/ssl/d1_clnt.c
+++ b/src/lib/libssl/src/ssl/d1_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_clnt.c,v 1.32 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: d1_clnt.c,v 1.33 2014/08/07 20:02:23 miod Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -778,9 +778,8 @@ dtls1_client_hello(SSL *s)
778 778
779 /* if client_random is initialized, reuse it, we are 779 /* if client_random is initialized, reuse it, we are
780 * required to use same upon reply to HelloVerify */ 780 * required to use same upon reply to HelloVerify */
781 for (i = 0; i < sizeof(s->s3->client_random); i++) 781 for (i = 0; p[i]=='\0' && i < sizeof(s->s3->client_random); i++)
782 if (p[i] != '\0') 782 ;
783 break;
784 if (i == sizeof(s->s3->client_random)) 783 if (i == sizeof(s->s3->client_random))
785 RAND_pseudo_bytes(p, sizeof(s->s3->client_random)); 784 RAND_pseudo_bytes(p, sizeof(s->s3->client_random));
786 785
@@ -1339,6 +1338,7 @@ dtls1_send_client_certificate(SSL *s)
1339 /* If we get an error, we need to 1338 /* If we get an error, we need to
1340 * ssl->rwstate=SSL_X509_LOOKUP; return(-1); 1339 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
1341 * We then get retied later */ 1340 * We then get retied later */
1341 i = 0;
1342 i = ssl_do_client_cert_cb(s, &x509, &pkey); 1342 i = ssl_do_client_cert_cb(s, &x509, &pkey);
1343 if (i < 0) { 1343 if (i < 0) {
1344 s->rwstate = SSL_X509_LOOKUP; 1344 s->rwstate = SSL_X509_LOOKUP;
diff --git a/src/lib/libssl/src/ssl/d1_pkt.c b/src/lib/libssl/src/ssl/d1_pkt.c
index 5be89f0955..7b0d67bf15 100644
--- a/src/lib/libssl/src/ssl/d1_pkt.c
+++ b/src/lib/libssl/src/ssl/d1_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_pkt.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: d1_pkt.c,v 1.34 2014/08/07 20:02:23 miod Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -414,12 +414,10 @@ dtls1_process_record(SSL *s)
414 } 414 }
415 415
416 i = s->method->ssl3_enc->mac(s, md, 0 /* not send */); 416 i = s->method->ssl3_enc->mac(s, md, 0 /* not send */);
417 if (i < 0 || mac == NULL || 417 if (i < 0 || mac == NULL || timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
418 timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
419 enc_err = -1; 418 enc_err = -1;
420 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size) 419 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
421 enc_err = -1; 420 enc_err = -1;
422 OPENSSL_cleanse(&md, sizeof md);
423 } 421 }
424 422
425 if (enc_err < 0) { 423 if (enc_err < 0) {
diff --git a/src/lib/libssl/src/ssl/s3_both.c b/src/lib/libssl/src/ssl/s3_both.c
index afcaca3c43..6ba3d4bfce 100644
--- a/src/lib/libssl/src/ssl/s3_both.c
+++ b/src/lib/libssl/src/ssl/s3_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_both.c,v 1.27 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: s3_both.c,v 1.28 2014/08/07 20:02:23 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -161,7 +161,7 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
161 p = &(d[4]); 161 p = &(d[4]);
162 162
163 i = s->method->ssl3_enc->final_finish_mac(s, 163 i = s->method->ssl3_enc->final_finish_mac(s,
164 sender, slen, s->s3->tmp.finish_md); 164 sender, slen, s->s3->tmp.finish_md);
165 if (i == 0) 165 if (i == 0)
166 return 0; 166 return 0;
167 s->s3->tmp.finish_md_len = i; 167 s->s3->tmp.finish_md_len = i;
@@ -171,14 +171,15 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
171 171
172 /* Copy the finished so we can use it for 172 /* Copy the finished so we can use it for
173 renegotiation checks */ 173 renegotiation checks */
174 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
175 if (s->type == SSL_ST_CONNECT) { 174 if (s->type == SSL_ST_CONNECT) {
175 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
176 memcpy(s->s3->previous_client_finished, 176 memcpy(s->s3->previous_client_finished,
177 s->s3->tmp.finish_md, i); 177 s->s3->tmp.finish_md, i);
178 s->s3->previous_client_finished_len = i; 178 s->s3->previous_client_finished_len = i;
179 } else { 179 } else {
180 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
180 memcpy(s->s3->previous_server_finished, 181 memcpy(s->s3->previous_server_finished,
181 s->s3->tmp.finish_md, i); 182 s->s3->tmp.finish_md, i);
182 s->s3->previous_server_finished_len = i; 183 s->s3->previous_server_finished_len = i;
183 } 184 }
184 185
@@ -215,7 +216,7 @@ ssl3_take_mac(SSL *s)
215 } 216 }
216 217
217 s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, 218 s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
218 sender, slen, s->s3->tmp.peer_finish_md); 219 sender, slen, s->s3->tmp.peer_finish_md);
219} 220}
220#endif 221#endif
221 222
@@ -249,7 +250,7 @@ ssl3_get_finished(SSL *s, int a, int b)
249 p = (unsigned char *)s->init_msg; 250 p = (unsigned char *)s->init_msg;
250 i = s->s3->tmp.peer_finish_md_len; 251 i = s->s3->tmp.peer_finish_md_len;
251 252
252 if (i != n || i > EVP_MAX_MD_SIZE) { 253 if (i != n) {
253 al = SSL_AD_DECODE_ERROR; 254 al = SSL_AD_DECODE_ERROR;
254 SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH); 255 SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
255 goto f_err; 256 goto f_err;
@@ -264,12 +265,14 @@ ssl3_get_finished(SSL *s, int a, int b)
264 /* Copy the finished so we can use it for 265 /* Copy the finished so we can use it for
265 renegotiation checks */ 266 renegotiation checks */
266 if (s->type == SSL_ST_ACCEPT) { 267 if (s->type == SSL_ST_ACCEPT) {
268 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
267 memcpy(s->s3->previous_client_finished, 269 memcpy(s->s3->previous_client_finished,
268 s->s3->tmp.peer_finish_md, i); 270 s->s3->tmp.peer_finish_md, i);
269 s->s3->previous_client_finished_len = i; 271 s->s3->previous_client_finished_len = i;
270 } else { 272 } else {
273 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
271 memcpy(s->s3->previous_server_finished, 274 memcpy(s->s3->previous_server_finished,
272 s->s3->tmp.peer_finish_md, i); 275 s->s3->tmp.peer_finish_md, i);
273 s->s3->previous_server_finished_len = i; 276 s->s3->previous_server_finished_len = i;
274 } 277 }
275 278
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c
index 913a256f28..f268a2a265 100644
--- a/src/lib/libssl/src/ssl/s3_enc.c
+++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_enc.c,v 1.53 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: s3_enc.c,v 1.54 2014/08/07 20:02:23 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -607,7 +607,7 @@ ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len,
607 if (!EVP_MD_CTX_copy_ex(&ctx, d)) 607 if (!EVP_MD_CTX_copy_ex(&ctx, d))
608 return 0; 608 return 0;
609 n = EVP_MD_CTX_size(&ctx); 609 n = EVP_MD_CTX_size(&ctx);
610 if (n <= 0) 610 if (n < 0)
611 return 0; 611 return 0;
612 612
613 npad = (48 / n) * n; 613 npad = (48 / n) * n;
@@ -655,7 +655,7 @@ n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
655 } 655 }
656 656
657 t = EVP_MD_CTX_size(hash); 657 t = EVP_MD_CTX_size(hash);
658 if (t <= 0) 658 if (t < 0)
659 return -1; 659 return -1;
660 md_size = t; 660 md_size = t;
661 npad = (48 / md_size) * md_size; 661 npad = (48 / md_size) * md_size;
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index aa091f51c7..4631c517cc 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.72 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.73 2014/08/07 20:02:23 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2333,7 +2333,7 @@ ssl3_new(SSL *s)
2333 SSL3_STATE *s3; 2333 SSL3_STATE *s3;
2334 2334
2335 if ((s3 = calloc(1, sizeof *s3)) == NULL) 2335 if ((s3 = calloc(1, sizeof *s3)) == NULL)
2336 return 0; 2336 goto err;
2337 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 2337 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
2338 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); 2338 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
2339 2339
@@ -2341,6 +2341,8 @@ ssl3_new(SSL *s)
2341 2341
2342 s->method->ssl_clear(s); 2342 s->method->ssl_clear(s);
2343 return (1); 2343 return (1);
2344err:
2345 return (0);
2344} 2346}
2345 2347
2346void 2348void
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c
index bec8328269..6ad721bd8a 100644
--- a/src/lib/libssl/src/ssl/t1_enc.c
+++ b/src/lib/libssl/src/ssl/t1_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_enc.c,v 1.68 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: t1_enc.c,v 1.69 2014/08/07 20:02:23 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -319,7 +319,7 @@ tls1_aead_ctx_init(SSL_AEAD_CTX **aead_ctx)
319 319
320static int 320static int
321tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key, 321tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key,
322 unsigned int key_len, const unsigned char *iv, unsigned int iv_len) 322 unsigned key_len, const unsigned char *iv, unsigned iv_len)
323{ 323{
324 const EVP_AEAD *aead = s->s3->tmp.new_aead; 324 const EVP_AEAD *aead = s->s3->tmp.new_aead;
325 SSL_AEAD_CTX *aead_ctx; 325 SSL_AEAD_CTX *aead_ctx;
@@ -856,7 +856,6 @@ tls1_enc(SSL *s, int send)
856 rec->length += pad; 856 rec->length += pad;
857 } 857 }
858 } else if ((bs != 1) && send) { 858 } else if ((bs != 1) && send) {
859 /* XXX divide by zero if bs == 0 (should not happen) */
860 i = bs - ((int)l % bs); 859 i = bs - ((int)l % bs);
861 860
862 /* Add weird padding of upto 256 bytes */ 861 /* Add weird padding of upto 256 bytes */
@@ -1121,7 +1120,7 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1121 currentvalpos++; 1120 currentvalpos++;
1122 val[currentvalpos] = contextlen & 0xff; 1121 val[currentvalpos] = contextlen & 0xff;
1123 currentvalpos++; 1122 currentvalpos++;
1124 if (contextlen != 0 && context != NULL) { 1123 if ((contextlen > 0) || (context != NULL)) {
1125 memcpy(val + currentvalpos, context, contextlen); 1124 memcpy(val + currentvalpos, context, contextlen);
1126 } 1125 }
1127 } 1126 }
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index bec8328269..6ad721bd8a 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_enc.c,v 1.68 2014/08/07 19:46:31 miod Exp $ */ 1/* $OpenBSD: t1_enc.c,v 1.69 2014/08/07 20:02:23 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -319,7 +319,7 @@ tls1_aead_ctx_init(SSL_AEAD_CTX **aead_ctx)
319 319
320static int 320static int
321tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key, 321tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key,
322 unsigned int key_len, const unsigned char *iv, unsigned int iv_len) 322 unsigned key_len, const unsigned char *iv, unsigned iv_len)
323{ 323{
324 const EVP_AEAD *aead = s->s3->tmp.new_aead; 324 const EVP_AEAD *aead = s->s3->tmp.new_aead;
325 SSL_AEAD_CTX *aead_ctx; 325 SSL_AEAD_CTX *aead_ctx;
@@ -856,7 +856,6 @@ tls1_enc(SSL *s, int send)
856 rec->length += pad; 856 rec->length += pad;
857 } 857 }
858 } else if ((bs != 1) && send) { 858 } else if ((bs != 1) && send) {
859 /* XXX divide by zero if bs == 0 (should not happen) */
860 i = bs - ((int)l % bs); 859 i = bs - ((int)l % bs);
861 860
862 /* Add weird padding of upto 256 bytes */ 861 /* Add weird padding of upto 256 bytes */
@@ -1121,7 +1120,7 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1121 currentvalpos++; 1120 currentvalpos++;
1122 val[currentvalpos] = contextlen & 0xff; 1121 val[currentvalpos] = contextlen & 0xff;
1123 currentvalpos++; 1122 currentvalpos++;
1124 if (contextlen != 0 && context != NULL) { 1123 if ((contextlen > 0) || (context != NULL)) {
1125 memcpy(val + currentvalpos, context, contextlen); 1124 memcpy(val + currentvalpos, context, contextlen);
1126 } 1125 }
1127 } 1126 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-26 23:41:56 +0000