diff options
| author | jsing <> | 2018-11-08 20:26:45 +0000 |
|---|---|---|
| committer | jsing <> | 2018-11-08 20:26:45 +0000 |
| commit | b86f3c2d93eb7700d5516638d5374023390b256c (patch) | |
| tree | afba855729c2565be464917c7f34130c8d592ceb /src | |
| parent | 1eab3dd975d9eaf8a08418b8aad5d4ae781c0cea (diff) | |
| download | openbsd-b86f3c2d93eb7700d5516638d5374023390b256c.tar.gz openbsd-b86f3c2d93eb7700d5516638d5374023390b256c.tar.bz2 openbsd-b86f3c2d93eb7700d5516638d5374023390b256c.zip | |
Ensure the handshake transcript is cleaned up.
Add a check at the completion of the client/server handshake to ensure that
the handshake transcript has been freed. Fix the case where a server asks
the client for a certificate, but it does not have one, resulting in the
handshake transcript being left around post-handshake.
ok bcook@ tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 15 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 8 |
2 files changed, 20 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 77211b622b..8c3ec80060 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.34 2018/09/05 16:58:59 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.35 2018/11/08 20:26:45 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -583,6 +583,12 @@ ssl3_connect(SSL *s) | |||
| 583 | /* clean a few things up */ | 583 | /* clean a few things up */ |
| 584 | tls1_cleanup_key_block(s); | 584 | tls1_cleanup_key_block(s); |
| 585 | 585 | ||
| 586 | if (S3I(s)->handshake_buffer != NULL) { | ||
| 587 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 588 | ret = -1; | ||
| 589 | goto end; | ||
| 590 | } | ||
| 591 | |||
| 586 | if (!SSL_IS_DTLS(s)) { | 592 | if (!SSL_IS_DTLS(s)) { |
| 587 | BUF_MEM_free(s->internal->init_buf); | 593 | BUF_MEM_free(s->internal->init_buf); |
| 588 | s->internal->init_buf = NULL; | 594 | s->internal->init_buf = NULL; |
| @@ -2553,9 +2559,14 @@ ssl3_send_client_certificate(SSL *s) | |||
| 2553 | 2559 | ||
| 2554 | X509_free(x509); | 2560 | X509_free(x509); |
| 2555 | EVP_PKEY_free(pkey); | 2561 | EVP_PKEY_free(pkey); |
| 2556 | if (i == 0) | 2562 | if (i == 0) { |
| 2557 | S3I(s)->tmp.cert_req = 2; | 2563 | S3I(s)->tmp.cert_req = 2; |
| 2558 | 2564 | ||
| 2565 | /* There is no client certificate to verify. */ | ||
| 2566 | if (!tls1_digest_cached_records(s)) | ||
| 2567 | goto err; | ||
| 2568 | } | ||
| 2569 | |||
| 2559 | /* Ok, we have a cert */ | 2570 | /* Ok, we have a cert */ |
| 2560 | S3I(s)->hs.state = SSL3_ST_CW_CERT_C; | 2571 | S3I(s)->hs.state = SSL3_ST_CW_CERT_C; |
| 2561 | } | 2572 | } |
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index e046438cc0..f077140b90 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.48 2018/08/27 17:04:34 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.49 2018/11/08 20:26:45 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -707,6 +707,12 @@ ssl3_accept(SSL *s) | |||
| 707 | /* clean a few things up */ | 707 | /* clean a few things up */ |
| 708 | tls1_cleanup_key_block(s); | 708 | tls1_cleanup_key_block(s); |
| 709 | 709 | ||
| 710 | if (S3I(s)->handshake_buffer != NULL) { | ||
| 711 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 712 | ret = -1; | ||
| 713 | goto end; | ||
| 714 | } | ||
| 715 | |||
| 710 | if (!SSL_IS_DTLS(s)) { | 716 | if (!SSL_IS_DTLS(s)) { |
| 711 | BUF_MEM_free(s->internal->init_buf); | 717 | BUF_MEM_free(s->internal->init_buf); |
| 712 | s->internal->init_buf = NULL; | 718 | s->internal->init_buf = NULL; |