diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 34 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_clnt.c | 34 | 
2 files changed, 18 insertions, 50 deletions
| diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 49efb26277..1b94200f14 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.95 2014/11/19 05:51:25 doug Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.96 2014/11/27 16:13:36 jsing Exp $ */ | 
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 
| 3 | * All rights reserved. | 3 | * All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -1964,18 +1964,18 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 1964 | 1964 | ||
| 1965 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; | 1965 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; | 
| 1966 | 1966 | ||
| 1967 | if (s->session->sess_cert == NULL) { | ||
| 1968 | ssl3_send_alert(s, SSL3_AL_FATAL, | ||
| 1969 | SSL_AD_UNEXPECTED_MESSAGE); | ||
| 1970 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, | ||
| 1971 | ERR_R_INTERNAL_ERROR); | ||
| 1972 | goto err; | ||
| 1973 | } | ||
| 1974 | |||
| 1967 | if (alg_k & SSL_kRSA) { | 1975 | if (alg_k & SSL_kRSA) { | 
| 1968 | RSA *rsa; | 1976 | RSA *rsa; | 
| 1969 | unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; | 1977 | unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; | 
| 1970 | 1978 | ||
| 1971 | if (s->session->sess_cert == NULL) { | ||
| 1972 | /* We should always have a server | ||
| 1973 | * certificate with SSL_kRSA. */ | ||
| 1974 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, | ||
| 1975 | ERR_R_INTERNAL_ERROR); | ||
| 1976 | goto err; | ||
| 1977 | } | ||
| 1978 | |||
| 1979 | if (s->session->sess_cert->peer_rsa_tmp != NULL) | 1979 | if (s->session->sess_cert->peer_rsa_tmp != NULL) | 
| 1980 | rsa = s->session->sess_cert->peer_rsa_tmp; | 1980 | rsa = s->session->sess_cert->peer_rsa_tmp; | 
| 1981 | else { | 1981 | else { | 
| @@ -2026,14 +2026,6 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2026 | } else if (alg_k & SSL_kDHE) { | 2026 | } else if (alg_k & SSL_kDHE) { | 
| 2027 | DH *dh_srvr, *dh_clnt; | 2027 | DH *dh_srvr, *dh_clnt; | 
| 2028 | 2028 | ||
| 2029 | if (s->session->sess_cert == NULL) { | ||
| 2030 | ssl3_send_alert(s, SSL3_AL_FATAL, | ||
| 2031 | SSL_AD_UNEXPECTED_MESSAGE); | ||
| 2032 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, | ||
| 2033 | SSL_R_UNEXPECTED_MESSAGE); | ||
| 2034 | goto err; | ||
| 2035 | } | ||
| 2036 | |||
| 2037 | if (s->session->sess_cert->peer_dh_tmp != NULL) | 2029 | if (s->session->sess_cert->peer_dh_tmp != NULL) | 
| 2038 | dh_srvr = s->session->sess_cert->peer_dh_tmp; | 2030 | dh_srvr = s->session->sess_cert->peer_dh_tmp; | 
| 2039 | else { | 2031 | else { | 
| @@ -2093,14 +2085,6 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2093 | int ecdh_clnt_cert = 0; | 2085 | int ecdh_clnt_cert = 0; | 
| 2094 | int field_size = 0; | 2086 | int field_size = 0; | 
| 2095 | 2087 | ||
| 2096 | if (s->session->sess_cert == NULL) { | ||
| 2097 | ssl3_send_alert(s, SSL3_AL_FATAL, | ||
| 2098 | SSL_AD_UNEXPECTED_MESSAGE); | ||
| 2099 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, | ||
| 2100 | SSL_R_UNEXPECTED_MESSAGE); | ||
| 2101 | goto err; | ||
| 2102 | } | ||
| 2103 | |||
| 2104 | /* | 2088 | /* | 
| 2105 | * Did we send out the client's ECDH share for use | 2089 | * Did we send out the client's ECDH share for use | 
| 2106 | * in premaster computation as part of client | 2090 | * in premaster computation as part of client | 
| diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index 49efb26277..1b94200f14 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.95 2014/11/19 05:51:25 doug Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.96 2014/11/27 16:13:36 jsing Exp $ */ | 
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 
| 3 | * All rights reserved. | 3 | * All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -1964,18 +1964,18 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 1964 | 1964 | ||
| 1965 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; | 1965 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; | 
| 1966 | 1966 | ||
| 1967 | if (s->session->sess_cert == NULL) { | ||
| 1968 | ssl3_send_alert(s, SSL3_AL_FATAL, | ||
| 1969 | SSL_AD_UNEXPECTED_MESSAGE); | ||
| 1970 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, | ||
| 1971 | ERR_R_INTERNAL_ERROR); | ||
| 1972 | goto err; | ||
| 1973 | } | ||
| 1974 | |||
| 1967 | if (alg_k & SSL_kRSA) { | 1975 | if (alg_k & SSL_kRSA) { | 
| 1968 | RSA *rsa; | 1976 | RSA *rsa; | 
| 1969 | unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; | 1977 | unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; | 
| 1970 | 1978 | ||
| 1971 | if (s->session->sess_cert == NULL) { | ||
| 1972 | /* We should always have a server | ||
| 1973 | * certificate with SSL_kRSA. */ | ||
| 1974 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, | ||
| 1975 | ERR_R_INTERNAL_ERROR); | ||
| 1976 | goto err; | ||
| 1977 | } | ||
| 1978 | |||
| 1979 | if (s->session->sess_cert->peer_rsa_tmp != NULL) | 1979 | if (s->session->sess_cert->peer_rsa_tmp != NULL) | 
| 1980 | rsa = s->session->sess_cert->peer_rsa_tmp; | 1980 | rsa = s->session->sess_cert->peer_rsa_tmp; | 
| 1981 | else { | 1981 | else { | 
| @@ -2026,14 +2026,6 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2026 | } else if (alg_k & SSL_kDHE) { | 2026 | } else if (alg_k & SSL_kDHE) { | 
| 2027 | DH *dh_srvr, *dh_clnt; | 2027 | DH *dh_srvr, *dh_clnt; | 
| 2028 | 2028 | ||
| 2029 | if (s->session->sess_cert == NULL) { | ||
| 2030 | ssl3_send_alert(s, SSL3_AL_FATAL, | ||
| 2031 | SSL_AD_UNEXPECTED_MESSAGE); | ||
| 2032 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, | ||
| 2033 | SSL_R_UNEXPECTED_MESSAGE); | ||
| 2034 | goto err; | ||
| 2035 | } | ||
| 2036 | |||
| 2037 | if (s->session->sess_cert->peer_dh_tmp != NULL) | 2029 | if (s->session->sess_cert->peer_dh_tmp != NULL) | 
| 2038 | dh_srvr = s->session->sess_cert->peer_dh_tmp; | 2030 | dh_srvr = s->session->sess_cert->peer_dh_tmp; | 
| 2039 | else { | 2031 | else { | 
| @@ -2093,14 +2085,6 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2093 | int ecdh_clnt_cert = 0; | 2085 | int ecdh_clnt_cert = 0; | 
| 2094 | int field_size = 0; | 2086 | int field_size = 0; | 
| 2095 | 2087 | ||
| 2096 | if (s->session->sess_cert == NULL) { | ||
| 2097 | ssl3_send_alert(s, SSL3_AL_FATAL, | ||
| 2098 | SSL_AD_UNEXPECTED_MESSAGE); | ||
| 2099 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, | ||
| 2100 | SSL_R_UNEXPECTED_MESSAGE); | ||
| 2101 | goto err; | ||
| 2102 | } | ||
| 2103 | |||
| 2104 | /* | 2088 | /* | 
| 2105 | * Did we send out the client's ECDH share for use | 2089 | * Did we send out the client's ECDH share for use | 
| 2106 | * in premaster computation as part of client | 2090 | * in premaster computation as part of client | 
