summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/s3_clnt.c81
-rw-r--r--src/lib/libssl/src/ssl/s3_clnt.c81
2 files changed, 64 insertions, 98 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index 2c3ce60fb3..66fb26345e 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -826,9 +826,8 @@ ssl3_get_server_hello(SSL *s)
826 if (s->d1->send_cookie == 0) { 826 if (s->d1->send_cookie == 0) {
827 s->s3->tmp.reuse_message = 1; 827 s->s3->tmp.reuse_message = 1;
828 return (1); 828 return (1);
829 } 829 } else {
830 else /* already sent a cookie */ 830 /* Already sent a cookie. */
831 {
832 al = SSL_AD_UNEXPECTED_MESSAGE; 831 al = SSL_AD_UNEXPECTED_MESSAGE;
833 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, 832 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
834 SSL_R_BAD_MESSAGE_TYPE); 833 SSL_R_BAD_MESSAGE_TYPE);
@@ -844,12 +843,11 @@ ssl3_get_server_hello(SSL *s)
844 goto f_err; 843 goto f_err;
845 } 844 }
846 845
847 d = p=(unsigned char *)s->init_msg; 846 d = p = (unsigned char *)s->init_msg;
848 847
849 if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) { 848 if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) {
850 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, 849 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
851 SSL_R_WRONG_SSL_VERSION); 850 s->version = (s->version&0xff00) | p[1];
852 s->version = (s->version&0xff00)|p[1];
853 al = SSL_AD_PROTOCOL_VERSION; 851 al = SSL_AD_PROTOCOL_VERSION;
854 goto f_err; 852 goto f_err;
855 } 853 }
@@ -898,7 +896,8 @@ ssl3_get_server_hello(SSL *s)
898 goto f_err; 896 goto f_err;
899 } 897 }
900 s->hit = 1; 898 s->hit = 1;
901 } else { /* a miss or crap from the other end */ 899 } else {
900 /* a miss or crap from the other end */
902 901
903 /* If we were trying for session-id reuse, make a new 902 /* If we were trying for session-id reuse, make a new
904 * SSL_SESSION so we don't stuff up other people */ 903 * SSL_SESSION so we don't stuff up other people */
@@ -1124,8 +1123,7 @@ ssl3_get_server_certificate(SSL *s)
1124 } 1123 }
1125 1124
1126 i = ssl_verify_cert_chain(s, sk); 1125 i = ssl_verify_cert_chain(s, sk);
1127 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0) 1126 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
1128 ) {
1129 al = ssl_verify_alarm_type(s->verify_result); 1127 al = ssl_verify_alarm_type(s->verify_result);
1130 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, 1128 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
1131 SSL_R_CERTIFICATE_VERIFY_FAILED); 1129 SSL_R_CERTIFICATE_VERIFY_FAILED);
@@ -1738,7 +1736,7 @@ ssl3_get_certificate_request(SSL *s)
1738 } 1736 }
1739 } 1737 }
1740 1738
1741 p = d=(unsigned char *)s->init_msg; 1739 p = d = (unsigned char *)s->init_msg;
1742 1740
1743 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) { 1741 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
1744 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, 1742 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
@@ -2008,8 +2006,7 @@ ssl3_get_server_done(SSL *s)
2008 if (n > 0) { 2006 if (n > 0) {
2009 /* should contain no data */ 2007 /* should contain no data */
2010 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 2008 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
2011 SSLerr(SSL_F_SSL3_GET_SERVER_DONE, 2009 SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
2012 SSL_R_LENGTH_MISMATCH);
2013 return (-1); 2010 return (-1);
2014 } 2011 }
2015 ret = 1; 2012 ret = 1;
@@ -2089,8 +2086,7 @@ ssl3_send_client_key_exchange(SSL *s)
2089 s->method->ssl3_enc->generate_master_secret( 2086 s->method->ssl3_enc->generate_master_secret(
2090 s, s->session->master_key, tmp_buf, sizeof tmp_buf); 2087 s, s->session->master_key, tmp_buf, sizeof tmp_buf);
2091 OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); 2088 OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
2092 } 2089 } else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {
2093 else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {
2094 DH *dh_srvr, *dh_clnt; 2090 DH *dh_srvr, *dh_clnt;
2095 2091
2096 if (s->session->sess_cert == NULL) { 2092 if (s->session->sess_cert == NULL) {
@@ -2154,9 +2150,7 @@ ssl3_send_client_key_exchange(SSL *s)
2154 DH_free(dh_clnt); 2150 DH_free(dh_clnt);
2155 2151
2156 /* perhaps clean things up a bit EAY EAY EAY EAY*/ 2152 /* perhaps clean things up a bit EAY EAY EAY EAY*/
2157 } 2153 } else if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) {
2158
2159 else if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) {
2160 const EC_GROUP *srvr_group = NULL; 2154 const EC_GROUP *srvr_group = NULL;
2161 EC_KEY *tkey; 2155 EC_KEY *tkey;
2162 int ecdh_clnt_cert = 0; 2156 int ecdh_clnt_cert = 0;
@@ -2334,8 +2328,7 @@ ssl3_send_client_key_exchange(SSL *s)
2334 if (clnt_ecdh != NULL) 2328 if (clnt_ecdh != NULL)
2335 EC_KEY_free(clnt_ecdh); 2329 EC_KEY_free(clnt_ecdh);
2336 EVP_PKEY_free(srvr_pub_pkey); 2330 EVP_PKEY_free(srvr_pub_pkey);
2337 } 2331 } else if (alg_k & SSL_kGOST) {
2338 else if (alg_k & SSL_kGOST) {
2339 /* GOST key exchange message creation */ 2332 /* GOST key exchange message creation */
2340 EVP_PKEY_CTX *pkey_ctx; 2333 EVP_PKEY_CTX *pkey_ctx;
2341 X509 *peer_cert; 2334 X509 *peer_cert;
@@ -2354,7 +2347,7 @@ ssl3_send_client_key_exchange(SSL *s)
2354 if (!peer_cert) 2347 if (!peer_cert)
2355 peer_cert = s->session->sess_cert->peer_pkeys[ 2348 peer_cert = s->session->sess_cert->peer_pkeys[
2356 (keytype = SSL_PKEY_GOST94)].x509; 2349 (keytype = SSL_PKEY_GOST94)].x509;
2357 if (!peer_cert) { 2350 if (!peer_cert) {
2358 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, 2351 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2359 SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); 2352 SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
2360 goto err; 2353 goto err;
@@ -2610,8 +2603,7 @@ ssl3_send_client_verify(SSL *s)
2610 n = u + 4; 2603 n = u + 4;
2611 if (!ssl3_digest_cached_records(s)) 2604 if (!ssl3_digest_cached_records(s))
2612 goto err; 2605 goto err;
2613 } else 2606 } else if (pkey->type == EVP_PKEY_RSA) {
2614 if (pkey->type == EVP_PKEY_RSA) {
2615 s->method->ssl3_enc->cert_verify_mac( 2607 s->method->ssl3_enc->cert_verify_mac(
2616 s, NID_md5, &(data[0])); 2608 s, NID_md5, &(data[0]));
2617 if (RSA_sign(NID_md5_sha1, data, 2609 if (RSA_sign(NID_md5_sha1, data,
@@ -2623,8 +2615,7 @@ ssl3_send_client_verify(SSL *s)
2623 } 2615 }
2624 s2n(u, p); 2616 s2n(u, p);
2625 n = u + 2; 2617 n = u + 2;
2626 } else 2618 } else if (pkey->type == EVP_PKEY_DSA) {
2627 if (pkey->type == EVP_PKEY_DSA) {
2628 if (!DSA_sign(pkey->save_type, 2619 if (!DSA_sign(pkey->save_type,
2629 &(data[MD5_DIGEST_LENGTH]), 2620 &(data[MD5_DIGEST_LENGTH]),
2630 SHA_DIGEST_LENGTH, &(p[2]), 2621 SHA_DIGEST_LENGTH, &(p[2]),
@@ -2635,8 +2626,7 @@ ssl3_send_client_verify(SSL *s)
2635 } 2626 }
2636 s2n(j, p); 2627 s2n(j, p);
2637 n = j + 2; 2628 n = j + 2;
2638 } else 2629 } else if (pkey->type == EVP_PKEY_EC) {
2639 if (pkey->type == EVP_PKEY_EC) {
2640 if (!ECDSA_sign(pkey->save_type, 2630 if (!ECDSA_sign(pkey->save_type,
2641 &(data[MD5_DIGEST_LENGTH]), 2631 &(data[MD5_DIGEST_LENGTH]),
2642 SHA_DIGEST_LENGTH, &(p[2]), 2632 SHA_DIGEST_LENGTH, &(p[2]),
@@ -2647,8 +2637,7 @@ ssl3_send_client_verify(SSL *s)
2647 } 2637 }
2648 s2n(j, p); 2638 s2n(j, p);
2649 n = j + 2; 2639 n = j + 2;
2650 } else 2640 } else if (pkey->type == NID_id_GostR3410_94 ||
2651 if (pkey->type == NID_id_GostR3410_94 ||
2652 pkey->type == NID_id_GostR3410_2001) { 2641 pkey->type == NID_id_GostR3410_2001) {
2653 unsigned char signbuf[64]; 2642 unsigned char signbuf[64];
2654 int i; 2643 int i;
@@ -2791,8 +2780,8 @@ ssl3_check_cert_and_algorithm(SSL *s)
2791 idx = sc->peer_cert_type; 2780 idx = sc->peer_cert_type;
2792 if (idx == SSL_PKEY_ECC) { 2781 if (idx == SSL_PKEY_ECC) {
2793 if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, 2782 if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
2794 s) == 0) 2783 s) == 0) {
2795 { /* check failed */ 2784 /* check failed */
2796 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2785 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2797 SSL_R_BAD_ECC_CERT); 2786 SSL_R_BAD_ECC_CERT);
2798 goto f_err; 2787 goto f_err;
@@ -2804,14 +2793,13 @@ ssl3_check_cert_and_algorithm(SSL *s)
2804 i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey); 2793 i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
2805 EVP_PKEY_free(pkey); 2794 EVP_PKEY_free(pkey);
2806 2795
2807
2808 /* Check that we have a certificate if we require one */ 2796 /* Check that we have a certificate if we require one */
2809 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) { 2797 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) {
2810 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2798 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2811 SSL_R_MISSING_RSA_SIGNING_CERT); 2799 SSL_R_MISSING_RSA_SIGNING_CERT);
2812 goto f_err; 2800 goto f_err;
2813 } 2801 } else if ((alg_a & SSL_aDSS) &&
2814 else if ((alg_a & SSL_aDSS) && !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) { 2802 !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) {
2815 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2803 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2816 SSL_R_MISSING_DSA_SIGNING_CERT); 2804 SSL_R_MISSING_DSA_SIGNING_CERT);
2817 goto f_err; 2805 goto f_err;
@@ -2831,8 +2819,7 @@ ssl3_check_cert_and_algorithm(SSL *s)
2831 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2819 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2832 SSL_R_MISSING_DH_RSA_CERT); 2820 SSL_R_MISSING_DH_RSA_CERT);
2833 goto f_err; 2821 goto f_err;
2834 } 2822 } else if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH|EVP_PKS_DSA)) {
2835 else if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH|EVP_PKS_DSA)) {
2836 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2823 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2837 SSL_R_MISSING_DH_DSA_CERT); 2824 SSL_R_MISSING_DH_DSA_CERT);
2838 goto f_err; 2825 goto f_err;
@@ -2847,22 +2834,18 @@ ssl3_check_cert_and_algorithm(SSL *s)
2847 SSL_R_MISSING_EXPORT_TMP_RSA_KEY); 2834 SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
2848 goto f_err; 2835 goto f_err;
2849 } 2836 }
2850 } else 2837 } else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {
2851 if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) { 2838 if (dh == NULL || DH_size(dh) * 8 >
2852 if (dh == NULL || DH_size(dh) * 8 > 2839 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
2853 SSL_C_EXPORT_PKEYLENGTH(
2854 s->s3->tmp.new_cipher)) {
2855 SSLerr(
2856 SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2857 SSL_R_MISSING_EXPORT_TMP_DH_KEY);
2858 goto f_err;
2859 }
2860 } else
2861 {
2862 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2840 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2863 SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); 2841 SSL_R_MISSING_EXPORT_TMP_DH_KEY);
2864 goto f_err; 2842 goto f_err;
2865 } 2843 }
2844 } else {
2845 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2846 SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
2847 goto f_err;
2848 }
2866 } 2849 }
2867 return (1); 2850 return (1);
2868f_err: 2851f_err:
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index 2c3ce60fb3..66fb26345e 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -826,9 +826,8 @@ ssl3_get_server_hello(SSL *s)
826 if (s->d1->send_cookie == 0) { 826 if (s->d1->send_cookie == 0) {
827 s->s3->tmp.reuse_message = 1; 827 s->s3->tmp.reuse_message = 1;
828 return (1); 828 return (1);
829 } 829 } else {
830 else /* already sent a cookie */ 830 /* Already sent a cookie. */
831 {
832 al = SSL_AD_UNEXPECTED_MESSAGE; 831 al = SSL_AD_UNEXPECTED_MESSAGE;
833 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, 832 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
834 SSL_R_BAD_MESSAGE_TYPE); 833 SSL_R_BAD_MESSAGE_TYPE);
@@ -844,12 +843,11 @@ ssl3_get_server_hello(SSL *s)
844 goto f_err; 843 goto f_err;
845 } 844 }
846 845
847 d = p=(unsigned char *)s->init_msg; 846 d = p = (unsigned char *)s->init_msg;
848 847
849 if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) { 848 if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) {
850 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, 849 SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
851 SSL_R_WRONG_SSL_VERSION); 850 s->version = (s->version&0xff00) | p[1];
852 s->version = (s->version&0xff00)|p[1];
853 al = SSL_AD_PROTOCOL_VERSION; 851 al = SSL_AD_PROTOCOL_VERSION;
854 goto f_err; 852 goto f_err;
855 } 853 }
@@ -898,7 +896,8 @@ ssl3_get_server_hello(SSL *s)
898 goto f_err; 896 goto f_err;
899 } 897 }
900 s->hit = 1; 898 s->hit = 1;
901 } else { /* a miss or crap from the other end */ 899 } else {
900 /* a miss or crap from the other end */
902 901
903 /* If we were trying for session-id reuse, make a new 902 /* If we were trying for session-id reuse, make a new
904 * SSL_SESSION so we don't stuff up other people */ 903 * SSL_SESSION so we don't stuff up other people */
@@ -1124,8 +1123,7 @@ ssl3_get_server_certificate(SSL *s)
1124 } 1123 }
1125 1124
1126 i = ssl_verify_cert_chain(s, sk); 1125 i = ssl_verify_cert_chain(s, sk);
1127 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0) 1126 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
1128 ) {
1129 al = ssl_verify_alarm_type(s->verify_result); 1127 al = ssl_verify_alarm_type(s->verify_result);
1130 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, 1128 SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
1131 SSL_R_CERTIFICATE_VERIFY_FAILED); 1129 SSL_R_CERTIFICATE_VERIFY_FAILED);
@@ -1738,7 +1736,7 @@ ssl3_get_certificate_request(SSL *s)
1738 } 1736 }
1739 } 1737 }
1740 1738
1741 p = d=(unsigned char *)s->init_msg; 1739 p = d = (unsigned char *)s->init_msg;
1742 1740
1743 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) { 1741 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
1744 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, 1742 SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
@@ -2008,8 +2006,7 @@ ssl3_get_server_done(SSL *s)
2008 if (n > 0) { 2006 if (n > 0) {
2009 /* should contain no data */ 2007 /* should contain no data */
2010 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 2008 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
2011 SSLerr(SSL_F_SSL3_GET_SERVER_DONE, 2009 SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
2012 SSL_R_LENGTH_MISMATCH);
2013 return (-1); 2010 return (-1);
2014 } 2011 }
2015 ret = 1; 2012 ret = 1;
@@ -2089,8 +2086,7 @@ ssl3_send_client_key_exchange(SSL *s)
2089 s->method->ssl3_enc->generate_master_secret( 2086 s->method->ssl3_enc->generate_master_secret(
2090 s, s->session->master_key, tmp_buf, sizeof tmp_buf); 2087 s, s->session->master_key, tmp_buf, sizeof tmp_buf);
2091 OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); 2088 OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
2092 } 2089 } else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {
2093 else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {
2094 DH *dh_srvr, *dh_clnt; 2090 DH *dh_srvr, *dh_clnt;
2095 2091
2096 if (s->session->sess_cert == NULL) { 2092 if (s->session->sess_cert == NULL) {
@@ -2154,9 +2150,7 @@ ssl3_send_client_key_exchange(SSL *s)
2154 DH_free(dh_clnt); 2150 DH_free(dh_clnt);
2155 2151
2156 /* perhaps clean things up a bit EAY EAY EAY EAY*/ 2152 /* perhaps clean things up a bit EAY EAY EAY EAY*/
2157 } 2153 } else if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) {
2158
2159 else if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) {
2160 const EC_GROUP *srvr_group = NULL; 2154 const EC_GROUP *srvr_group = NULL;
2161 EC_KEY *tkey; 2155 EC_KEY *tkey;
2162 int ecdh_clnt_cert = 0; 2156 int ecdh_clnt_cert = 0;
@@ -2334,8 +2328,7 @@ ssl3_send_client_key_exchange(SSL *s)
2334 if (clnt_ecdh != NULL) 2328 if (clnt_ecdh != NULL)
2335 EC_KEY_free(clnt_ecdh); 2329 EC_KEY_free(clnt_ecdh);
2336 EVP_PKEY_free(srvr_pub_pkey); 2330 EVP_PKEY_free(srvr_pub_pkey);
2337 } 2331 } else if (alg_k & SSL_kGOST) {
2338 else if (alg_k & SSL_kGOST) {
2339 /* GOST key exchange message creation */ 2332 /* GOST key exchange message creation */
2340 EVP_PKEY_CTX *pkey_ctx; 2333 EVP_PKEY_CTX *pkey_ctx;
2341 X509 *peer_cert; 2334 X509 *peer_cert;
@@ -2354,7 +2347,7 @@ ssl3_send_client_key_exchange(SSL *s)
2354 if (!peer_cert) 2347 if (!peer_cert)
2355 peer_cert = s->session->sess_cert->peer_pkeys[ 2348 peer_cert = s->session->sess_cert->peer_pkeys[
2356 (keytype = SSL_PKEY_GOST94)].x509; 2349 (keytype = SSL_PKEY_GOST94)].x509;
2357 if (!peer_cert) { 2350 if (!peer_cert) {
2358 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, 2351 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2359 SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); 2352 SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
2360 goto err; 2353 goto err;
@@ -2610,8 +2603,7 @@ ssl3_send_client_verify(SSL *s)
2610 n = u + 4; 2603 n = u + 4;
2611 if (!ssl3_digest_cached_records(s)) 2604 if (!ssl3_digest_cached_records(s))
2612 goto err; 2605 goto err;
2613 } else 2606 } else if (pkey->type == EVP_PKEY_RSA) {
2614 if (pkey->type == EVP_PKEY_RSA) {
2615 s->method->ssl3_enc->cert_verify_mac( 2607 s->method->ssl3_enc->cert_verify_mac(
2616 s, NID_md5, &(data[0])); 2608 s, NID_md5, &(data[0]));
2617 if (RSA_sign(NID_md5_sha1, data, 2609 if (RSA_sign(NID_md5_sha1, data,
@@ -2623,8 +2615,7 @@ ssl3_send_client_verify(SSL *s)
2623 } 2615 }
2624 s2n(u, p); 2616 s2n(u, p);
2625 n = u + 2; 2617 n = u + 2;
2626 } else 2618 } else if (pkey->type == EVP_PKEY_DSA) {
2627 if (pkey->type == EVP_PKEY_DSA) {
2628 if (!DSA_sign(pkey->save_type, 2619 if (!DSA_sign(pkey->save_type,
2629 &(data[MD5_DIGEST_LENGTH]), 2620 &(data[MD5_DIGEST_LENGTH]),
2630 SHA_DIGEST_LENGTH, &(p[2]), 2621 SHA_DIGEST_LENGTH, &(p[2]),
@@ -2635,8 +2626,7 @@ ssl3_send_client_verify(SSL *s)
2635 } 2626 }
2636 s2n(j, p); 2627 s2n(j, p);
2637 n = j + 2; 2628 n = j + 2;
2638 } else 2629 } else if (pkey->type == EVP_PKEY_EC) {
2639 if (pkey->type == EVP_PKEY_EC) {
2640 if (!ECDSA_sign(pkey->save_type, 2630 if (!ECDSA_sign(pkey->save_type,
2641 &(data[MD5_DIGEST_LENGTH]), 2631 &(data[MD5_DIGEST_LENGTH]),
2642 SHA_DIGEST_LENGTH, &(p[2]), 2632 SHA_DIGEST_LENGTH, &(p[2]),
@@ -2647,8 +2637,7 @@ ssl3_send_client_verify(SSL *s)
2647 } 2637 }
2648 s2n(j, p); 2638 s2n(j, p);
2649 n = j + 2; 2639 n = j + 2;
2650 } else 2640 } else if (pkey->type == NID_id_GostR3410_94 ||
2651 if (pkey->type == NID_id_GostR3410_94 ||
2652 pkey->type == NID_id_GostR3410_2001) { 2641 pkey->type == NID_id_GostR3410_2001) {
2653 unsigned char signbuf[64]; 2642 unsigned char signbuf[64];
2654 int i; 2643 int i;
@@ -2791,8 +2780,8 @@ ssl3_check_cert_and_algorithm(SSL *s)
2791 idx = sc->peer_cert_type; 2780 idx = sc->peer_cert_type;
2792 if (idx == SSL_PKEY_ECC) { 2781 if (idx == SSL_PKEY_ECC) {
2793 if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, 2782 if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
2794 s) == 0) 2783 s) == 0) {
2795 { /* check failed */ 2784 /* check failed */
2796 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2785 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2797 SSL_R_BAD_ECC_CERT); 2786 SSL_R_BAD_ECC_CERT);
2798 goto f_err; 2787 goto f_err;
@@ -2804,14 +2793,13 @@ ssl3_check_cert_and_algorithm(SSL *s)
2804 i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey); 2793 i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
2805 EVP_PKEY_free(pkey); 2794 EVP_PKEY_free(pkey);
2806 2795
2807
2808 /* Check that we have a certificate if we require one */ 2796 /* Check that we have a certificate if we require one */
2809 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) { 2797 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) {
2810 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2798 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2811 SSL_R_MISSING_RSA_SIGNING_CERT); 2799 SSL_R_MISSING_RSA_SIGNING_CERT);
2812 goto f_err; 2800 goto f_err;
2813 } 2801 } else if ((alg_a & SSL_aDSS) &&
2814 else if ((alg_a & SSL_aDSS) && !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) { 2802 !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) {
2815 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2803 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2816 SSL_R_MISSING_DSA_SIGNING_CERT); 2804 SSL_R_MISSING_DSA_SIGNING_CERT);
2817 goto f_err; 2805 goto f_err;
@@ -2831,8 +2819,7 @@ ssl3_check_cert_and_algorithm(SSL *s)
2831 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2819 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2832 SSL_R_MISSING_DH_RSA_CERT); 2820 SSL_R_MISSING_DH_RSA_CERT);
2833 goto f_err; 2821 goto f_err;
2834 } 2822 } else if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH|EVP_PKS_DSA)) {
2835 else if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH|EVP_PKS_DSA)) {
2836 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2823 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2837 SSL_R_MISSING_DH_DSA_CERT); 2824 SSL_R_MISSING_DH_DSA_CERT);
2838 goto f_err; 2825 goto f_err;
@@ -2847,22 +2834,18 @@ ssl3_check_cert_and_algorithm(SSL *s)
2847 SSL_R_MISSING_EXPORT_TMP_RSA_KEY); 2834 SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
2848 goto f_err; 2835 goto f_err;
2849 } 2836 }
2850 } else 2837 } else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {
2851 if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) { 2838 if (dh == NULL || DH_size(dh) * 8 >
2852 if (dh == NULL || DH_size(dh) * 8 > 2839 SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
2853 SSL_C_EXPORT_PKEYLENGTH(
2854 s->s3->tmp.new_cipher)) {
2855 SSLerr(
2856 SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2857 SSL_R_MISSING_EXPORT_TMP_DH_KEY);
2858 goto f_err;
2859 }
2860 } else
2861 {
2862 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 2840 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2863 SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); 2841 SSL_R_MISSING_EXPORT_TMP_DH_KEY);
2864 goto f_err; 2842 goto f_err;
2865 } 2843 }
2844 } else {
2845 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2846 SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
2847 goto f_err;
2848 }
2866 } 2849 }
2867 return (1); 2850 return (1);
2868f_err: 2851f_err:
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-30 07:01:11 +0000