1 files changed, 8 insertions, 50 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index a85715753c..d2f642f877 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.40 2014/10/18 16:13:16 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.41 2014/10/31 14:51:01 jsing Exp $ */
 /* 
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -446,27 +446,8 @@ dtls1_accept(SSL *s)
                case SSL3_ST_SW_KEY_EXCH_B:
                        alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-                        /* clear this, it may get reset by
+                        /* Only send if using a DH key exchange. */
-                         * send_server_key_exchange */
+                        if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
-                        if ((s->options & SSL_OP_EPHEMERAL_RSA)
-                        )
-                                /* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
-                                 * even when forbidden by protocol specs
-                                 * (handshake may fail as clients are not required to
-                                 * be able to handle this) */
-                                s->s3->tmp.use_rsa_tmp = 1;
-                        else
-                                s->s3->tmp.use_rsa_tmp = 0;
-                        /* only send if a DH key exchange or
-                         * RSA but we have a sign only certificate */
-                        if (s->s3->tmp.use_rsa_tmp
-                        || (alg_k & (SSL_kDHE|SSL_kECDHE))
-                        || ((alg_k & SSL_kRSA)
-                        && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
-                        )
-                        )
-                        ) {
                                dtls1_start_timer(s);
                                ret = dtls1_send_server_key_exchange(s);
                                if (ret <= 0)
@@ -994,7 +975,6 @@ dtls1_send_server_key_exchange(SSL *s)
 {
        unsigned char *q;
        int j, num;
-        RSA *rsa;
        unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
        unsigned int u;
        DH *dh = NULL, *dhp;
@@ -1024,28 +1004,7 @@ dtls1_send_server_key_exchange(SSL *s)
                r[0] = r[1] = r[2] = r[3] = NULL;
                n = 0;
-                if (type & SSL_kRSA) {
-                        rsa = cert->rsa_tmp;
-                        if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
-                                rsa = s->cert->rsa_tmp_cb(s, 0,
-                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
-                                if (rsa == NULL) {
-                                        al = SSL_AD_HANDSHAKE_FAILURE;
-                                        SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
-                                        goto f_err;
-                                }
-                                RSA_up_ref(rsa);
-                                cert->rsa_tmp = rsa;
-                        }
-                        if (rsa == NULL) {
-                                al = SSL_AD_HANDSHAKE_FAILURE;
-                                SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_RSA_KEY);
-                                goto f_err;
-                        }
-                        r[0] = rsa->n;
-                        r[1] = rsa->e;
-                        s->s3->tmp.use_rsa_tmp = 1;
-                } else
                if (type & SSL_kDHE) {
                        dhp = cert->dh_tmp;
                        if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
@@ -1087,8 +1046,7 @@ dtls1_send_server_key_exchange(SSL *s)
                        r[0] = dh->p;
                        r[1] = dh->g;
                        r[2] = dh->pub_key;
-                } else
+                } else if (type & SSL_kECDHE) {
-                if (type & SSL_kECDHE) {
                        const EC_GROUP *group;
                        ecdhp = cert->ecdh_tmp;
@@ -1185,10 +1143,10 @@ dtls1_send_server_key_exchange(SSL *s)
                        r[1] = NULL;
                        r[2] = NULL;
                        r[3] = NULL;
-                } else
+                } else {
-                {
                        al = SSL_AD_HANDSHAKE_FAILURE;
-                        SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+                        SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+                            SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
                        goto f_err;
                }
                for (i = 0; r[i] != NULL; i++) {

diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index a85715753c..d2f642f877 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_srvr.c,v 1.40 2014/10/18 16:13:16 jsing Exp $ */	1	/* $OpenBSD: d1_srvr.c,v 1.41 2014/10/31 14:51:01 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -446,27 +446,8 @@ dtls1_accept(SSL *s)
446	case SSL3_ST_SW_KEY_EXCH_B:	446	case SSL3_ST_SW_KEY_EXCH_B:
447	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;	447	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
448		448
449	/* clear this, it may get reset by	449	/* Only send if using a DH key exchange. */
450	* send_server_key_exchange */	450	if (alg_k & (SSL_kDHE\|SSL_kECDHE)) {
451	if ((s->options & SSL_OP_EPHEMERAL_RSA)
452	)
453	/* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
454	* even when forbidden by protocol specs
455	* (handshake may fail as clients are not required to
456	* be able to handle this) */
457	s->s3->tmp.use_rsa_tmp = 1;
458	else
459	s->s3->tmp.use_rsa_tmp = 0;
460
461	/* only send if a DH key exchange or
462	* RSA but we have a sign only certificate */
463	if (s->s3->tmp.use_rsa_tmp
464	\|\| (alg_k & (SSL_kDHE\|SSL_kECDHE))
465	\|\| ((alg_k & SSL_kRSA)
466	&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
467	)
468	)
469	) {
470	dtls1_start_timer(s);	451	dtls1_start_timer(s);
471	ret = dtls1_send_server_key_exchange(s);	452	ret = dtls1_send_server_key_exchange(s);
472	if (ret <= 0)	453	if (ret <= 0)
@@ -994,7 +975,6 @@ dtls1_send_server_key_exchange(SSL *s)
994	{	975	{
995	unsigned char *q;	976	unsigned char *q;
996	int j, num;	977	int j, num;
997	RSA *rsa;
998	unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];	978	unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
999	unsigned int u;	979	unsigned int u;
1000	DH dh = NULL, dhp;	980	DH dh = NULL, dhp;
@@ -1024,28 +1004,7 @@ dtls1_send_server_key_exchange(SSL *s)
1024		1004
1025	r[0] = r[1] = r[2] = r[3] = NULL;	1005	r[0] = r[1] = r[2] = r[3] = NULL;
1026	n = 0;	1006	n = 0;
1027	if (type & SSL_kRSA) {	1007
1028	rsa = cert->rsa_tmp;
1029	if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
1030	rsa = s->cert->rsa_tmp_cb(s, 0,
1031	SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
1032	if (rsa == NULL) {
1033	al = SSL_AD_HANDSHAKE_FAILURE;
1034	SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
1035	goto f_err;
1036	}
1037	RSA_up_ref(rsa);
1038	cert->rsa_tmp = rsa;
1039	}
1040	if (rsa == NULL) {
1041	al = SSL_AD_HANDSHAKE_FAILURE;
1042	SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_RSA_KEY);
1043	goto f_err;
1044	}
1045	r[0] = rsa->n;
1046	r[1] = rsa->e;
1047	s->s3->tmp.use_rsa_tmp = 1;
1048	} else
1049	if (type & SSL_kDHE) {	1008	if (type & SSL_kDHE) {
1050	dhp = cert->dh_tmp;	1009	dhp = cert->dh_tmp;
1051	if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))	1010	if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
@@ -1087,8 +1046,7 @@ dtls1_send_server_key_exchange(SSL *s)
1087	r[0] = dh->p;	1046	r[0] = dh->p;
1088	r[1] = dh->g;	1047	r[1] = dh->g;
1089	r[2] = dh->pub_key;	1048	r[2] = dh->pub_key;
1090	} else	1049	} else if (type & SSL_kECDHE) {
1091	if (type & SSL_kECDHE) {
1092	const EC_GROUP *group;	1050	const EC_GROUP *group;
1093		1051
1094	ecdhp = cert->ecdh_tmp;	1052	ecdhp = cert->ecdh_tmp;
@@ -1185,10 +1143,10 @@ dtls1_send_server_key_exchange(SSL *s)
1185	r[1] = NULL;	1143	r[1] = NULL;
1186	r[2] = NULL;	1144	r[2] = NULL;
1187	r[3] = NULL;	1145	r[3] = NULL;
1188	} else	1146	} else {
1189	{
1190	al = SSL_AD_HANDSHAKE_FAILURE;	1147	al = SSL_AD_HANDSHAKE_FAILURE;
1191	SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);	1148	SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
		1149	SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1192	goto f_err;	1150	goto f_err;
1193	}	1151	}
1194	for (i = 0; r[i] != NULL; i++) {	1152	for (i = 0; r[i] != NULL; i++) {