1 files changed, 14 insertions, 97 deletions
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c
index 47673e740a..c4d8bf2eb3 100644
--- a/src/lib/libssl/s23_clnt.c
+++ b/src/lib/libssl/s23_clnt.c
@@ -129,10 +129,6 @@ static const SSL_METHOD *ssl23_get_client_method(int ver)
                return(SSLv3_client_method());
        else if (ver == TLS1_VERSION)
                return(TLSv1_client_method());
-        else if (ver == TLS1_1_VERSION)
-                return(TLSv1_1_client_method());
-        else if (ver == TLS1_2_VERSION)
-                return(TLSv1_2_client_method());
        else
                return(NULL);
        }
@@ -282,51 +278,24 @@ static int ssl23_client_hello(SSL *s)
        SSL_COMP *comp;
 #endif
        int ret;
-        unsigned long mask, options = s->options;
-        ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
+        ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
        if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
                ssl2_compat = 0;
-        /*
+        if (!(s->options & SSL_OP_NO_TLSv1))
-         * SSL_OP_NO_X disables all protocols above X *if* there are
+                {
-         * some protocols below X enabled. This is required in order
-         * to maintain "version capability" vector contiguous. So
-         * that if application wants to disable TLS1.0 in favour of
-         * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
-         * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
-         */
-        mask =  SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1
-#if !defined(OPENSSL_NO_SSL3)
-                |SSL_OP_NO_SSLv3
-#endif
-#if !defined(OPENSSL_NO_SSL2)
-                |(ssl2_compat?SSL_OP_NO_SSLv2:0)
-#endif
-                ;
-#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
-        version = TLS1_2_VERSION;
-        if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
-                version = TLS1_1_VERSION;
-#else
-        version = TLS1_1_VERSION;
-#endif
-        mask &= ~SSL_OP_NO_TLSv1_1;
-        if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
                version = TLS1_VERSION;
-        mask &= ~SSL_OP_NO_TLSv1;
+                }
-#if !defined(OPENSSL_NO_SSL3)
+        else if (!(s->options & SSL_OP_NO_SSLv3))
-        if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
+                {
                version = SSL3_VERSION;
-        mask &= ~SSL_OP_NO_SSLv3;
+                }
-#endif
+        else if (!(s->options & SSL_OP_NO_SSLv2))
-#if !defined(OPENSSL_NO_SSL2)
+                {
-        if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
                version = SSL2_VERSION;
-#endif
+                }
 #ifndef OPENSSL_NO_TLSEXT
        if (version != SSL2_VERSION)
                {
@@ -360,29 +329,11 @@ static int ssl23_client_hello(SSL *s)
                if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
                        return -1;
-                if (version == TLS1_2_VERSION)
+                if (version == TLS1_VERSION)
-                        {
-                        version_major = TLS1_2_VERSION_MAJOR;
-                        version_minor = TLS1_2_VERSION_MINOR;
-                        }
-                else if (version == TLS1_1_VERSION)
-                        {
-                        version_major = TLS1_1_VERSION_MAJOR;
-                        version_minor = TLS1_1_VERSION_MINOR;
-                        }
-                else if (version == TLS1_VERSION)
                        {
                        version_major = TLS1_VERSION_MAJOR;
                        version_minor = TLS1_VERSION_MINOR;
                        }
-#ifdef OPENSSL_FIPS
-                else if(FIPS_mode())
-                        {
-                        SSLerr(SSL_F_SSL23_CLIENT_HELLO,
-                                        SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                        return -1;
-                        }
-#endif
                else if (version == SSL3_VERSION)
                        {
                        version_major = SSL3_VERSION_MAJOR;
@@ -486,15 +437,6 @@ static int ssl23_client_hello(SSL *s)
                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
                                return -1;
                                }
-#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
-                        /* Some servers hang if client hello > 256 bytes
-                         * as hack workaround chop number of supported ciphers
-                         * to keep it well below this if we use TLS v1.2
-                         */
-                        if (TLS1_get_version(s) >= TLS1_2_VERSION
-                                && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
-                                i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
-#endif
                        s2n(i,p);
                        p+=i;
@@ -549,13 +491,8 @@ static int ssl23_client_hello(SSL *s)
                        d=buf;
                        *(d++) = SSL3_RT_HANDSHAKE;
                        *(d++) = version_major;
-                        /* Some servers hang if we use long client hellos
+                        *(d++) = version_minor; /* arguably we should send the *lowest* suported version here
-                         * and a record number > TLS 1.0.
+                                                 * (indicating, e.g., TLS 1.0 in "SSL 3.0 format") */
-                         */
-                        if (TLS1_get_client_version(s) > TLS1_VERSION)
-                                *(d++) = 1;
-                        else
-                                *(d++) = version_minor;
                        s2n((int)l,d);
                        /* number of bytes to write */
@@ -671,7 +608,7 @@ static int ssl23_get_server_hello(SSL *s)
 #endif
                }
        else if (p[1] == SSL3_VERSION_MAJOR &&
-                 p[2] <= TLS1_2_VERSION_MINOR &&
+                 (p[2] == SSL3_VERSION_MINOR || p[2] == TLS1_VERSION_MINOR) &&
                 ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
                  (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2)))
                {
@@ -680,14 +617,6 @@ static int ssl23_get_server_hello(SSL *s)
                if ((p[2] == SSL3_VERSION_MINOR) &&
                        !(s->options & SSL_OP_NO_SSLv3))
                        {
-#ifdef OPENSSL_FIPS
-                        if(FIPS_mode())
-                                {
-                                SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
-                                        SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                                goto err;
-                                }
-#endif
                        s->version=SSL3_VERSION;
                        s->method=SSLv3_client_method();
                        }
@@ -697,18 +626,6 @@ static int ssl23_get_server_hello(SSL *s)
                        s->version=TLS1_VERSION;
                        s->method=TLSv1_client_method();
                        }
-                else if ((p[2] == TLS1_1_VERSION_MINOR) &&
-                        !(s->options & SSL_OP_NO_TLSv1_1))
-                        {
-                        s->version=TLS1_1_VERSION;
-                        s->method=TLSv1_1_client_method();
-                        }
-                else if ((p[2] == TLS1_2_VERSION_MINOR) &&
-                        !(s->options & SSL_OP_NO_TLSv1_2))
-                        {
-                        s->version=TLS1_2_VERSION;
-                        s->method=TLSv1_2_client_method();
-                        }
                else
                        {
                        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);

diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index 47673e740a..c4d8bf2eb3 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c
@@ -129,10 +129,6 @@ static const SSL_METHOD *ssl23_get_client_method(int ver)
129	return(SSLv3_client_method());	129	return(SSLv3_client_method());
130	else if (ver == TLS1_VERSION)	130	else if (ver == TLS1_VERSION)
131	return(TLSv1_client_method());	131	return(TLSv1_client_method());
132	else if (ver == TLS1_1_VERSION)
133	return(TLSv1_1_client_method());
134	else if (ver == TLS1_2_VERSION)
135	return(TLSv1_2_client_method());
136	else	132	else
137	return(NULL);	133	return(NULL);
138	}	134	}
@@ -282,51 +278,24 @@ static int ssl23_client_hello(SSL *s)
282	SSL_COMP *comp;	278	SSL_COMP *comp;
283	#endif	279	#endif
284	int ret;	280	int ret;
285	unsigned long mask, options = s->options;
286		281
287	ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;	282	ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
288		283
289	if (ssl2_compat && ssl23_no_ssl2_ciphers(s))	284	if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
290	ssl2_compat = 0;	285	ssl2_compat = 0;
291		286
292	/*	287	if (!(s->options & SSL_OP_NO_TLSv1))
293	* SSL_OP_NO_X disables all protocols above X if there are	288	{
294	* some protocols below X enabled. This is required in order
295	* to maintain "version capability" vector contiguous. So
296	* that if application wants to disable TLS1.0 in favour of
297	* TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
298	* answer is SSL_OP_NO_TLSv1\|SSL_OP_NO_SSLv3\|SSL_OP_NO_SSLv2.
299	*/
300	mask = SSL_OP_NO_TLSv1_1\|SSL_OP_NO_TLSv1
301	#if !defined(OPENSSL_NO_SSL3)
302	\|SSL_OP_NO_SSLv3
303	#endif
304	#if !defined(OPENSSL_NO_SSL2)
305	\|(ssl2_compat?SSL_OP_NO_SSLv2:0)
306	#endif
307	;
308	#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
309	version = TLS1_2_VERSION;
310
311	if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
312	version = TLS1_1_VERSION;
313	#else
314	version = TLS1_1_VERSION;
315	#endif
316	mask &= ~SSL_OP_NO_TLSv1_1;
317	if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
318	version = TLS1_VERSION;	289	version = TLS1_VERSION;
319	mask &= ~SSL_OP_NO_TLSv1;	290	}
320	#if !defined(OPENSSL_NO_SSL3)	291	else if (!(s->options & SSL_OP_NO_SSLv3))
321	if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)	292	{
322	version = SSL3_VERSION;	293	version = SSL3_VERSION;
323	mask &= ~SSL_OP_NO_SSLv3;	294	}
324	#endif	295	else if (!(s->options & SSL_OP_NO_SSLv2))
325	#if !defined(OPENSSL_NO_SSL2)	296	{
326	if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
327	version = SSL2_VERSION;	297	version = SSL2_VERSION;
328	#endif	298	}
329
330	#ifndef OPENSSL_NO_TLSEXT	299	#ifndef OPENSSL_NO_TLSEXT
331	if (version != SSL2_VERSION)	300	if (version != SSL2_VERSION)
332	{	301	{
@@ -360,29 +329,11 @@ static int ssl23_client_hello(SSL *s)
360	if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)	329	if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
361	return -1;	330	return -1;
362		331
363	if (version == TLS1_2_VERSION)	332	if (version == TLS1_VERSION)
364	{
365	version_major = TLS1_2_VERSION_MAJOR;
366	version_minor = TLS1_2_VERSION_MINOR;
367	}
368	else if (version == TLS1_1_VERSION)
369	{
370	version_major = TLS1_1_VERSION_MAJOR;
371	version_minor = TLS1_1_VERSION_MINOR;
372	}
373	else if (version == TLS1_VERSION)
374	{	333	{
375	version_major = TLS1_VERSION_MAJOR;	334	version_major = TLS1_VERSION_MAJOR;
376	version_minor = TLS1_VERSION_MINOR;	335	version_minor = TLS1_VERSION_MINOR;
377	}	336	}
378	#ifdef OPENSSL_FIPS
379	else if(FIPS_mode())
380	{
381	SSLerr(SSL_F_SSL23_CLIENT_HELLO,
382	SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
383	return -1;
384	}
385	#endif
386	else if (version == SSL3_VERSION)	337	else if (version == SSL3_VERSION)
387	{	338	{
388	version_major = SSL3_VERSION_MAJOR;	339	version_major = SSL3_VERSION_MAJOR;
@@ -486,15 +437,6 @@ static int ssl23_client_hello(SSL *s)
486	SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);	437	SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
487	return -1;	438	return -1;
488	}	439	}
489	#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
490	/* Some servers hang if client hello > 256 bytes
491	* as hack workaround chop number of supported ciphers
492	* to keep it well below this if we use TLS v1.2
493	*/
494	if (TLS1_get_version(s) >= TLS1_2_VERSION
495	&& i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
496	i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
497	#endif
498	s2n(i,p);	440	s2n(i,p);
499	p+=i;	441	p+=i;
500		442
@@ -549,13 +491,8 @@ static int ssl23_client_hello(SSL *s)
549	d=buf;	491	d=buf;
550	*(d++) = SSL3_RT_HANDSHAKE;	492	*(d++) = SSL3_RT_HANDSHAKE;
551	*(d++) = version_major;	493	*(d++) = version_major;
552	/* Some servers hang if we use long client hellos	494	(d++) = version_minor; / arguably we should send the lowest suported version here
553	* and a record number > TLS 1.0.	495	* (indicating, e.g., TLS 1.0 in "SSL 3.0 format") */
554	*/
555	if (TLS1_get_client_version(s) > TLS1_VERSION)
556	*(d++) = 1;
557	else
558	*(d++) = version_minor;
559	s2n((int)l,d);	496	s2n((int)l,d);
560		497
561	/* number of bytes to write */	498	/* number of bytes to write */
@@ -671,7 +608,7 @@ static int ssl23_get_server_hello(SSL *s)
671	#endif	608	#endif
672	}	609	}
673	else if (p[1] == SSL3_VERSION_MAJOR &&	610	else if (p[1] == SSL3_VERSION_MAJOR &&
674	p[2] <= TLS1_2_VERSION_MINOR &&	611	(p[2] == SSL3_VERSION_MINOR \|\| p[2] == TLS1_VERSION_MINOR) &&
675	((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) \|\|	612	((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) \|\|
676	(p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2)))	613	(p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2)))
677	{	614	{
@@ -680,14 +617,6 @@ static int ssl23_get_server_hello(SSL *s)
680	if ((p[2] == SSL3_VERSION_MINOR) &&	617	if ((p[2] == SSL3_VERSION_MINOR) &&
681	!(s->options & SSL_OP_NO_SSLv3))	618	!(s->options & SSL_OP_NO_SSLv3))
682	{	619	{
683	#ifdef OPENSSL_FIPS
684	if(FIPS_mode())
685	{
686	SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
687	SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
688	goto err;
689	}
690	#endif
691	s->version=SSL3_VERSION;	620	s->version=SSL3_VERSION;
692	s->method=SSLv3_client_method();	621	s->method=SSLv3_client_method();
693	}	622	}
@@ -697,18 +626,6 @@ static int ssl23_get_server_hello(SSL *s)
697	s->version=TLS1_VERSION;	626	s->version=TLS1_VERSION;
698	s->method=TLSv1_client_method();	627	s->method=TLSv1_client_method();
699	}	628	}
700	else if ((p[2] == TLS1_1_VERSION_MINOR) &&
701	!(s->options & SSL_OP_NO_TLSv1_1))
702	{
703	s->version=TLS1_1_VERSION;
704	s->method=TLSv1_1_client_method();
705	}
706	else if ((p[2] == TLS1_2_VERSION_MINOR) &&
707	!(s->options & SSL_OP_NO_TLSv1_2))
708	{
709	s->version=TLS1_2_VERSION;
710	s->method=TLSv1_2_client_method();
711	}
712	else	629	else
713	{	630	{
714	SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);	631	SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);