1 files changed, 25 insertions, 73 deletions
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index edb1f637ea..35bc271f00 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s23_srvr.c,v 1.48 2016/11/04 18:33:11 guenther Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.49 2017/01/03 16:57:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -220,17 +220,16 @@ ssl23_get_client_hello(SSL *s)
         *  6-8   length           > Client Hello message
         *  9/10  client_version  /
         */
+        uint16_t client_version = 0;
+        uint16_t shared_version;
        unsigned char *p, *d, *d_len, *dd;
        unsigned int i;
        unsigned int csl, sil, cl;
        int n = 0, j;
        int type = 0;
-        int v[2];
        if (s->state == SSL23_ST_SR_CLNT_HELLO_A) {
                /* read the initial header */
-                v[0] = v[1] = 0;
                if (!ssl3_setup_buffers(s))
                        return -1;
@@ -246,37 +245,14 @@ ssl23_get_client_hello(SSL *s)
                        /*
                         * SSLv2 header
                         */
-                        if ((p[3] == 0x00) && (p[4] == 0x02)) {
+                        client_version = p[3] << 8 | p[4];
-                                /* SSLv2 support has been removed */
+                        if (!ssl_max_shared_version(s, client_version,
+                            &shared_version))
                                goto unsupported;
-                        } else if (p[3] == SSL3_VERSION_MAJOR) {
+                        s->version = shared_version;
-                                v[0] = p[3];
+                        s->state = SSL23_ST_SR_CLNT_HELLO_B;
-                                v[1] = p[4];
-                                /* SSLv3/TLS */
-                                if (p[4] >= TLS1_VERSION_MINOR) {
-                                        if (p[4] >= TLS1_2_VERSION_MINOR &&
-                                            !(s->options & SSL_OP_NO_TLSv1_2)) {
-                                                s->version = TLS1_2_VERSION;
-                                                s->state = SSL23_ST_SR_CLNT_HELLO_B;
-                                        } else if (p[4] >= TLS1_1_VERSION_MINOR &&
-                                            !(s->options & SSL_OP_NO_TLSv1_1)) {
-                                                s->version = TLS1_1_VERSION;
-                                                /* type=2; */ /* done later to survive restarts */
-                                                s->state = SSL23_ST_SR_CLNT_HELLO_B;
-                                        } else if (!(s->options & SSL_OP_NO_TLSv1)) {
-                                                s->version = TLS1_VERSION;
-                                                /* type=2; */ /* done later to survive restarts */
-                                                s->state = SSL23_ST_SR_CLNT_HELLO_B;
-                                        } else {
-                                                goto unsupported;
-                                        }
-                                } else {
-                                        /* SSLv3 support has been removed */
-                                        goto unsupported;
-                                }
-                        }
                } else if ((p[0] == SSL3_RT_HANDSHAKE) &&
                    (p[1] == SSL3_VERSION_MAJOR) &&
                    (p[5] == SSL3_MT_CLIENT_HELLO) &&
@@ -286,7 +262,6 @@ ssl23_get_client_hello(SSL *s)
                         * SSLv3 or tls1 header
                         */
-                        v[0] = p[1]; /* major version (= SSL3_VERSION_MAJOR) */
                        /* We must look at client_version inside the Client Hello message
                         * to get the correct minor version.
                         * However if we have only a pathologically small fragment of the
@@ -300,43 +275,21 @@ ssl23_get_client_hello(SSL *s)
                                    SSL_R_RECORD_TOO_SMALL);
                                return -1;
                        }
-                        /* if major version number > 3 set minor to a value
+                        client_version = p[9] << 8 | p[10];
-                         * which will use the highest version 3 we support.
-                         * If TLS 2.0 ever appears we will need to revise
+                        if (!ssl_max_shared_version(s, client_version,
-                         * this....
+                            &shared_version)) {
-                         */
+                                if (s->options & SSL_OP_NO_TLSv1)
-                        if (p[9] > SSL3_VERSION_MAJOR)
-                                v[1] = 0xff;
-                        else
-                                v[1] = p[10]; /* minor version according to client_version */
-                        if (v[1] >= TLS1_VERSION_MINOR) {
-                                if (v[1] >= TLS1_2_VERSION_MINOR &&
-                                    !(s->options & SSL_OP_NO_TLSv1_2)) {
-                                        s->version = TLS1_2_VERSION;
-                                        type = 3;
-                                } else if (v[1] >= TLS1_1_VERSION_MINOR &&
-                                    !(s->options & SSL_OP_NO_TLSv1_1)) {
-                                        s->version = TLS1_1_VERSION;
-                                        type = 3;
-                                } else if (!(s->options & SSL_OP_NO_TLSv1)) {
-                                        s->version = TLS1_VERSION;
-                                        type = 3;
-                                } else {
-                                        goto unsupported;
-                                }
-                        } else {
-                                /* SSLv3 */
-                                if (!(s->options & SSL_OP_NO_TLSv1)) {
-                                        /* we won't be able to use TLS of course,
-                                         * but this will send an appropriate alert */
-                                        s->version = TLS1_VERSION;
-                                        type = 3;
-                                } else {
                                        goto unsupported;
-                                }
+                                /*
+                                 * We won't be able to use TLS of course,
+                                 * but this will send an appropriate alert.
+                                 */
+                                shared_version = TLS1_VERSION;
                        }
-                }
+                        s->version = shared_version;
-                else if ((strncmp("GET ", (char *)p, 4) == 0) ||
+                        type = 3;
+                } else if ((strncmp("GET ", (char *)p, 4) == 0) ||
                    (strncmp("POST ",(char *)p, 5) == 0) ||
                    (strncmp("HEAD ",(char *)p, 5) == 0) ||
                    (strncmp("PUT ", (char *)p, 4) == 0)) {
@@ -362,8 +315,7 @@ ssl23_get_client_hello(SSL *s)
                type = 2;
                p = s->packet;
-                v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
+                client_version = p[3] << 8 | p[4];
-                v[1] = p[4];
                /* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2
                 * header is sent directly on the wire, not wrapped as a TLS
@@ -421,8 +373,8 @@ ssl23_get_client_hello(SSL *s)
                d += 3;
                /* client_version */
-                *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
+                *(d++) = client_version >> 8;
-                *(d++) = v[1];
+                *(d++) = client_version & 0xff;
                /* lets populate the random area */
                /* get the challenge_length */

diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c index edb1f637ea..35bc271f00 100644 --- a/src/lib/libssl/s23_srvr.c +++ b/src/lib/libssl/s23_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s23_srvr.c,v 1.48 2016/11/04 18:33:11 guenther Exp $ */	1	/* $OpenBSD: s23_srvr.c,v 1.49 2017/01/03 16:57:15 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -220,17 +220,16 @@ ssl23_get_client_hello(SSL *s)
220	* 6-8 length > Client Hello message	220	* 6-8 length > Client Hello message
221	* 9/10 client_version /	221	* 9/10 client_version /
222	*/	222	*/
		223	uint16_t client_version = 0;
		224	uint16_t shared_version;
223	unsigned char p, d, d_len, dd;	225	unsigned char p, d, d_len, dd;
224	unsigned int i;	226	unsigned int i;
225	unsigned int csl, sil, cl;	227	unsigned int csl, sil, cl;
226	int n = 0, j;	228	int n = 0, j;
227	int type = 0;	229	int type = 0;
228	int v[2];
229		230
230	if (s->state == SSL23_ST_SR_CLNT_HELLO_A) {	231	if (s->state == SSL23_ST_SR_CLNT_HELLO_A) {
231	/* read the initial header */	232	/* read the initial header */
232	v[0] = v[1] = 0;
233
234	if (!ssl3_setup_buffers(s))	233	if (!ssl3_setup_buffers(s))
235	return -1;	234	return -1;
236		235
@@ -246,37 +245,14 @@ ssl23_get_client_hello(SSL *s)
246	/*	245	/*
247	* SSLv2 header	246	* SSLv2 header
248	*/	247	*/
249	if ((p[3] == 0x00) && (p[4] == 0x02)) {	248	client_version = p[3] << 8 \| p[4];
250	/* SSLv2 support has been removed */	249
		250	if (!ssl_max_shared_version(s, client_version,
		251	&shared_version))
251	goto unsupported;	252	goto unsupported;
252		253
253	} else if (p[3] == SSL3_VERSION_MAJOR) {	254	s->version = shared_version;
254	v[0] = p[3];	255	s->state = SSL23_ST_SR_CLNT_HELLO_B;
255	v[1] = p[4];
256	/* SSLv3/TLS */
257
258	if (p[4] >= TLS1_VERSION_MINOR) {
259	if (p[4] >= TLS1_2_VERSION_MINOR &&
260	!(s->options & SSL_OP_NO_TLSv1_2)) {
261	s->version = TLS1_2_VERSION;
262	s->state = SSL23_ST_SR_CLNT_HELLO_B;
263	} else if (p[4] >= TLS1_1_VERSION_MINOR &&
264	!(s->options & SSL_OP_NO_TLSv1_1)) {
265	s->version = TLS1_1_VERSION;
266	/* type=2; / / done later to survive restarts */
267	s->state = SSL23_ST_SR_CLNT_HELLO_B;
268	} else if (!(s->options & SSL_OP_NO_TLSv1)) {
269	s->version = TLS1_VERSION;
270	/* type=2; / / done later to survive restarts */
271	s->state = SSL23_ST_SR_CLNT_HELLO_B;
272	} else {
273	goto unsupported;
274	}
275	} else {
276	/* SSLv3 support has been removed */
277	goto unsupported;
278	}
279	}
280	} else if ((p[0] == SSL3_RT_HANDSHAKE) &&	256	} else if ((p[0] == SSL3_RT_HANDSHAKE) &&
281	(p[1] == SSL3_VERSION_MAJOR) &&	257	(p[1] == SSL3_VERSION_MAJOR) &&
282	(p[5] == SSL3_MT_CLIENT_HELLO) &&	258	(p[5] == SSL3_MT_CLIENT_HELLO) &&
@@ -286,7 +262,6 @@ ssl23_get_client_hello(SSL *s)
286	* SSLv3 or tls1 header	262	* SSLv3 or tls1 header
287	*/	263	*/
288		264
289	v[0] = p[1]; /* major version (= SSL3_VERSION_MAJOR) */
290	/* We must look at client_version inside the Client Hello message	265	/* We must look at client_version inside the Client Hello message
291	* to get the correct minor version.	266	* to get the correct minor version.
292	* However if we have only a pathologically small fragment of the	267	* However if we have only a pathologically small fragment of the
@@ -300,43 +275,21 @@ ssl23_get_client_hello(SSL *s)
300	SSL_R_RECORD_TOO_SMALL);	275	SSL_R_RECORD_TOO_SMALL);
301	return -1;	276	return -1;
302	}	277	}
303	/* if major version number > 3 set minor to a value	278	client_version = p[9] << 8 \| p[10];
304	* which will use the highest version 3 we support.	279
305	* If TLS 2.0 ever appears we will need to revise	280	if (!ssl_max_shared_version(s, client_version,
306	* this....	281	&shared_version)) {
307	*/	282	if (s->options & SSL_OP_NO_TLSv1)
308	if (p[9] > SSL3_VERSION_MAJOR)
309	v[1] = 0xff;
310	else
311	v[1] = p[10]; /* minor version according to client_version */
312	if (v[1] >= TLS1_VERSION_MINOR) {
313	if (v[1] >= TLS1_2_VERSION_MINOR &&
314	!(s->options & SSL_OP_NO_TLSv1_2)) {
315	s->version = TLS1_2_VERSION;
316	type = 3;
317	} else if (v[1] >= TLS1_1_VERSION_MINOR &&
318	!(s->options & SSL_OP_NO_TLSv1_1)) {
319	s->version = TLS1_1_VERSION;
320	type = 3;
321	} else if (!(s->options & SSL_OP_NO_TLSv1)) {
322	s->version = TLS1_VERSION;
323	type = 3;
324	} else {
325	goto unsupported;
326	}
327	} else {
328	/* SSLv3 */
329	if (!(s->options & SSL_OP_NO_TLSv1)) {
330	/* we won't be able to use TLS of course,
331	* but this will send an appropriate alert */
332	s->version = TLS1_VERSION;
333	type = 3;
334	} else {
335	goto unsupported;	283	goto unsupported;
336	}	284	/*
		285	* We won't be able to use TLS of course,
		286	* but this will send an appropriate alert.
		287	*/
		288	shared_version = TLS1_VERSION;
337	}	289	}
338	}	290	s->version = shared_version;
339	else if ((strncmp("GET ", (char *)p, 4) == 0) \|\|	291	type = 3;
		292	} else if ((strncmp("GET ", (char *)p, 4) == 0) \|\|
340	(strncmp("POST ",(char *)p, 5) == 0) \|\|	293	(strncmp("POST ",(char *)p, 5) == 0) \|\|
341	(strncmp("HEAD ",(char *)p, 5) == 0) \|\|	294	(strncmp("HEAD ",(char *)p, 5) == 0) \|\|
342	(strncmp("PUT ", (char *)p, 4) == 0)) {	295	(strncmp("PUT ", (char *)p, 4) == 0)) {
@@ -362,8 +315,7 @@ ssl23_get_client_hello(SSL *s)
362		315
363	type = 2;	316	type = 2;
364	p = s->packet;	317	p = s->packet;
365	v[0] = p[3]; /* == SSL3_VERSION_MAJOR */	318	client_version = p[3] << 8 \| p[4];
366	v[1] = p[4];
367		319
368	/* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2	320	/* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2
369	* header is sent directly on the wire, not wrapped as a TLS	321	* header is sent directly on the wire, not wrapped as a TLS
@@ -421,8 +373,8 @@ ssl23_get_client_hello(SSL *s)
421	d += 3;	373	d += 3;
422		374
423	/* client_version */	375	/* client_version */
424	(d++) = SSL3_VERSION_MAJOR; / == v[0] */	376	*(d++) = client_version >> 8;
425	*(d++) = v[1];	377	*(d++) = client_version & 0xff;
426		378
427	/* lets populate the random area */	379	/* lets populate the random area */
428	/* get the challenge_length */	380	/* get the challenge_length */