1 files changed, 39 insertions, 34 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index 2b58482484..fae8eadada 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -146,18 +146,25 @@ SSL_METHOD *SSLv3_client_method(void)
        if (init)
                {
-                init=0;
+                CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-                memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
-                        sizeof(SSL_METHOD));
+                if (init)
-                SSLv3_client_data.ssl_connect=ssl3_connect;
+                        {
-                SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
+                        memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
+                                sizeof(SSL_METHOD));
+                        SSLv3_client_data.ssl_connect=ssl3_connect;
+                        SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
+                        init=0;
+                        }
+                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
                }
        return(&SSLv3_client_data);
        }
 int ssl3_connect(SSL *s)
        {
-        BUF_MEM *buf;
+        BUF_MEM *buf=NULL;
        unsigned long Time=time(NULL),l;
        long num1;
        void (*cb)(const SSL *ssl,int type,int val)=NULL;
@@ -218,6 +225,7 @@ int ssl3_connect(SSL *s)
                                        goto end;
                                        }
                                s->init_buf=buf;
+                                buf=NULL;
                                }
                        if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@@ -496,6 +504,8 @@ int ssl3_connect(SSL *s)
                }
 end:
        s->in_handshake--;
+        if (buf != NULL)
+                BUF_MEM_free(buf);
        if (cb != NULL)
                cb(s,SSL_CB_CONNECT_EXIT,ret);
        return(ret);
@@ -632,30 +642,20 @@ static int ssl3_get_server_hello(SSL *s)
        /* get the session-id */
        j= *(p++);
-       if(j > sizeof s->session->session_id)
+        if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE))
-               {
-               al=SSL_AD_ILLEGAL_PARAMETER;
-               SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-                      SSL_R_SSL3_SESSION_ID_TOO_LONG);
-               goto f_err;
-               }
-        if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
                {
-                /* SSLref returns 16 :-( */
+                al=SSL_AD_ILLEGAL_PARAMETER;
-                if (j < SSL2_SSL_SESSION_ID_LENGTH)
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);
-                        {
+                goto f_err;
-                        al=SSL_AD_ILLEGAL_PARAMETER;
-                        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
-                        goto f_err;
-                        }
                }
        if (j != 0 && j == s->session->session_id_length
            && memcmp(p,s->session->session_id,j) == 0)
            {
            if(s->sid_ctx_length != s->session->sid_ctx_length
               || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
                {
+                /* actually a client application bug */
                al=SSL_AD_ILLEGAL_PARAMETER;
                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
                goto f_err;
@@ -699,7 +699,12 @@ static int ssl3_get_server_hello(SSL *s)
                goto f_err;
                }
-        if (s->hit && (s->session->cipher != c))
+        /* Depending on the session caching (internal/external), the cipher
+           and/or cipher_id values may not be set. Make sure that
+           cipher_id is set and use it for comparison. */
+        if (s->session->cipher)
+                s->session->cipher_id = s->session->cipher->id;
+        if (s->hit && (s->session->cipher_id != c->id))
                {
                if (!(s->options &
                        SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
@@ -1457,16 +1462,16 @@ static int ssl3_send_client_key_exchange(SSL *s)
                                
                        tmp_buf[0]=s->client_version>>8;
                        tmp_buf[1]=s->client_version&0xff;
-                        if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0)
+                        if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
                                        goto err;
-                        s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
+                        s->session->master_key_length=sizeof tmp_buf;
                        q=p;
                        /* Fix buf for TLS and beyond */
                        if (s->version > SSL3_VERSION)
                                p+=2;
-                        n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH,
+                        n=RSA_public_encrypt(sizeof tmp_buf,
                                tmp_buf,p,rsa,RSA_PKCS1_PADDING);
 #ifdef PKCS1_CHECK
                        if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
@@ -1488,8 +1493,8 @@ static int ssl3_send_client_key_exchange(SSL *s)
                        s->session->master_key_length=
                                s->method->ssl3_enc->generate_master_secret(s,
                                        s->session->master_key,
-                                        tmp_buf,SSL_MAX_MASTER_KEY_LENGTH);
+                                        tmp_buf,sizeof tmp_buf);
-                        memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH);
+                        OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);
                        }
 #endif
 #ifndef OPENSSL_NO_KRB5
@@ -1585,7 +1590,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
                                n+=2;
                                }
 
-                        if (RAND_bytes(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH) <= 0)
+                        if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0)
                            goto err;
                        /*  20010420 VRS.  Tried it this way; failed.
@@ -1595,11 +1600,11 @@ static int ssl3_send_client_key_exchange(SSL *s)
                        **      EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
                        */
-                        memset(iv, 0, EVP_MAX_IV_LENGTH);  /* per RFC 1510 */
+                        memset(iv, 0, sizeof iv);  /* per RFC 1510 */
                        EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
                                kssl_ctx->key,iv);
                        EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
-                                SSL_MAX_MASTER_KEY_LENGTH);
+                                sizeof tmp_buf);
                        EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
                        outl += padl;
                        if (outl > sizeof epms)
@@ -1618,10 +1623,10 @@ static int ssl3_send_client_key_exchange(SSL *s)
                        s->session->master_key_length=
                                s->method->ssl3_enc->generate_master_secret(s,
                                        s->session->master_key,
-                                        tmp_buf, SSL_MAX_MASTER_KEY_LENGTH);
+                                        tmp_buf, sizeof tmp_buf);
-                        memset(tmp_buf, 0, SSL_MAX_MASTER_KEY_LENGTH);
+                        OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
-                        memset(epms, 0, outl);
+                        OPENSSL_cleanse(epms, outl);
                        }
 #endif
 #ifndef OPENSSL_NO_DH

diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 2b58482484..fae8eadada 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c
@@ -146,18 +146,25 @@ SSL_METHOD *SSLv3_client_method(void)
146		146
147	if (init)	147	if (init)
148	{	148	{
149	init=0;	149	CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
150	memcpy((char )&SSLv3_client_data,(char )sslv3_base_method(),	150
151	sizeof(SSL_METHOD));	151	if (init)
152	SSLv3_client_data.ssl_connect=ssl3_connect;	152	{
153	SSLv3_client_data.get_ssl_method=ssl3_get_client_method;	153	memcpy((char )&SSLv3_client_data,(char )sslv3_base_method(),
		154	sizeof(SSL_METHOD));
		155	SSLv3_client_data.ssl_connect=ssl3_connect;
		156	SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
		157	init=0;
		158	}
		159
		160	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
154	}	161	}
155	return(&SSLv3_client_data);	162	return(&SSLv3_client_data);
156	}	163	}
157		164
158	int ssl3_connect(SSL *s)	165	int ssl3_connect(SSL *s)
159	{	166	{
160	BUF_MEM *buf;	167	BUF_MEM *buf=NULL;
161	unsigned long Time=time(NULL),l;	168	unsigned long Time=time(NULL),l;
162	long num1;	169	long num1;
163	void (cb)(const SSL ssl,int type,int val)=NULL;	170	void (cb)(const SSL ssl,int type,int val)=NULL;
@@ -218,6 +225,7 @@ int ssl3_connect(SSL *s)
218	goto end;	225	goto end;
219	}	226	}
220	s->init_buf=buf;	227	s->init_buf=buf;
		228	buf=NULL;
221	}	229	}
222		230
223	if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }	231	if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@@ -496,6 +504,8 @@ int ssl3_connect(SSL *s)
496	}	504	}
497	end:	505	end:
498	s->in_handshake--;	506	s->in_handshake--;
		507	if (buf != NULL)
		508	BUF_MEM_free(buf);
499	if (cb != NULL)	509	if (cb != NULL)
500	cb(s,SSL_CB_CONNECT_EXIT,ret);	510	cb(s,SSL_CB_CONNECT_EXIT,ret);
501	return(ret);	511	return(ret);
@@ -632,30 +642,20 @@ static int ssl3_get_server_hello(SSL *s)
632	/* get the session-id */	642	/* get the session-id */
633	j= *(p++);	643	j= *(p++);
634		644
635	if(j > sizeof s->session->session_id)	645	if ((j > sizeof s->session->session_id) \|\| (j > SSL3_SESSION_ID_SIZE))
636	{
637	al=SSL_AD_ILLEGAL_PARAMETER;
638	SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
639	SSL_R_SSL3_SESSION_ID_TOO_LONG);
640	goto f_err;
641	}
642
643	if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
644	{	646	{
645	/* SSLref returns 16 :-( */	647	al=SSL_AD_ILLEGAL_PARAMETER;
646	if (j < SSL2_SSL_SESSION_ID_LENGTH)	648	SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);
647	{	649	goto f_err;
648	al=SSL_AD_ILLEGAL_PARAMETER;
649	SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
650	goto f_err;
651	}
652	}	650	}
		651
653	if (j != 0 && j == s->session->session_id_length	652	if (j != 0 && j == s->session->session_id_length
654	&& memcmp(p,s->session->session_id,j) == 0)	653	&& memcmp(p,s->session->session_id,j) == 0)
655	{	654	{
656	if(s->sid_ctx_length != s->session->sid_ctx_length	655	if(s->sid_ctx_length != s->session->sid_ctx_length
657	\|\| memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))	656	\|\| memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length))
658	{	657	{
		658	/* actually a client application bug */
659	al=SSL_AD_ILLEGAL_PARAMETER;	659	al=SSL_AD_ILLEGAL_PARAMETER;
660	SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);	660	SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
661	goto f_err;	661	goto f_err;
@@ -699,7 +699,12 @@ static int ssl3_get_server_hello(SSL *s)
699	goto f_err;	699	goto f_err;
700	}	700	}
701		701
702	if (s->hit && (s->session->cipher != c))	702	/* Depending on the session caching (internal/external), the cipher
		703	and/or cipher_id values may not be set. Make sure that
		704	cipher_id is set and use it for comparison. */
		705	if (s->session->cipher)
		706	s->session->cipher_id = s->session->cipher->id;
		707	if (s->hit && (s->session->cipher_id != c->id))
703	{	708	{
704	if (!(s->options &	709	if (!(s->options &
705	SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))	710	SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
@@ -1457,16 +1462,16 @@ static int ssl3_send_client_key_exchange(SSL *s)
1457		1462
1458	tmp_buf[0]=s->client_version>>8;	1463	tmp_buf[0]=s->client_version>>8;
1459	tmp_buf[1]=s->client_version&0xff;	1464	tmp_buf[1]=s->client_version&0xff;
1460	if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0)	1465	if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
1461	goto err;	1466	goto err;
1462		1467
1463	s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;	1468	s->session->master_key_length=sizeof tmp_buf;
1464		1469
1465	q=p;	1470	q=p;
1466	/* Fix buf for TLS and beyond */	1471	/* Fix buf for TLS and beyond */
1467	if (s->version > SSL3_VERSION)	1472	if (s->version > SSL3_VERSION)
1468	p+=2;	1473	p+=2;
1469	n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH,	1474	n=RSA_public_encrypt(sizeof tmp_buf,
1470	tmp_buf,p,rsa,RSA_PKCS1_PADDING);	1475	tmp_buf,p,rsa,RSA_PKCS1_PADDING);
1471	#ifdef PKCS1_CHECK	1476	#ifdef PKCS1_CHECK
1472	if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;	1477	if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
@@ -1488,8 +1493,8 @@ static int ssl3_send_client_key_exchange(SSL *s)
1488	s->session->master_key_length=	1493	s->session->master_key_length=
1489	s->method->ssl3_enc->generate_master_secret(s,	1494	s->method->ssl3_enc->generate_master_secret(s,
1490	s->session->master_key,	1495	s->session->master_key,
1491	tmp_buf,SSL_MAX_MASTER_KEY_LENGTH);	1496	tmp_buf,sizeof tmp_buf);
1492	memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH);	1497	OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);
1493	}	1498	}
1494	#endif	1499	#endif
1495	#ifndef OPENSSL_NO_KRB5	1500	#ifndef OPENSSL_NO_KRB5
@@ -1585,7 +1590,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
1585	n+=2;	1590	n+=2;
1586	}	1591	}
1587		1592
1588	if (RAND_bytes(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH) <= 0)	1593	if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0)
1589	goto err;	1594	goto err;
1590		1595
1591	/* 20010420 VRS. Tried it this way; failed.	1596	/* 20010420 VRS. Tried it this way; failed.
@@ -1595,11 +1600,11 @@ static int ssl3_send_client_key_exchange(SSL *s)
1595	** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);	1600	** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
1596	*/	1601	*/
1597		1602
1598	memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */	1603	memset(iv, 0, sizeof iv); /* per RFC 1510 */
1599	EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,	1604	EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
1600	kssl_ctx->key,iv);	1605	kssl_ctx->key,iv);
1601	EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,	1606	EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
1602	SSL_MAX_MASTER_KEY_LENGTH);	1607	sizeof tmp_buf);
1603	EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);	1608	EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
1604	outl += padl;	1609	outl += padl;
1605	if (outl > sizeof epms)	1610	if (outl > sizeof epms)
@@ -1618,10 +1623,10 @@ static int ssl3_send_client_key_exchange(SSL *s)
1618	s->session->master_key_length=	1623	s->session->master_key_length=
1619	s->method->ssl3_enc->generate_master_secret(s,	1624	s->method->ssl3_enc->generate_master_secret(s,
1620	s->session->master_key,	1625	s->session->master_key,
1621	tmp_buf, SSL_MAX_MASTER_KEY_LENGTH);	1626	tmp_buf, sizeof tmp_buf);
1622		1627
1623	memset(tmp_buf, 0, SSL_MAX_MASTER_KEY_LENGTH);	1628	OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
1624	memset(epms, 0, outl);	1629	OPENSSL_cleanse(epms, outl);
1625	}	1630	}
1626	#endif	1631	#endif
1627	#ifndef OPENSSL_NO_DH	1632	#ifndef OPENSSL_NO_DH