diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 73 | 
1 files changed, 39 insertions, 34 deletions
| diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 2b58482484..fae8eadada 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -146,18 +146,25 @@ SSL_METHOD *SSLv3_client_method(void) | |||
| 146 | 146 | ||
| 147 | if (init) | 147 | if (init) | 
| 148 | { | 148 | { | 
| 149 | init=0; | 149 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD); | 
| 150 | memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), | 150 | |
| 151 | sizeof(SSL_METHOD)); | 151 | if (init) | 
| 152 | SSLv3_client_data.ssl_connect=ssl3_connect; | 152 | { | 
| 153 | SSLv3_client_data.get_ssl_method=ssl3_get_client_method; | 153 | memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), | 
| 154 | sizeof(SSL_METHOD)); | ||
| 155 | SSLv3_client_data.ssl_connect=ssl3_connect; | ||
| 156 | SSLv3_client_data.get_ssl_method=ssl3_get_client_method; | ||
| 157 | init=0; | ||
| 158 | } | ||
| 159 | |||
| 160 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD); | ||
| 154 | } | 161 | } | 
| 155 | return(&SSLv3_client_data); | 162 | return(&SSLv3_client_data); | 
| 156 | } | 163 | } | 
| 157 | 164 | ||
| 158 | int ssl3_connect(SSL *s) | 165 | int ssl3_connect(SSL *s) | 
| 159 | { | 166 | { | 
| 160 | BUF_MEM *buf; | 167 | BUF_MEM *buf=NULL; | 
| 161 | unsigned long Time=time(NULL),l; | 168 | unsigned long Time=time(NULL),l; | 
| 162 | long num1; | 169 | long num1; | 
| 163 | void (*cb)(const SSL *ssl,int type,int val)=NULL; | 170 | void (*cb)(const SSL *ssl,int type,int val)=NULL; | 
| @@ -218,6 +225,7 @@ int ssl3_connect(SSL *s) | |||
| 218 | goto end; | 225 | goto end; | 
| 219 | } | 226 | } | 
| 220 | s->init_buf=buf; | 227 | s->init_buf=buf; | 
| 228 | buf=NULL; | ||
| 221 | } | 229 | } | 
| 222 | 230 | ||
| 223 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } | 231 | if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } | 
| @@ -496,6 +504,8 @@ int ssl3_connect(SSL *s) | |||
| 496 | } | 504 | } | 
| 497 | end: | 505 | end: | 
| 498 | s->in_handshake--; | 506 | s->in_handshake--; | 
| 507 | if (buf != NULL) | ||
| 508 | BUF_MEM_free(buf); | ||
| 499 | if (cb != NULL) | 509 | if (cb != NULL) | 
| 500 | cb(s,SSL_CB_CONNECT_EXIT,ret); | 510 | cb(s,SSL_CB_CONNECT_EXIT,ret); | 
| 501 | return(ret); | 511 | return(ret); | 
| @@ -632,30 +642,20 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 632 | /* get the session-id */ | 642 | /* get the session-id */ | 
| 633 | j= *(p++); | 643 | j= *(p++); | 
| 634 | 644 | ||
| 635 | if(j > sizeof s->session->session_id) | 645 | if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) | 
| 636 | { | ||
| 637 | al=SSL_AD_ILLEGAL_PARAMETER; | ||
| 638 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, | ||
| 639 | SSL_R_SSL3_SESSION_ID_TOO_LONG); | ||
| 640 | goto f_err; | ||
| 641 | } | ||
| 642 | |||
| 643 | if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) | ||
| 644 | { | 646 | { | 
| 645 | /* SSLref returns 16 :-( */ | 647 | al=SSL_AD_ILLEGAL_PARAMETER; | 
| 646 | if (j < SSL2_SSL_SESSION_ID_LENGTH) | 648 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG); | 
| 647 | { | 649 | goto f_err; | 
| 648 | al=SSL_AD_ILLEGAL_PARAMETER; | ||
| 649 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); | ||
| 650 | goto f_err; | ||
| 651 | } | ||
| 652 | } | 650 | } | 
| 651 | |||
| 653 | if (j != 0 && j == s->session->session_id_length | 652 | if (j != 0 && j == s->session->session_id_length | 
| 654 | && memcmp(p,s->session->session_id,j) == 0) | 653 | && memcmp(p,s->session->session_id,j) == 0) | 
| 655 | { | 654 | { | 
| 656 | if(s->sid_ctx_length != s->session->sid_ctx_length | 655 | if(s->sid_ctx_length != s->session->sid_ctx_length | 
| 657 | || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length)) | 656 | || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length)) | 
| 658 | { | 657 | { | 
| 658 | /* actually a client application bug */ | ||
| 659 | al=SSL_AD_ILLEGAL_PARAMETER; | 659 | al=SSL_AD_ILLEGAL_PARAMETER; | 
| 660 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); | 660 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); | 
| 661 | goto f_err; | 661 | goto f_err; | 
| @@ -699,7 +699,12 @@ static int ssl3_get_server_hello(SSL *s) | |||
| 699 | goto f_err; | 699 | goto f_err; | 
| 700 | } | 700 | } | 
| 701 | 701 | ||
| 702 | if (s->hit && (s->session->cipher != c)) | 702 | /* Depending on the session caching (internal/external), the cipher | 
| 703 | and/or cipher_id values may not be set. Make sure that | ||
| 704 | cipher_id is set and use it for comparison. */ | ||
| 705 | if (s->session->cipher) | ||
| 706 | s->session->cipher_id = s->session->cipher->id; | ||
| 707 | if (s->hit && (s->session->cipher_id != c->id)) | ||
| 703 | { | 708 | { | 
| 704 | if (!(s->options & | 709 | if (!(s->options & | 
| 705 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) | 710 | SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) | 
| @@ -1457,16 +1462,16 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1457 | 1462 | ||
| 1458 | tmp_buf[0]=s->client_version>>8; | 1463 | tmp_buf[0]=s->client_version>>8; | 
| 1459 | tmp_buf[1]=s->client_version&0xff; | 1464 | tmp_buf[1]=s->client_version&0xff; | 
| 1460 | if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0) | 1465 | if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0) | 
| 1461 | goto err; | 1466 | goto err; | 
| 1462 | 1467 | ||
| 1463 | s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; | 1468 | s->session->master_key_length=sizeof tmp_buf; | 
| 1464 | 1469 | ||
| 1465 | q=p; | 1470 | q=p; | 
| 1466 | /* Fix buf for TLS and beyond */ | 1471 | /* Fix buf for TLS and beyond */ | 
| 1467 | if (s->version > SSL3_VERSION) | 1472 | if (s->version > SSL3_VERSION) | 
| 1468 | p+=2; | 1473 | p+=2; | 
| 1469 | n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH, | 1474 | n=RSA_public_encrypt(sizeof tmp_buf, | 
| 1470 | tmp_buf,p,rsa,RSA_PKCS1_PADDING); | 1475 | tmp_buf,p,rsa,RSA_PKCS1_PADDING); | 
| 1471 | #ifdef PKCS1_CHECK | 1476 | #ifdef PKCS1_CHECK | 
| 1472 | if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++; | 1477 | if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++; | 
| @@ -1488,8 +1493,8 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1488 | s->session->master_key_length= | 1493 | s->session->master_key_length= | 
| 1489 | s->method->ssl3_enc->generate_master_secret(s, | 1494 | s->method->ssl3_enc->generate_master_secret(s, | 
| 1490 | s->session->master_key, | 1495 | s->session->master_key, | 
| 1491 | tmp_buf,SSL_MAX_MASTER_KEY_LENGTH); | 1496 | tmp_buf,sizeof tmp_buf); | 
| 1492 | memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH); | 1497 | OPENSSL_cleanse(tmp_buf,sizeof tmp_buf); | 
| 1493 | } | 1498 | } | 
| 1494 | #endif | 1499 | #endif | 
| 1495 | #ifndef OPENSSL_NO_KRB5 | 1500 | #ifndef OPENSSL_NO_KRB5 | 
| @@ -1585,7 +1590,7 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1585 | n+=2; | 1590 | n+=2; | 
| 1586 | } | 1591 | } | 
| 1587 | 1592 | ||
| 1588 | if (RAND_bytes(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH) <= 0) | 1593 | if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0) | 
| 1589 | goto err; | 1594 | goto err; | 
| 1590 | 1595 | ||
| 1591 | /* 20010420 VRS. Tried it this way; failed. | 1596 | /* 20010420 VRS. Tried it this way; failed. | 
| @@ -1595,11 +1600,11 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1595 | ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); | 1600 | ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); | 
| 1596 | */ | 1601 | */ | 
| 1597 | 1602 | ||
| 1598 | memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ | 1603 | memset(iv, 0, sizeof iv); /* per RFC 1510 */ | 
| 1599 | EVP_EncryptInit_ex(&ciph_ctx,enc, NULL, | 1604 | EVP_EncryptInit_ex(&ciph_ctx,enc, NULL, | 
| 1600 | kssl_ctx->key,iv); | 1605 | kssl_ctx->key,iv); | 
| 1601 | EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf, | 1606 | EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf, | 
| 1602 | SSL_MAX_MASTER_KEY_LENGTH); | 1607 | sizeof tmp_buf); | 
| 1603 | EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); | 1608 | EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); | 
| 1604 | outl += padl; | 1609 | outl += padl; | 
| 1605 | if (outl > sizeof epms) | 1610 | if (outl > sizeof epms) | 
| @@ -1618,10 +1623,10 @@ static int ssl3_send_client_key_exchange(SSL *s) | |||
| 1618 | s->session->master_key_length= | 1623 | s->session->master_key_length= | 
| 1619 | s->method->ssl3_enc->generate_master_secret(s, | 1624 | s->method->ssl3_enc->generate_master_secret(s, | 
| 1620 | s->session->master_key, | 1625 | s->session->master_key, | 
| 1621 | tmp_buf, SSL_MAX_MASTER_KEY_LENGTH); | 1626 | tmp_buf, sizeof tmp_buf); | 
| 1622 | 1627 | ||
| 1623 | memset(tmp_buf, 0, SSL_MAX_MASTER_KEY_LENGTH); | 1628 | OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); | 
| 1624 | memset(epms, 0, outl); | 1629 | OPENSSL_cleanse(epms, outl); | 
| 1625 | } | 1630 | } | 
| 1626 | #endif | 1631 | #endif | 
| 1627 | #ifndef OPENSSL_NO_DH | 1632 | #ifndef OPENSSL_NO_DH | 
