1 files changed, 18 insertions, 35 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index fae8eadada..7da9363ef5 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -117,7 +117,6 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include <openssl/md5.h>
-#include "cryptlib.h"
 static SSL_METHOD *ssl3_get_client_method(int ver);
 static int ssl3_client_hello(SSL *s);
@@ -146,25 +145,18 @@ SSL_METHOD *SSLv3_client_method(void)
        if (init)
                {
-                CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+                init=0;
+                memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
-                if (init)
+                        sizeof(SSL_METHOD));
-                        {
+                SSLv3_client_data.ssl_connect=ssl3_connect;
-                        memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
+                SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
-                                sizeof(SSL_METHOD));
-                        SSLv3_client_data.ssl_connect=ssl3_connect;
-                        SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
-                        init=0;
-                        }
-                CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
                }
        return(&SSLv3_client_data);
        }
 int ssl3_connect(SSL *s)
        {
-        BUF_MEM *buf=NULL;
+        BUF_MEM *buf;
        unsigned long Time=time(NULL),l;
        long num1;
        void (*cb)(const SSL *ssl,int type,int val)=NULL;
@@ -225,7 +217,6 @@ int ssl3_connect(SSL *s)
                                        goto end;
                                        }
                                s->init_buf=buf;
-                                buf=NULL;
                                }
                        if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@@ -504,8 +495,6 @@ int ssl3_connect(SSL *s)
                }
 end:
        s->in_handshake--;
-        if (buf != NULL)
-                BUF_MEM_free(buf);
        if (cb != NULL)
                cb(s,SSL_CB_CONNECT_EXIT,ret);
        return(ret);
@@ -648,7 +637,6 @@ static int ssl3_get_server_hello(SSL *s)
                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);
                goto f_err;
                }
        if (j != 0 && j == s->session->session_id_length
            && memcmp(p,s->session->session_id,j) == 0)
            {
@@ -699,12 +687,7 @@ static int ssl3_get_server_hello(SSL *s)
                goto f_err;
                }
-        /* Depending on the session caching (internal/external), the cipher
+        if (s->hit && (s->session->cipher != c))
-           and/or cipher_id values may not be set. Make sure that
-           cipher_id is set and use it for comparison. */
-        if (s->session->cipher)
-                s->session->cipher_id = s->session->cipher->id;
-        if (s->hit && (s->session->cipher_id != c->id))
                {
                if (!(s->options &
                        SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
@@ -1462,16 +1445,16 @@ static int ssl3_send_client_key_exchange(SSL *s)
                                
                        tmp_buf[0]=s->client_version>>8;
                        tmp_buf[1]=s->client_version&0xff;
-                        if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
+                        if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0)
                                        goto err;
-                        s->session->master_key_length=sizeof tmp_buf;
+                        s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
                        q=p;
                        /* Fix buf for TLS and beyond */
                        if (s->version > SSL3_VERSION)
                                p+=2;
-                        n=RSA_public_encrypt(sizeof tmp_buf,
+                        n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH,
                                tmp_buf,p,rsa,RSA_PKCS1_PADDING);
 #ifdef PKCS1_CHECK
                        if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
@@ -1493,8 +1476,8 @@ static int ssl3_send_client_key_exchange(SSL *s)
                        s->session->master_key_length=
                                s->method->ssl3_enc->generate_master_secret(s,
                                        s->session->master_key,
-                                        tmp_buf,sizeof tmp_buf);
+                                        tmp_buf,SSL_MAX_MASTER_KEY_LENGTH);
-                        OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);
+                        memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH);
                        }
 #endif
 #ifndef OPENSSL_NO_KRB5
@@ -1590,7 +1573,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
                                n+=2;
                                }
 
-                        if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0)
+                        if (RAND_bytes(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH) <= 0)
                            goto err;
                        /*  20010420 VRS.  Tried it this way; failed.
@@ -1600,11 +1583,11 @@ static int ssl3_send_client_key_exchange(SSL *s)
                        **      EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
                        */
-                        memset(iv, 0, sizeof iv);  /* per RFC 1510 */
+                        memset(iv, 0, EVP_MAX_IV_LENGTH);  /* per RFC 1510 */
                        EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
                                kssl_ctx->key,iv);
                        EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
-                                sizeof tmp_buf);
+                                SSL_MAX_MASTER_KEY_LENGTH);
                        EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
                        outl += padl;
                        if (outl > sizeof epms)
@@ -1623,10 +1606,10 @@ static int ssl3_send_client_key_exchange(SSL *s)
                        s->session->master_key_length=
                                s->method->ssl3_enc->generate_master_secret(s,
                                        s->session->master_key,
-                                        tmp_buf, sizeof tmp_buf);
+                                        tmp_buf, SSL_MAX_MASTER_KEY_LENGTH);
-                        OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+                        memset(tmp_buf, 0, SSL_MAX_MASTER_KEY_LENGTH);
-                        OPENSSL_cleanse(epms, outl);
+                        memset(epms, 0, outl);
                        }
 #endif
 #ifndef OPENSSL_NO_DH

diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index fae8eadada..7da9363ef5 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c
@@ -117,7 +117,6 @@
117	#include <openssl/objects.h>	117	#include <openssl/objects.h>
118	#include <openssl/evp.h>	118	#include <openssl/evp.h>
119	#include <openssl/md5.h>	119	#include <openssl/md5.h>
120	#include "cryptlib.h"
121		120
122	static SSL_METHOD *ssl3_get_client_method(int ver);	121	static SSL_METHOD *ssl3_get_client_method(int ver);
123	static int ssl3_client_hello(SSL *s);	122	static int ssl3_client_hello(SSL *s);
@@ -146,25 +145,18 @@ SSL_METHOD *SSLv3_client_method(void)
146		145
147	if (init)	146	if (init)
148	{	147	{
149	CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);	148	init=0;
150		149	memcpy((char )&SSLv3_client_data,(char )sslv3_base_method(),
151	if (init)	150	sizeof(SSL_METHOD));
152	{	151	SSLv3_client_data.ssl_connect=ssl3_connect;
153	memcpy((char )&SSLv3_client_data,(char )sslv3_base_method(),	152	SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
154	sizeof(SSL_METHOD));
155	SSLv3_client_data.ssl_connect=ssl3_connect;
156	SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
157	init=0;
158	}
159
160	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
161	}	153	}
162	return(&SSLv3_client_data);	154	return(&SSLv3_client_data);
163	}	155	}
164		156
165	int ssl3_connect(SSL *s)	157	int ssl3_connect(SSL *s)
166	{	158	{
167	BUF_MEM *buf=NULL;	159	BUF_MEM *buf;
168	unsigned long Time=time(NULL),l;	160	unsigned long Time=time(NULL),l;
169	long num1;	161	long num1;
170	void (cb)(const SSL ssl,int type,int val)=NULL;	162	void (cb)(const SSL ssl,int type,int val)=NULL;
@@ -225,7 +217,6 @@ int ssl3_connect(SSL *s)
225	goto end;	217	goto end;
226	}	218	}
227	s->init_buf=buf;	219	s->init_buf=buf;
228	buf=NULL;
229	}	220	}
230		221
231	if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }	222	if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@@ -504,8 +495,6 @@ int ssl3_connect(SSL *s)
504	}	495	}
505	end:	496	end:
506	s->in_handshake--;	497	s->in_handshake--;
507	if (buf != NULL)
508	BUF_MEM_free(buf);
509	if (cb != NULL)	498	if (cb != NULL)
510	cb(s,SSL_CB_CONNECT_EXIT,ret);	499	cb(s,SSL_CB_CONNECT_EXIT,ret);
511	return(ret);	500	return(ret);
@@ -648,7 +637,6 @@ static int ssl3_get_server_hello(SSL *s)
648	SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);	637	SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_LONG);
649	goto f_err;	638	goto f_err;
650	}	639	}
651
652	if (j != 0 && j == s->session->session_id_length	640	if (j != 0 && j == s->session->session_id_length
653	&& memcmp(p,s->session->session_id,j) == 0)	641	&& memcmp(p,s->session->session_id,j) == 0)
654	{	642	{
@@ -699,12 +687,7 @@ static int ssl3_get_server_hello(SSL *s)
699	goto f_err;	687	goto f_err;
700	}	688	}
701		689
702	/* Depending on the session caching (internal/external), the cipher	690	if (s->hit && (s->session->cipher != c))
703	and/or cipher_id values may not be set. Make sure that
704	cipher_id is set and use it for comparison. */
705	if (s->session->cipher)
706	s->session->cipher_id = s->session->cipher->id;
707	if (s->hit && (s->session->cipher_id != c->id))
708	{	691	{
709	if (!(s->options &	692	if (!(s->options &
710	SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))	693	SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
@@ -1462,16 +1445,16 @@ static int ssl3_send_client_key_exchange(SSL *s)
1462		1445
1463	tmp_buf[0]=s->client_version>>8;	1446	tmp_buf[0]=s->client_version>>8;
1464	tmp_buf[1]=s->client_version&0xff;	1447	tmp_buf[1]=s->client_version&0xff;
1465	if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)	1448	if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0)
1466	goto err;	1449	goto err;
1467		1450
1468	s->session->master_key_length=sizeof tmp_buf;	1451	s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
1469		1452
1470	q=p;	1453	q=p;
1471	/* Fix buf for TLS and beyond */	1454	/* Fix buf for TLS and beyond */
1472	if (s->version > SSL3_VERSION)	1455	if (s->version > SSL3_VERSION)
1473	p+=2;	1456	p+=2;
1474	n=RSA_public_encrypt(sizeof tmp_buf,	1457	n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH,
1475	tmp_buf,p,rsa,RSA_PKCS1_PADDING);	1458	tmp_buf,p,rsa,RSA_PKCS1_PADDING);
1476	#ifdef PKCS1_CHECK	1459	#ifdef PKCS1_CHECK
1477	if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;	1460	if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
@@ -1493,8 +1476,8 @@ static int ssl3_send_client_key_exchange(SSL *s)
1493	s->session->master_key_length=	1476	s->session->master_key_length=
1494	s->method->ssl3_enc->generate_master_secret(s,	1477	s->method->ssl3_enc->generate_master_secret(s,
1495	s->session->master_key,	1478	s->session->master_key,
1496	tmp_buf,sizeof tmp_buf);	1479	tmp_buf,SSL_MAX_MASTER_KEY_LENGTH);
1497	OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);	1480	memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH);
1498	}	1481	}
1499	#endif	1482	#endif
1500	#ifndef OPENSSL_NO_KRB5	1483	#ifndef OPENSSL_NO_KRB5
@@ -1590,7 +1573,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
1590	n+=2;	1573	n+=2;
1591	}	1574	}
1592		1575
1593	if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0)	1576	if (RAND_bytes(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH) <= 0)
1594	goto err;	1577	goto err;
1595		1578
1596	/* 20010420 VRS. Tried it this way; failed.	1579	/* 20010420 VRS. Tried it this way; failed.
@@ -1600,11 +1583,11 @@ static int ssl3_send_client_key_exchange(SSL *s)
1600	** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);	1583	** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
1601	*/	1584	*/
1602		1585
1603	memset(iv, 0, sizeof iv); /* per RFC 1510 */	1586	memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */
1604	EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,	1587	EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
1605	kssl_ctx->key,iv);	1588	kssl_ctx->key,iv);
1606	EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,	1589	EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
1607	sizeof tmp_buf);	1590	SSL_MAX_MASTER_KEY_LENGTH);
1608	EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);	1591	EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
1609	outl += padl;	1592	outl += padl;
1610	if (outl > sizeof epms)	1593	if (outl > sizeof epms)
@@ -1623,10 +1606,10 @@ static int ssl3_send_client_key_exchange(SSL *s)
1623	s->session->master_key_length=	1606	s->session->master_key_length=
1624	s->method->ssl3_enc->generate_master_secret(s,	1607	s->method->ssl3_enc->generate_master_secret(s,
1625	s->session->master_key,	1608	s->session->master_key,
1626	tmp_buf, sizeof tmp_buf);	1609	tmp_buf, SSL_MAX_MASTER_KEY_LENGTH);
1627		1610
1628	OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);	1611	memset(tmp_buf, 0, SSL_MAX_MASTER_KEY_LENGTH);
1629	OPENSSL_cleanse(epms, outl);	1612	memset(epms, 0, outl);
1630	}	1613	}
1631	#endif	1614	#endif
1632	#ifndef OPENSSL_NO_DH	1615	#ifndef OPENSSL_NO_DH