diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 36 |
1 files changed, 26 insertions, 10 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 61ee0a3e42..c3b5ff33ff 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -768,9 +768,7 @@ int ssl3_check_client_hello(SSL *s) | |||
| 768 | if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO) | 768 | if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO) |
| 769 | { | 769 | { |
| 770 | /* Throw away what we have done so far in the current handshake, | 770 | /* Throw away what we have done so far in the current handshake, |
| 771 | * which will now be aborted. (A full SSL_clear would be too much.) | 771 | * which will now be aborted. (A full SSL_clear would be too much.) */ |
| 772 | * I hope that tmp.dh is the only thing that may need to be cleared | ||
| 773 | * when a handshake is not completed ... */ | ||
| 774 | #ifndef OPENSSL_NO_DH | 772 | #ifndef OPENSSL_NO_DH |
| 775 | if (s->s3->tmp.dh != NULL) | 773 | if (s->s3->tmp.dh != NULL) |
| 776 | { | 774 | { |
| @@ -778,6 +776,13 @@ int ssl3_check_client_hello(SSL *s) | |||
| 778 | s->s3->tmp.dh = NULL; | 776 | s->s3->tmp.dh = NULL; |
| 779 | } | 777 | } |
| 780 | #endif | 778 | #endif |
| 779 | #ifndef OPENSSL_NO_ECDH | ||
| 780 | if (s->s3->tmp.ecdh != NULL) | ||
| 781 | { | ||
| 782 | EC_KEY_free(s->s3->tmp.ecdh); | ||
| 783 | s->s3->tmp.ecdh = NULL; | ||
| 784 | } | ||
| 785 | #endif | ||
| 781 | return 2; | 786 | return 2; |
| 782 | } | 787 | } |
| 783 | return 1; | 788 | return 1; |
| @@ -1491,7 +1496,6 @@ int ssl3_send_server_key_exchange(SSL *s) | |||
| 1491 | 1496 | ||
| 1492 | if (s->s3->tmp.dh != NULL) | 1497 | if (s->s3->tmp.dh != NULL) |
| 1493 | { | 1498 | { |
| 1494 | DH_free(dh); | ||
| 1495 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); | 1499 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); |
| 1496 | goto err; | 1500 | goto err; |
| 1497 | } | 1501 | } |
| @@ -1552,7 +1556,6 @@ int ssl3_send_server_key_exchange(SSL *s) | |||
| 1552 | 1556 | ||
| 1553 | if (s->s3->tmp.ecdh != NULL) | 1557 | if (s->s3->tmp.ecdh != NULL) |
| 1554 | { | 1558 | { |
| 1555 | EC_KEY_free(s->s3->tmp.ecdh); | ||
| 1556 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); | 1559 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); |
| 1557 | goto err; | 1560 | goto err; |
| 1558 | } | 1561 | } |
| @@ -1563,12 +1566,11 @@ int ssl3_send_server_key_exchange(SSL *s) | |||
| 1563 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); | 1566 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); |
| 1564 | goto err; | 1567 | goto err; |
| 1565 | } | 1568 | } |
| 1566 | if (!EC_KEY_up_ref(ecdhp)) | 1569 | if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) |
| 1567 | { | 1570 | { |
| 1568 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); | 1571 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); |
| 1569 | goto err; | 1572 | goto err; |
| 1570 | } | 1573 | } |
| 1571 | ecdh = ecdhp; | ||
| 1572 | 1574 | ||
| 1573 | s->s3->tmp.ecdh=ecdh; | 1575 | s->s3->tmp.ecdh=ecdh; |
| 1574 | if ((EC_KEY_get0_public_key(ecdh) == NULL) || | 1576 | if ((EC_KEY_get0_public_key(ecdh) == NULL) || |
| @@ -1731,6 +1733,7 @@ int ssl3_send_server_key_exchange(SSL *s) | |||
| 1731 | (unsigned char *)encodedPoint, | 1733 | (unsigned char *)encodedPoint, |
| 1732 | encodedlen); | 1734 | encodedlen); |
| 1733 | OPENSSL_free(encodedPoint); | 1735 | OPENSSL_free(encodedPoint); |
| 1736 | encodedPoint = NULL; | ||
| 1734 | p += encodedlen; | 1737 | p += encodedlen; |
| 1735 | } | 1738 | } |
| 1736 | #endif | 1739 | #endif |
| @@ -2440,6 +2443,12 @@ int ssl3_get_client_key_exchange(SSL *s) | |||
| 2440 | /* Get encoded point length */ | 2443 | /* Get encoded point length */ |
| 2441 | i = *p; | 2444 | i = *p; |
| 2442 | p += 1; | 2445 | p += 1; |
| 2446 | if (n != 1 + i) | ||
| 2447 | { | ||
| 2448 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | ||
| 2449 | ERR_R_EC_LIB); | ||
| 2450 | goto err; | ||
| 2451 | } | ||
| 2443 | if (EC_POINT_oct2point(group, | 2452 | if (EC_POINT_oct2point(group, |
| 2444 | clnt_ecpoint, p, i, bn_ctx) == 0) | 2453 | clnt_ecpoint, p, i, bn_ctx) == 0) |
| 2445 | { | 2454 | { |
| @@ -2584,12 +2593,19 @@ int ssl3_get_client_key_exchange(SSL *s) | |||
| 2584 | { | 2593 | { |
| 2585 | int ret = 0; | 2594 | int ret = 0; |
| 2586 | EVP_PKEY_CTX *pkey_ctx; | 2595 | EVP_PKEY_CTX *pkey_ctx; |
| 2587 | EVP_PKEY *client_pub_pkey = NULL; | 2596 | EVP_PKEY *client_pub_pkey = NULL, *pk = NULL; |
| 2588 | unsigned char premaster_secret[32], *start; | 2597 | unsigned char premaster_secret[32], *start; |
| 2589 | size_t outlen=32, inlen; | 2598 | size_t outlen=32, inlen; |
| 2599 | unsigned long alg_a; | ||
| 2590 | 2600 | ||
| 2591 | /* Get our certificate private key*/ | 2601 | /* Get our certificate private key*/ |
| 2592 | pkey_ctx = EVP_PKEY_CTX_new(s->cert->key->privatekey,NULL); | 2602 | alg_a = s->s3->tmp.new_cipher->algorithm_auth; |
| 2603 | if (alg_a & SSL_aGOST94) | ||
| 2604 | pk = s->cert->pkeys[SSL_PKEY_GOST94].privatekey; | ||
| 2605 | else if (alg_a & SSL_aGOST01) | ||
| 2606 | pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey; | ||
| 2607 | |||
| 2608 | pkey_ctx = EVP_PKEY_CTX_new(pk,NULL); | ||
| 2593 | EVP_PKEY_decrypt_init(pkey_ctx); | 2609 | EVP_PKEY_decrypt_init(pkey_ctx); |
| 2594 | /* If client certificate is present and is of the same type, maybe | 2610 | /* If client certificate is present and is of the same type, maybe |
| 2595 | * use it for key exchange. Don't mind errors from | 2611 | * use it for key exchange. Don't mind errors from |