diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 61 |
1 files changed, 24 insertions, 37 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index dbcbc9b709..2fbf063140 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.120 2015/09/12 15:03:39 jsing Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.121 2015/09/12 16:10:07 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -942,13 +942,10 @@ ssl3_get_client_hello(SSL *s) | |||
| 942 | } | 942 | } |
| 943 | 943 | ||
| 944 | /* TLS extensions*/ | 944 | /* TLS extensions*/ |
| 945 | if (s->version >= SSL3_VERSION) { | 945 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { |
| 946 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { | 946 | /* 'al' set by ssl_parse_clienthello_tlsext */ |
| 947 | /* 'al' set by ssl_parse_clienthello_tlsext */ | 947 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT); |
| 948 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 948 | goto f_err; |
| 949 | SSL_R_PARSE_TLSEXT); | ||
| 950 | goto f_err; | ||
| 951 | } | ||
| 952 | } | 949 | } |
| 953 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { | 950 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { |
| 954 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 951 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, |
| @@ -964,7 +961,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 964 | */ | 961 | */ |
| 965 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); | 962 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); |
| 966 | 963 | ||
| 967 | if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) { | 964 | if (!s->hit && s->tls_session_secret_cb) { |
| 968 | SSL_CIPHER *pref_cipher = NULL; | 965 | SSL_CIPHER *pref_cipher = NULL; |
| 969 | 966 | ||
| 970 | s->session->master_key_length = sizeof(s->session->master_key); | 967 | s->session->master_key_length = sizeof(s->session->master_key); |
| @@ -1054,12 +1051,9 @@ ssl3_get_client_hello(SSL *s) | |||
| 1054 | */ | 1051 | */ |
| 1055 | 1052 | ||
| 1056 | /* Handles TLS extensions that we couldn't check earlier */ | 1053 | /* Handles TLS extensions that we couldn't check earlier */ |
| 1057 | if (s->version >= SSL3_VERSION) { | 1054 | if (ssl_check_clienthello_tlsext_late(s) <= 0) { |
| 1058 | if (ssl_check_clienthello_tlsext_late(s) <= 0) { | 1055 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); |
| 1059 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 1056 | goto err; |
| 1060 | SSL_R_CLIENTHELLO_TLSEXT); | ||
| 1061 | goto err; | ||
| 1062 | } | ||
| 1063 | } | 1057 | } |
| 1064 | 1058 | ||
| 1065 | if (ret < 0) | 1059 | if (ret < 0) |
| @@ -1646,18 +1640,15 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 1646 | } | 1640 | } |
| 1647 | rsa = pkey->pkey.rsa; | 1641 | rsa = pkey->pkey.rsa; |
| 1648 | 1642 | ||
| 1649 | /* TLS and [incidentally] DTLS{0xFEFF} */ | 1643 | if (2 > n) |
| 1650 | if (s->version > SSL3_VERSION) { | 1644 | goto truncated; |
| 1651 | if (2 > n) | 1645 | n2s(p, i); |
| 1652 | goto truncated; | 1646 | if (n != i + 2) { |
| 1653 | n2s(p, i); | 1647 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |
| 1654 | if (n != i + 2) { | 1648 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); |
| 1655 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1649 | goto err; |
| 1656 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); | 1650 | } else |
| 1657 | goto err; | 1651 | n = i; |
| 1658 | } else | ||
| 1659 | n = i; | ||
| 1660 | } | ||
| 1661 | 1652 | ||
| 1662 | i = RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING); | 1653 | i = RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING); |
| 1663 | 1654 | ||
| @@ -2300,7 +2291,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2300 | * If tls asked for a client cert, | 2291 | * If tls asked for a client cert, |
| 2301 | * the client must return a 0 list. | 2292 | * the client must return a 0 list. |
| 2302 | */ | 2293 | */ |
| 2303 | if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) { | 2294 | if (s->s3->tmp.cert_request) { |
| 2304 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2295 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, |
| 2305 | SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST | 2296 | SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST |
| 2306 | ); | 2297 | ); |
| @@ -2365,15 +2356,11 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2365 | } | 2356 | } |
| 2366 | 2357 | ||
| 2367 | if (sk_X509_num(sk) <= 0) { | 2358 | if (sk_X509_num(sk) <= 0) { |
| 2368 | /* TLS does not mind 0 certs returned */ | 2359 | /* |
| 2369 | if (s->version == SSL3_VERSION) { | 2360 | * TLS does not mind 0 certs returned. |
| 2370 | al = SSL_AD_HANDSHAKE_FAILURE; | 2361 | * Fail for TLS only if we required a certificate. |
| 2371 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2362 | */ |
| 2372 | SSL_R_NO_CERTIFICATES_RETURNED); | 2363 | if ((s->verify_mode & SSL_VERIFY_PEER) && |
| 2373 | goto f_err; | ||
| 2374 | } | ||
| 2375 | /* Fail for TLS only if we required a certificate */ | ||
| 2376 | else if ((s->verify_mode & SSL_VERIFY_PEER) && | ||
| 2377 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { | 2364 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { |
| 2378 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2365 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, |
| 2379 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); | 2366 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); |