diff options
Diffstat (limited to 'src/lib/libssl/s3_srvr.c')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 36 |
1 files changed, 10 insertions, 26 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index c3b5ff33ff..61ee0a3e42 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -768,7 +768,9 @@ int ssl3_check_client_hello(SSL *s) | |||
| 768 | if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO) | 768 | if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO) |
| 769 | { | 769 | { |
| 770 | /* Throw away what we have done so far in the current handshake, | 770 | /* Throw away what we have done so far in the current handshake, |
| 771 | * which will now be aborted. (A full SSL_clear would be too much.) */ | 771 | * which will now be aborted. (A full SSL_clear would be too much.) |
| 772 | * I hope that tmp.dh is the only thing that may need to be cleared | ||
| 773 | * when a handshake is not completed ... */ | ||
| 772 | #ifndef OPENSSL_NO_DH | 774 | #ifndef OPENSSL_NO_DH |
| 773 | if (s->s3->tmp.dh != NULL) | 775 | if (s->s3->tmp.dh != NULL) |
| 774 | { | 776 | { |
| @@ -776,13 +778,6 @@ int ssl3_check_client_hello(SSL *s) | |||
| 776 | s->s3->tmp.dh = NULL; | 778 | s->s3->tmp.dh = NULL; |
| 777 | } | 779 | } |
| 778 | #endif | 780 | #endif |
| 779 | #ifndef OPENSSL_NO_ECDH | ||
| 780 | if (s->s3->tmp.ecdh != NULL) | ||
| 781 | { | ||
| 782 | EC_KEY_free(s->s3->tmp.ecdh); | ||
| 783 | s->s3->tmp.ecdh = NULL; | ||
| 784 | } | ||
| 785 | #endif | ||
| 786 | return 2; | 781 | return 2; |
| 787 | } | 782 | } |
| 788 | return 1; | 783 | return 1; |
| @@ -1496,6 +1491,7 @@ int ssl3_send_server_key_exchange(SSL *s) | |||
| 1496 | 1491 | ||
| 1497 | if (s->s3->tmp.dh != NULL) | 1492 | if (s->s3->tmp.dh != NULL) |
| 1498 | { | 1493 | { |
| 1494 | DH_free(dh); | ||
| 1499 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); | 1495 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); |
| 1500 | goto err; | 1496 | goto err; |
| 1501 | } | 1497 | } |
| @@ -1556,6 +1552,7 @@ int ssl3_send_server_key_exchange(SSL *s) | |||
| 1556 | 1552 | ||
| 1557 | if (s->s3->tmp.ecdh != NULL) | 1553 | if (s->s3->tmp.ecdh != NULL) |
| 1558 | { | 1554 | { |
| 1555 | EC_KEY_free(s->s3->tmp.ecdh); | ||
| 1559 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); | 1556 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); |
| 1560 | goto err; | 1557 | goto err; |
| 1561 | } | 1558 | } |
| @@ -1566,11 +1563,12 @@ int ssl3_send_server_key_exchange(SSL *s) | |||
| 1566 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); | 1563 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); |
| 1567 | goto err; | 1564 | goto err; |
| 1568 | } | 1565 | } |
| 1569 | if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) | 1566 | if (!EC_KEY_up_ref(ecdhp)) |
| 1570 | { | 1567 | { |
| 1571 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); | 1568 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); |
| 1572 | goto err; | 1569 | goto err; |
| 1573 | } | 1570 | } |
| 1571 | ecdh = ecdhp; | ||
| 1574 | 1572 | ||
| 1575 | s->s3->tmp.ecdh=ecdh; | 1573 | s->s3->tmp.ecdh=ecdh; |
| 1576 | if ((EC_KEY_get0_public_key(ecdh) == NULL) || | 1574 | if ((EC_KEY_get0_public_key(ecdh) == NULL) || |
| @@ -1733,7 +1731,6 @@ int ssl3_send_server_key_exchange(SSL *s) | |||
| 1733 | (unsigned char *)encodedPoint, | 1731 | (unsigned char *)encodedPoint, |
| 1734 | encodedlen); | 1732 | encodedlen); |
| 1735 | OPENSSL_free(encodedPoint); | 1733 | OPENSSL_free(encodedPoint); |
| 1736 | encodedPoint = NULL; | ||
| 1737 | p += encodedlen; | 1734 | p += encodedlen; |
| 1738 | } | 1735 | } |
| 1739 | #endif | 1736 | #endif |
| @@ -2443,12 +2440,6 @@ int ssl3_get_client_key_exchange(SSL *s) | |||
| 2443 | /* Get encoded point length */ | 2440 | /* Get encoded point length */ |
| 2444 | i = *p; | 2441 | i = *p; |
| 2445 | p += 1; | 2442 | p += 1; |
| 2446 | if (n != 1 + i) | ||
| 2447 | { | ||
| 2448 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | ||
| 2449 | ERR_R_EC_LIB); | ||
| 2450 | goto err; | ||
| 2451 | } | ||
| 2452 | if (EC_POINT_oct2point(group, | 2443 | if (EC_POINT_oct2point(group, |
| 2453 | clnt_ecpoint, p, i, bn_ctx) == 0) | 2444 | clnt_ecpoint, p, i, bn_ctx) == 0) |
| 2454 | { | 2445 | { |
| @@ -2593,19 +2584,12 @@ int ssl3_get_client_key_exchange(SSL *s) | |||
| 2593 | { | 2584 | { |
| 2594 | int ret = 0; | 2585 | int ret = 0; |
| 2595 | EVP_PKEY_CTX *pkey_ctx; | 2586 | EVP_PKEY_CTX *pkey_ctx; |
| 2596 | EVP_PKEY *client_pub_pkey = NULL, *pk = NULL; | 2587 | EVP_PKEY *client_pub_pkey = NULL; |
| 2597 | unsigned char premaster_secret[32], *start; | 2588 | unsigned char premaster_secret[32], *start; |
| 2598 | size_t outlen=32, inlen; | 2589 | size_t outlen=32, inlen; |
| 2599 | unsigned long alg_a; | ||
| 2600 | 2590 | ||
| 2601 | /* Get our certificate private key*/ | 2591 | /* Get our certificate private key*/ |
| 2602 | alg_a = s->s3->tmp.new_cipher->algorithm_auth; | 2592 | pkey_ctx = EVP_PKEY_CTX_new(s->cert->key->privatekey,NULL); |
| 2603 | if (alg_a & SSL_aGOST94) | ||
| 2604 | pk = s->cert->pkeys[SSL_PKEY_GOST94].privatekey; | ||
| 2605 | else if (alg_a & SSL_aGOST01) | ||
| 2606 | pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey; | ||
| 2607 | |||
| 2608 | pkey_ctx = EVP_PKEY_CTX_new(pk,NULL); | ||
| 2609 | EVP_PKEY_decrypt_init(pkey_ctx); | 2593 | EVP_PKEY_decrypt_init(pkey_ctx); |
| 2610 | /* If client certificate is present and is of the same type, maybe | 2594 | /* If client certificate is present and is of the same type, maybe |
| 2611 | * use it for key exchange. Don't mind errors from | 2595 | * use it for key exchange. Don't mind errors from |