summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_srvr.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/s3_srvr.c')
-rw-r--r--src/lib/libssl/s3_srvr.c39
1 files changed, 23 insertions, 16 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 118939fabb..9ac19c05f2 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -191,7 +191,8 @@ static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
191 { 191 {
192 if(s->srp_ctx.login == NULL) 192 if(s->srp_ctx.login == NULL)
193 { 193 {
194 /* There isn't any srp login extension !!! */ 194 /* RFC 5054 says SHOULD reject,
195 we do so if There is no srp login name */
195 ret = SSL3_AL_FATAL; 196 ret = SSL3_AL_FATAL;
196 *al = SSL_AD_UNKNOWN_PSK_IDENTITY; 197 *al = SSL_AD_UNKNOWN_PSK_IDENTITY;
197 } 198 }
@@ -378,6 +379,7 @@ int ssl3_accept(SSL *s)
378 } 379 }
379 } 380 }
380#endif 381#endif
382
381 s->renegotiate = 2; 383 s->renegotiate = 2;
382 s->state=SSL3_ST_SW_SRVR_HELLO_A; 384 s->state=SSL3_ST_SW_SRVR_HELLO_A;
383 s->init_num=0; 385 s->init_num=0;
@@ -956,7 +958,8 @@ int ssl3_get_client_hello(SSL *s)
956 (s->version != DTLS1_VERSION && s->client_version < s->version)) 958 (s->version != DTLS1_VERSION && s->client_version < s->version))
957 { 959 {
958 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER); 960 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
959 if ((s->client_version>>8) == SSL3_VERSION_MAJOR) 961 if ((s->client_version>>8) == SSL3_VERSION_MAJOR &&
962 !s->enc_write_ctx && !s->write_hash)
960 { 963 {
961 /* similar to ssl3_get_record, send alert using remote version number */ 964 /* similar to ssl3_get_record, send alert using remote version number */
962 s->version = s->client_version; 965 s->version = s->client_version;
@@ -1181,7 +1184,7 @@ int ssl3_get_client_hello(SSL *s)
1181 goto f_err; 1184 goto f_err;
1182 } 1185 }
1183 } 1186 }
1184 if (ssl_check_clienthello_tlsext(s) <= 0) { 1187 if (ssl_check_clienthello_tlsext_early(s) <= 0) {
1185 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); 1188 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
1186 goto err; 1189 goto err;
1187 } 1190 }
@@ -1191,12 +1194,9 @@ int ssl3_get_client_hello(SSL *s)
1191 * server_random before calling tls_session_secret_cb in order to allow 1194 * server_random before calling tls_session_secret_cb in order to allow
1192 * SessionTicket processing to use it in key derivation. */ 1195 * SessionTicket processing to use it in key derivation. */
1193 { 1196 {
1194 unsigned long Time;
1195 unsigned char *pos; 1197 unsigned char *pos;
1196 Time=(unsigned long)time(NULL); /* Time */
1197 pos=s->s3->server_random; 1198 pos=s->s3->server_random;
1198 l2n(Time,pos); 1199 if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0)
1199 if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0)
1200 { 1200 {
1201 al=SSL_AD_INTERNAL_ERROR; 1201 al=SSL_AD_INTERNAL_ERROR;
1202 goto f_err; 1202 goto f_err;
@@ -1389,7 +1389,10 @@ int ssl3_get_client_hello(SSL *s)
1389 if (TLS1_get_version(s) < TLS1_2_VERSION || !(s->verify_mode & SSL_VERIFY_PEER)) 1389 if (TLS1_get_version(s) < TLS1_2_VERSION || !(s->verify_mode & SSL_VERIFY_PEER))
1390 { 1390 {
1391 if (!ssl3_digest_cached_records(s)) 1391 if (!ssl3_digest_cached_records(s))
1392 {
1393 al = SSL_AD_INTERNAL_ERROR;
1392 goto f_err; 1394 goto f_err;
1395 }
1393 } 1396 }
1394 1397
1395 /* we now have the following setup. 1398 /* we now have the following setup.
@@ -1403,6 +1406,16 @@ int ssl3_get_client_hello(SSL *s)
1403 * s->tmp.new_cipher - the new cipher to use. 1406 * s->tmp.new_cipher - the new cipher to use.
1404 */ 1407 */
1405 1408
1409 /* Handles TLS extensions that we couldn't check earlier */
1410 if (s->version >= SSL3_VERSION)
1411 {
1412 if (ssl_check_clienthello_tlsext_late(s) <= 0)
1413 {
1414 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
1415 goto err;
1416 }
1417 }
1418
1406 if (ret < 0) ret=1; 1419 if (ret < 0) ret=1;
1407 if (0) 1420 if (0)
1408 { 1421 {
@@ -1420,19 +1433,13 @@ int ssl3_send_server_hello(SSL *s)
1420 unsigned char *p,*d; 1433 unsigned char *p,*d;
1421 int i,sl; 1434 int i,sl;
1422 unsigned long l; 1435 unsigned long l;
1423#ifdef OPENSSL_NO_TLSEXT
1424 unsigned long Time;
1425#endif
1426 1436
1427 if (s->state == SSL3_ST_SW_SRVR_HELLO_A) 1437 if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
1428 { 1438 {
1429 buf=(unsigned char *)s->init_buf->data; 1439 buf=(unsigned char *)s->init_buf->data;
1430#ifdef OPENSSL_NO_TLSEXT 1440#ifdef OPENSSL_NO_TLSEXT
1431 p=s->s3->server_random; 1441 p=s->s3->server_random;
1432 /* Generate server_random if it was not needed previously */ 1442 if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0)
1433 Time=(unsigned long)time(NULL); /* Time */
1434 l2n(Time,p);
1435 if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
1436 return -1; 1443 return -1;
1437#endif 1444#endif
1438 /* Do the message type and length last */ 1445 /* Do the message type and length last */
@@ -1823,7 +1830,7 @@ int ssl3_send_server_key_exchange(SSL *s)
1823 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); 1830 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1824 goto f_err; 1831 goto f_err;
1825 } 1832 }
1826 for (i=0; r[i] != NULL && i<4; i++) 1833 for (i=0; i < 4 && r[i] != NULL; i++)
1827 { 1834 {
1828 nr[i]=BN_num_bytes(r[i]); 1835 nr[i]=BN_num_bytes(r[i]);
1829#ifndef OPENSSL_NO_SRP 1836#ifndef OPENSSL_NO_SRP
@@ -1859,7 +1866,7 @@ int ssl3_send_server_key_exchange(SSL *s)
1859 d=(unsigned char *)s->init_buf->data; 1866 d=(unsigned char *)s->init_buf->data;
1860 p= &(d[4]); 1867 p= &(d[4]);
1861 1868
1862 for (i=0; r[i] != NULL && i<4; i++) 1869 for (i=0; i < 4 && r[i] != NULL; i++)
1863 { 1870 {
1864#ifndef OPENSSL_NO_SRP 1871#ifndef OPENSSL_NO_SRP
1865 if ((i == 2) && (type & SSL_kSRP)) 1872 if ((i == 2) && (type & SSL_kSRP))
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 09:11:28 +0000