summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libssl/s3_clnt.c23
-rw-r--r--src/lib/libssl/src/ssl/s3_clnt.c23
2 files changed, 36 insertions, 10 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index d1f2e05eb8..b1c8ffb200 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_clnt.c,v 1.103 2014/12/15 00:46:53 doug Exp $ */ 1/* $OpenBSD: s3_clnt.c,v 1.104 2015/01/23 14:40:59 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1165,6 +1165,11 @@ ssl3_get_key_exchange(SSL *s)
1165 int curve_nid = 0; 1165 int curve_nid = 0;
1166 int encoded_pt_len = 0; 1166 int encoded_pt_len = 0;
1167 1167
1168 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
1169 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
1170
1171 EVP_MD_CTX_init(&md_ctx);
1172
1168 /* 1173 /*
1169 * Use same message size as in ssl3_get_certificate_request() 1174 * Use same message size as in ssl3_get_certificate_request()
1170 * as ServerKeyExchange message may be skipped. 1175 * as ServerKeyExchange message may be skipped.
@@ -1175,11 +1180,21 @@ ssl3_get_key_exchange(SSL *s)
1175 return ((int)n); 1180 return ((int)n);
1176 1181
1177 if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) { 1182 if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
1183 /*
1184 * Do not skip server key exchange if this cipher suite uses
1185 * ephemeral keys.
1186 */
1187 if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
1188 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
1189 SSL_R_UNEXPECTED_MESSAGE);
1190 al = SSL_AD_UNEXPECTED_MESSAGE;
1191 goto f_err;
1192 }
1193
1178 s->s3->tmp.reuse_message = 1; 1194 s->s3->tmp.reuse_message = 1;
1179 return (1); 1195 return (1);
1180 } 1196 }
1181 1197
1182 param = p = (unsigned char *)s->init_msg;
1183 if (s->session->sess_cert != NULL) { 1198 if (s->session->sess_cert != NULL) {
1184 DH_free(s->session->sess_cert->peer_dh_tmp); 1199 DH_free(s->session->sess_cert->peer_dh_tmp);
1185 s->session->sess_cert->peer_dh_tmp = NULL; 1200 s->session->sess_cert->peer_dh_tmp = NULL;
@@ -1192,10 +1207,8 @@ ssl3_get_key_exchange(SSL *s)
1192 goto err; 1207 goto err;
1193 } 1208 }
1194 1209
1210 param = p = (unsigned char *)s->init_msg;
1195 param_len = 0; 1211 param_len = 0;
1196 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
1197 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
1198 EVP_MD_CTX_init(&md_ctx);
1199 1212
1200 if (alg_k & SSL_kDHE) { 1213 if (alg_k & SSL_kDHE) {
1201 if ((dh = DH_new()) == NULL) { 1214 if ((dh = DH_new()) == NULL) {
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index d1f2e05eb8..b1c8ffb200 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_clnt.c,v 1.103 2014/12/15 00:46:53 doug Exp $ */ 1/* $OpenBSD: s3_clnt.c,v 1.104 2015/01/23 14:40:59 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1165,6 +1165,11 @@ ssl3_get_key_exchange(SSL *s)
1165 int curve_nid = 0; 1165 int curve_nid = 0;
1166 int encoded_pt_len = 0; 1166 int encoded_pt_len = 0;
1167 1167
1168 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
1169 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
1170
1171 EVP_MD_CTX_init(&md_ctx);
1172
1168 /* 1173 /*
1169 * Use same message size as in ssl3_get_certificate_request() 1174 * Use same message size as in ssl3_get_certificate_request()
1170 * as ServerKeyExchange message may be skipped. 1175 * as ServerKeyExchange message may be skipped.
@@ -1175,11 +1180,21 @@ ssl3_get_key_exchange(SSL *s)
1175 return ((int)n); 1180 return ((int)n);
1176 1181
1177 if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) { 1182 if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
1183 /*
1184 * Do not skip server key exchange if this cipher suite uses
1185 * ephemeral keys.
1186 */
1187 if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
1188 SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
1189 SSL_R_UNEXPECTED_MESSAGE);
1190 al = SSL_AD_UNEXPECTED_MESSAGE;
1191 goto f_err;
1192 }
1193
1178 s->s3->tmp.reuse_message = 1; 1194 s->s3->tmp.reuse_message = 1;
1179 return (1); 1195 return (1);
1180 } 1196 }
1181 1197
1182 param = p = (unsigned char *)s->init_msg;
1183 if (s->session->sess_cert != NULL) { 1198 if (s->session->sess_cert != NULL) {
1184 DH_free(s->session->sess_cert->peer_dh_tmp); 1199 DH_free(s->session->sess_cert->peer_dh_tmp);
1185 s->session->sess_cert->peer_dh_tmp = NULL; 1200 s->session->sess_cert->peer_dh_tmp = NULL;
@@ -1192,10 +1207,8 @@ ssl3_get_key_exchange(SSL *s)
1192 goto err; 1207 goto err;
1193 } 1208 }
1194 1209
1210 param = p = (unsigned char *)s->init_msg;
1195 param_len = 0; 1211 param_len = 0;
1196 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
1197 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
1198 EVP_MD_CTX_init(&md_ctx);
1199 1212
1200 if (alg_k & SSL_kDHE) { 1213 if (alg_k & SSL_kDHE) {
1201 if ((dh = DH_new()) == NULL) { 1214 if ((dh = DH_new()) == NULL) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 05:30:36 +0000