summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/d1_srvr.c58
-rw-r--r--src/lib/libssl/s3_lib.c103
-rw-r--r--src/lib/libssl/s3_srvr.c94
-rw-r--r--src/lib/libssl/src/ssl/d1_srvr.c58
-rw-r--r--src/lib/libssl/src/ssl/s3_lib.c103
-rw-r--r--src/lib/libssl/src/ssl/s3_srvr.c94
-rw-r--r--src/lib/libssl/src/ssl/ssl3.h4
-rw-r--r--src/lib/libssl/src/ssl/ssl_cert.c10
-rw-r--r--src/lib/libssl/src/ssl/ssl_lib.c7
-rw-r--r--src/lib/libssl/src/ssl/ssl_locl.h5
-rw-r--r--src/lib/libssl/ssl3.h4
-rw-r--r--src/lib/libssl/ssl_cert.c10
-rw-r--r--src/lib/libssl/ssl_lib.c7
-rw-r--r--src/lib/libssl/ssl_locl.h5
14 files changed, 88 insertions, 474 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index a85715753c..d2f642f877 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_srvr.c,v 1.40 2014/10/18 16:13:16 jsing Exp $ */ 1/* $OpenBSD: d1_srvr.c,v 1.41 2014/10/31 14:51:01 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -446,27 +446,8 @@ dtls1_accept(SSL *s)
446 case SSL3_ST_SW_KEY_EXCH_B: 446 case SSL3_ST_SW_KEY_EXCH_B:
447 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 447 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
448 448
449 /* clear this, it may get reset by 449 /* Only send if using a DH key exchange. */
450 * send_server_key_exchange */ 450 if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
451 if ((s->options & SSL_OP_EPHEMERAL_RSA)
452 )
453 /* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
454 * even when forbidden by protocol specs
455 * (handshake may fail as clients are not required to
456 * be able to handle this) */
457 s->s3->tmp.use_rsa_tmp = 1;
458 else
459 s->s3->tmp.use_rsa_tmp = 0;
460
461 /* only send if a DH key exchange or
462 * RSA but we have a sign only certificate */
463 if (s->s3->tmp.use_rsa_tmp
464 || (alg_k & (SSL_kDHE|SSL_kECDHE))
465 || ((alg_k & SSL_kRSA)
466 && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
467 )
468 )
469 ) {
470 dtls1_start_timer(s); 451 dtls1_start_timer(s);
471 ret = dtls1_send_server_key_exchange(s); 452 ret = dtls1_send_server_key_exchange(s);
472 if (ret <= 0) 453 if (ret <= 0)
@@ -994,7 +975,6 @@ dtls1_send_server_key_exchange(SSL *s)
994{ 975{
995 unsigned char *q; 976 unsigned char *q;
996 int j, num; 977 int j, num;
997 RSA *rsa;
998 unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; 978 unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
999 unsigned int u; 979 unsigned int u;
1000 DH *dh = NULL, *dhp; 980 DH *dh = NULL, *dhp;
@@ -1024,28 +1004,7 @@ dtls1_send_server_key_exchange(SSL *s)
1024 1004
1025 r[0] = r[1] = r[2] = r[3] = NULL; 1005 r[0] = r[1] = r[2] = r[3] = NULL;
1026 n = 0; 1006 n = 0;
1027 if (type & SSL_kRSA) { 1007
1028 rsa = cert->rsa_tmp;
1029 if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
1030 rsa = s->cert->rsa_tmp_cb(s, 0,
1031 SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
1032 if (rsa == NULL) {
1033 al = SSL_AD_HANDSHAKE_FAILURE;
1034 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
1035 goto f_err;
1036 }
1037 RSA_up_ref(rsa);
1038 cert->rsa_tmp = rsa;
1039 }
1040 if (rsa == NULL) {
1041 al = SSL_AD_HANDSHAKE_FAILURE;
1042 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_RSA_KEY);
1043 goto f_err;
1044 }
1045 r[0] = rsa->n;
1046 r[1] = rsa->e;
1047 s->s3->tmp.use_rsa_tmp = 1;
1048 } else
1049 if (type & SSL_kDHE) { 1008 if (type & SSL_kDHE) {
1050 dhp = cert->dh_tmp; 1009 dhp = cert->dh_tmp;
1051 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) 1010 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
@@ -1087,8 +1046,7 @@ dtls1_send_server_key_exchange(SSL *s)
1087 r[0] = dh->p; 1046 r[0] = dh->p;
1088 r[1] = dh->g; 1047 r[1] = dh->g;
1089 r[2] = dh->pub_key; 1048 r[2] = dh->pub_key;
1090 } else 1049 } else if (type & SSL_kECDHE) {
1091 if (type & SSL_kECDHE) {
1092 const EC_GROUP *group; 1050 const EC_GROUP *group;
1093 1051
1094 ecdhp = cert->ecdh_tmp; 1052 ecdhp = cert->ecdh_tmp;
@@ -1185,10 +1143,10 @@ dtls1_send_server_key_exchange(SSL *s)
1185 r[1] = NULL; 1143 r[1] = NULL;
1186 r[2] = NULL; 1144 r[2] = NULL;
1187 r[3] = NULL; 1145 r[3] = NULL;
1188 } else 1146 } else {
1189 {
1190 al = SSL_AD_HANDSHAKE_FAILURE; 1147 al = SSL_AD_HANDSHAKE_FAILURE;
1191 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); 1148 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
1149 SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1192 goto f_err; 1150 goto f_err;
1193 } 1151 }
1194 for (i = 0; r[i] != NULL; i++) { 1152 for (i = 0; r[i] != NULL; i++) {
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 42f8074f8c..08c5111129 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.82 2014/10/03 13:58:17 jsing Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.83 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1934,8 +1934,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1934{ 1934{
1935 int ret = 0; 1935 int ret = 0;
1936 1936
1937 if (cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || 1937 if (cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
1938 cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
1939 if (!ssl_cert_inst(&s->cert)) { 1938 if (!ssl_cert_inst(&s->cert)) {
1940 SSLerr(SSL_F_SSL3_CTRL, 1939 SSLerr(SSL_F_SSL3_CTRL,
1941 ERR_R_MALLOC_FAILURE); 1940 ERR_R_MALLOC_FAILURE);
@@ -1963,36 +1962,11 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1963 ret = (int)(s->s3->flags); 1962 ret = (int)(s->s3->flags);
1964 break; 1963 break;
1965 case SSL_CTRL_NEED_TMP_RSA: 1964 case SSL_CTRL_NEED_TMP_RSA:
1966 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 1965 ret = 0;
1967 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1968 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)
1969 > (512 / 8))))
1970 ret = 1;
1971 break; 1966 break;
1972 case SSL_CTRL_SET_TMP_RSA: 1967 case SSL_CTRL_SET_TMP_RSA:
1973 {
1974 RSA *rsa = (RSA *)parg;
1975 if (rsa == NULL) {
1976 SSLerr(SSL_F_SSL3_CTRL,
1977 ERR_R_PASSED_NULL_PARAMETER);
1978 return (ret);
1979 }
1980 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
1981 SSLerr(SSL_F_SSL3_CTRL,
1982 ERR_R_RSA_LIB);
1983 return (ret);
1984 }
1985 RSA_free(s->cert->rsa_tmp);
1986 s->cert->rsa_tmp = rsa;
1987 ret = 1;
1988 }
1989 break;
1990 case SSL_CTRL_SET_TMP_RSA_CB: 1968 case SSL_CTRL_SET_TMP_RSA_CB:
1991 { 1969 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1992 SSLerr(SSL_F_SSL3_CTRL,
1993 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1994 return (ret);
1995 }
1996 break; 1970 break;
1997 case SSL_CTRL_SET_TMP_DH: 1971 case SSL_CTRL_SET_TMP_DH:
1998 { 1972 {
@@ -2144,7 +2118,7 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
2144{ 2118{
2145 int ret = 0; 2119 int ret = 0;
2146 2120
2147 if (cmd == SSL_CTRL_SET_TMP_RSA_CB || cmd == SSL_CTRL_SET_TMP_DH_CB) { 2121 if (cmd == SSL_CTRL_SET_TMP_DH_CB) {
2148 if (!ssl_cert_inst(&s->cert)) { 2122 if (!ssl_cert_inst(&s->cert)) {
2149 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, 2123 SSLerr(SSL_F_SSL3_CALLBACK_CTRL,
2150 ERR_R_MALLOC_FAILURE); 2124 ERR_R_MALLOC_FAILURE);
@@ -2154,20 +2128,13 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
2154 2128
2155 switch (cmd) { 2129 switch (cmd) {
2156 case SSL_CTRL_SET_TMP_RSA_CB: 2130 case SSL_CTRL_SET_TMP_RSA_CB:
2157 { 2131 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2158 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
2159 }
2160 break; 2132 break;
2161 case SSL_CTRL_SET_TMP_DH_CB: 2133 case SSL_CTRL_SET_TMP_DH_CB:
2162 { 2134 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2163 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2164 }
2165 break; 2135 break;
2166 case SSL_CTRL_SET_TMP_ECDH_CB: 2136 case SSL_CTRL_SET_TMP_ECDH_CB:
2167 { 2137 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
2168 s->cert->ecdh_tmp_cb =
2169 (EC_KEY *(*)(SSL *, int, int))fp;
2170 }
2171 break; 2138 break;
2172 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 2139 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
2173 s->tlsext_debug_cb = (void (*)(SSL *, int , int, 2140 s->tlsext_debug_cb = (void (*)(SSL *, int , int,
@@ -2188,45 +2155,11 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2188 2155
2189 switch (cmd) { 2156 switch (cmd) {
2190 case SSL_CTRL_NEED_TMP_RSA: 2157 case SSL_CTRL_NEED_TMP_RSA:
2191 if ((cert->rsa_tmp == NULL) && 2158 return (0);
2192 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
2193 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
2194 (512 / 8))))
2195 return (1);
2196 else
2197 return (0);
2198 /* break; */
2199 case SSL_CTRL_SET_TMP_RSA: 2159 case SSL_CTRL_SET_TMP_RSA:
2200 {
2201 RSA *rsa;
2202 int i;
2203
2204 rsa = (RSA *)parg;
2205 i = 1;
2206 if (rsa == NULL)
2207 i = 0;
2208 else {
2209 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
2210 i = 0;
2211 }
2212 if (!i) {
2213 SSLerr(SSL_F_SSL3_CTX_CTRL,
2214 ERR_R_RSA_LIB);
2215 return (0);
2216 } else {
2217 RSA_free(cert->rsa_tmp);
2218 cert->rsa_tmp = rsa;
2219 return (1);
2220 }
2221 }
2222 /* break; */
2223 case SSL_CTRL_SET_TMP_RSA_CB: 2160 case SSL_CTRL_SET_TMP_RSA_CB:
2224 { 2161 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2225 SSLerr(SSL_F_SSL3_CTX_CTRL, 2162 return (0);
2226 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2227 return (0);
2228 }
2229 break;
2230 case SSL_CTRL_SET_TMP_DH: 2163 case SSL_CTRL_SET_TMP_DH:
2231 { 2164 {
2232 DH *new = NULL, *dh; 2165 DH *new = NULL, *dh;
@@ -2366,19 +2299,13 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
2366 2299
2367 switch (cmd) { 2300 switch (cmd) {
2368 case SSL_CTRL_SET_TMP_RSA_CB: 2301 case SSL_CTRL_SET_TMP_RSA_CB:
2369 { 2302 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2370 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 2303 return (0);
2371 }
2372 break;
2373 case SSL_CTRL_SET_TMP_DH_CB: 2304 case SSL_CTRL_SET_TMP_DH_CB:
2374 { 2305 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2375 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2376 }
2377 break; 2306 break;
2378 case SSL_CTRL_SET_TMP_ECDH_CB: 2307 case SSL_CTRL_SET_TMP_ECDH_CB:
2379 { 2308 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
2380 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
2381 }
2382 break; 2309 break;
2383 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 2310 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
2384 ctx->tlsext_servername_callback = 2311 ctx->tlsext_servername_callback =
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 719b4c56c1..1b97895f76 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_srvr.c,v 1.87 2014/10/18 16:13:16 jsing Exp $ */ 1/* $OpenBSD: s3_srvr.c,v 1.88 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -392,37 +392,14 @@ ssl3_accept(SSL *s)
392 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 392 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
393 393
394 /* 394 /*
395 * Clear this, it may get reset by 395 * Only send if using a DH key exchange.
396 * send_server_key_exchange.
397 */
398 if ((s->options & SSL_OP_EPHEMERAL_RSA)
399 )
400 /*
401 * option SSL_OP_EPHEMERAL_RSA sends temporary
402 * RSA key even when forbidden by protocol
403 * specs (handshake may fail as clients are
404 * not required to be able to handle this)
405 */
406 s->s3->tmp.use_rsa_tmp = 1;
407 else
408 s->s3->tmp.use_rsa_tmp = 0;
409
410
411 /*
412 * Only send if a DH key exchange, fortezza or
413 * RSA but we have a sign only certificate.
414 * 396 *
415 * For ECC ciphersuites, we send a serverKeyExchange 397 * For ECC ciphersuites, we send a ServerKeyExchange
416 * message only if the cipher suite is either 398 * message only if the cipher suite is ECDHE. In other
417 * ECDH-anon or ECDHE. In other cases, the 399 * cases, the server certificate contains the server's
418 * server certificate contains the server's
419 * public key for key exchange. 400 * public key for key exchange.
420 */ 401 */
421 if (s->s3->tmp.use_rsa_tmp || 402 if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
422 (alg_k & (SSL_kDHE|SSL_kECDHE)) ||
423 ((alg_k & SSL_kRSA) &&
424 (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey ==
425 NULL))) {
426 ret = ssl3_send_server_key_exchange(s); 403 ret = ssl3_send_server_key_exchange(s);
427 if (ret <= 0) 404 if (ret <= 0)
428 goto end; 405 goto end;
@@ -1352,7 +1329,6 @@ ssl3_send_server_key_exchange(SSL *s)
1352{ 1329{
1353 unsigned char *q; 1330 unsigned char *q;
1354 int j, num; 1331 int j, num;
1355 RSA *rsa;
1356 unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; 1332 unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
1357 unsigned int u; 1333 unsigned int u;
1358 DH *dh = NULL, *dhp; 1334 DH *dh = NULL, *dhp;
@@ -1383,31 +1359,6 @@ ssl3_send_server_key_exchange(SSL *s)
1383 1359
1384 r[0] = r[1] = r[2] = r[3] = NULL; 1360 r[0] = r[1] = r[2] = r[3] = NULL;
1385 n = 0; 1361 n = 0;
1386 if (type & SSL_kRSA) {
1387 rsa = cert->rsa_tmp;
1388 if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
1389 rsa = s->cert->rsa_tmp_cb(s, 0,
1390 SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
1391 if (rsa == NULL) {
1392 al = SSL_AD_HANDSHAKE_FAILURE;
1393 SSLerr(
1394 SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1395 SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
1396 goto f_err;
1397 }
1398 RSA_up_ref(rsa);
1399 cert->rsa_tmp = rsa;
1400 }
1401 if (rsa == NULL) {
1402 al = SSL_AD_HANDSHAKE_FAILURE;
1403 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1404 SSL_R_MISSING_TMP_RSA_KEY);
1405 goto f_err;
1406 }
1407 r[0] = rsa->n;
1408 r[1] = rsa->e;
1409 s->s3->tmp.use_rsa_tmp = 1;
1410 } else
1411 if (type & SSL_kDHE) { 1362 if (type & SSL_kDHE) {
1412 dhp = cert->dh_tmp; 1363 dhp = cert->dh_tmp;
1413 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) 1364 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
@@ -1855,32 +1806,15 @@ ssl3_get_client_key_exchange(SSL *s)
1855 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 1806 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
1856 1807
1857 if (alg_k & SSL_kRSA) { 1808 if (alg_k & SSL_kRSA) {
1858 /* FIX THIS UP EAY EAY EAY EAY */ 1809 pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
1859 if (s->s3->tmp.use_rsa_tmp) { 1810 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) ||
1860 if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL)) 1811 (pkey->pkey.rsa == NULL)) {
1861 rsa = s->cert->rsa_tmp; 1812 al = SSL_AD_HANDSHAKE_FAILURE;
1862 /* 1813 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1863 * Don't do a callback because rsa_tmp should 1814 SSL_R_MISSING_RSA_CERTIFICATE);
1864 * be sent already 1815 goto f_err;
1865 */
1866 if (rsa == NULL) {
1867 al = SSL_AD_HANDSHAKE_FAILURE;
1868 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1869 SSL_R_MISSING_TMP_RSA_PKEY);
1870 goto f_err;
1871
1872 }
1873 } else {
1874 pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
1875 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) ||
1876 (pkey->pkey.rsa == NULL)) {
1877 al = SSL_AD_HANDSHAKE_FAILURE;
1878 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1879 SSL_R_MISSING_RSA_CERTIFICATE);
1880 goto f_err;
1881 }
1882 rsa = pkey->pkey.rsa;
1883 } 1816 }
1817 rsa = pkey->pkey.rsa;
1884 1818
1885 /* TLS and [incidentally] DTLS{0xFEFF} */ 1819 /* TLS and [incidentally] DTLS{0xFEFF} */
1886 if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) { 1820 if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) {
diff --git a/src/lib/libssl/src/ssl/d1_srvr.c b/src/lib/libssl/src/ssl/d1_srvr.c
index a85715753c..d2f642f877 100644
--- a/src/lib/libssl/src/ssl/d1_srvr.c
+++ b/src/lib/libssl/src/ssl/d1_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_srvr.c,v 1.40 2014/10/18 16:13:16 jsing Exp $ */ 1/* $OpenBSD: d1_srvr.c,v 1.41 2014/10/31 14:51:01 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -446,27 +446,8 @@ dtls1_accept(SSL *s)
446 case SSL3_ST_SW_KEY_EXCH_B: 446 case SSL3_ST_SW_KEY_EXCH_B:
447 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 447 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
448 448
449 /* clear this, it may get reset by 449 /* Only send if using a DH key exchange. */
450 * send_server_key_exchange */ 450 if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
451 if ((s->options & SSL_OP_EPHEMERAL_RSA)
452 )
453 /* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
454 * even when forbidden by protocol specs
455 * (handshake may fail as clients are not required to
456 * be able to handle this) */
457 s->s3->tmp.use_rsa_tmp = 1;
458 else
459 s->s3->tmp.use_rsa_tmp = 0;
460
461 /* only send if a DH key exchange or
462 * RSA but we have a sign only certificate */
463 if (s->s3->tmp.use_rsa_tmp
464 || (alg_k & (SSL_kDHE|SSL_kECDHE))
465 || ((alg_k & SSL_kRSA)
466 && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
467 )
468 )
469 ) {
470 dtls1_start_timer(s); 451 dtls1_start_timer(s);
471 ret = dtls1_send_server_key_exchange(s); 452 ret = dtls1_send_server_key_exchange(s);
472 if (ret <= 0) 453 if (ret <= 0)
@@ -994,7 +975,6 @@ dtls1_send_server_key_exchange(SSL *s)
994{ 975{
995 unsigned char *q; 976 unsigned char *q;
996 int j, num; 977 int j, num;
997 RSA *rsa;
998 unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; 978 unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
999 unsigned int u; 979 unsigned int u;
1000 DH *dh = NULL, *dhp; 980 DH *dh = NULL, *dhp;
@@ -1024,28 +1004,7 @@ dtls1_send_server_key_exchange(SSL *s)
1024 1004
1025 r[0] = r[1] = r[2] = r[3] = NULL; 1005 r[0] = r[1] = r[2] = r[3] = NULL;
1026 n = 0; 1006 n = 0;
1027 if (type & SSL_kRSA) { 1007
1028 rsa = cert->rsa_tmp;
1029 if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
1030 rsa = s->cert->rsa_tmp_cb(s, 0,
1031 SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
1032 if (rsa == NULL) {
1033 al = SSL_AD_HANDSHAKE_FAILURE;
1034 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
1035 goto f_err;
1036 }
1037 RSA_up_ref(rsa);
1038 cert->rsa_tmp = rsa;
1039 }
1040 if (rsa == NULL) {
1041 al = SSL_AD_HANDSHAKE_FAILURE;
1042 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_RSA_KEY);
1043 goto f_err;
1044 }
1045 r[0] = rsa->n;
1046 r[1] = rsa->e;
1047 s->s3->tmp.use_rsa_tmp = 1;
1048 } else
1049 if (type & SSL_kDHE) { 1008 if (type & SSL_kDHE) {
1050 dhp = cert->dh_tmp; 1009 dhp = cert->dh_tmp;
1051 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) 1010 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
@@ -1087,8 +1046,7 @@ dtls1_send_server_key_exchange(SSL *s)
1087 r[0] = dh->p; 1046 r[0] = dh->p;
1088 r[1] = dh->g; 1047 r[1] = dh->g;
1089 r[2] = dh->pub_key; 1048 r[2] = dh->pub_key;
1090 } else 1049 } else if (type & SSL_kECDHE) {
1091 if (type & SSL_kECDHE) {
1092 const EC_GROUP *group; 1050 const EC_GROUP *group;
1093 1051
1094 ecdhp = cert->ecdh_tmp; 1052 ecdhp = cert->ecdh_tmp;
@@ -1185,10 +1143,10 @@ dtls1_send_server_key_exchange(SSL *s)
1185 r[1] = NULL; 1143 r[1] = NULL;
1186 r[2] = NULL; 1144 r[2] = NULL;
1187 r[3] = NULL; 1145 r[3] = NULL;
1188 } else 1146 } else {
1189 {
1190 al = SSL_AD_HANDSHAKE_FAILURE; 1147 al = SSL_AD_HANDSHAKE_FAILURE;
1191 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); 1148 SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
1149 SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1192 goto f_err; 1150 goto f_err;
1193 } 1151 }
1194 for (i = 0; r[i] != NULL; i++) { 1152 for (i = 0; r[i] != NULL; i++) {
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 42f8074f8c..08c5111129 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.82 2014/10/03 13:58:17 jsing Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.83 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1934,8 +1934,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1934{ 1934{
1935 int ret = 0; 1935 int ret = 0;
1936 1936
1937 if (cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || 1937 if (cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
1938 cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
1939 if (!ssl_cert_inst(&s->cert)) { 1938 if (!ssl_cert_inst(&s->cert)) {
1940 SSLerr(SSL_F_SSL3_CTRL, 1939 SSLerr(SSL_F_SSL3_CTRL,
1941 ERR_R_MALLOC_FAILURE); 1940 ERR_R_MALLOC_FAILURE);
@@ -1963,36 +1962,11 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1963 ret = (int)(s->s3->flags); 1962 ret = (int)(s->s3->flags);
1964 break; 1963 break;
1965 case SSL_CTRL_NEED_TMP_RSA: 1964 case SSL_CTRL_NEED_TMP_RSA:
1966 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 1965 ret = 0;
1967 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
1968 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)
1969 > (512 / 8))))
1970 ret = 1;
1971 break; 1966 break;
1972 case SSL_CTRL_SET_TMP_RSA: 1967 case SSL_CTRL_SET_TMP_RSA:
1973 {
1974 RSA *rsa = (RSA *)parg;
1975 if (rsa == NULL) {
1976 SSLerr(SSL_F_SSL3_CTRL,
1977 ERR_R_PASSED_NULL_PARAMETER);
1978 return (ret);
1979 }
1980 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
1981 SSLerr(SSL_F_SSL3_CTRL,
1982 ERR_R_RSA_LIB);
1983 return (ret);
1984 }
1985 RSA_free(s->cert->rsa_tmp);
1986 s->cert->rsa_tmp = rsa;
1987 ret = 1;
1988 }
1989 break;
1990 case SSL_CTRL_SET_TMP_RSA_CB: 1968 case SSL_CTRL_SET_TMP_RSA_CB:
1991 { 1969 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1992 SSLerr(SSL_F_SSL3_CTRL,
1993 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1994 return (ret);
1995 }
1996 break; 1970 break;
1997 case SSL_CTRL_SET_TMP_DH: 1971 case SSL_CTRL_SET_TMP_DH:
1998 { 1972 {
@@ -2144,7 +2118,7 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
2144{ 2118{
2145 int ret = 0; 2119 int ret = 0;
2146 2120
2147 if (cmd == SSL_CTRL_SET_TMP_RSA_CB || cmd == SSL_CTRL_SET_TMP_DH_CB) { 2121 if (cmd == SSL_CTRL_SET_TMP_DH_CB) {
2148 if (!ssl_cert_inst(&s->cert)) { 2122 if (!ssl_cert_inst(&s->cert)) {
2149 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, 2123 SSLerr(SSL_F_SSL3_CALLBACK_CTRL,
2150 ERR_R_MALLOC_FAILURE); 2124 ERR_R_MALLOC_FAILURE);
@@ -2154,20 +2128,13 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
2154 2128
2155 switch (cmd) { 2129 switch (cmd) {
2156 case SSL_CTRL_SET_TMP_RSA_CB: 2130 case SSL_CTRL_SET_TMP_RSA_CB:
2157 { 2131 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2158 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
2159 }
2160 break; 2132 break;
2161 case SSL_CTRL_SET_TMP_DH_CB: 2133 case SSL_CTRL_SET_TMP_DH_CB:
2162 { 2134 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2163 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2164 }
2165 break; 2135 break;
2166 case SSL_CTRL_SET_TMP_ECDH_CB: 2136 case SSL_CTRL_SET_TMP_ECDH_CB:
2167 { 2137 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
2168 s->cert->ecdh_tmp_cb =
2169 (EC_KEY *(*)(SSL *, int, int))fp;
2170 }
2171 break; 2138 break;
2172 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 2139 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
2173 s->tlsext_debug_cb = (void (*)(SSL *, int , int, 2140 s->tlsext_debug_cb = (void (*)(SSL *, int , int,
@@ -2188,45 +2155,11 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2188 2155
2189 switch (cmd) { 2156 switch (cmd) {
2190 case SSL_CTRL_NEED_TMP_RSA: 2157 case SSL_CTRL_NEED_TMP_RSA:
2191 if ((cert->rsa_tmp == NULL) && 2158 return (0);
2192 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
2193 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
2194 (512 / 8))))
2195 return (1);
2196 else
2197 return (0);
2198 /* break; */
2199 case SSL_CTRL_SET_TMP_RSA: 2159 case SSL_CTRL_SET_TMP_RSA:
2200 {
2201 RSA *rsa;
2202 int i;
2203
2204 rsa = (RSA *)parg;
2205 i = 1;
2206 if (rsa == NULL)
2207 i = 0;
2208 else {
2209 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
2210 i = 0;
2211 }
2212 if (!i) {
2213 SSLerr(SSL_F_SSL3_CTX_CTRL,
2214 ERR_R_RSA_LIB);
2215 return (0);
2216 } else {
2217 RSA_free(cert->rsa_tmp);
2218 cert->rsa_tmp = rsa;
2219 return (1);
2220 }
2221 }
2222 /* break; */
2223 case SSL_CTRL_SET_TMP_RSA_CB: 2160 case SSL_CTRL_SET_TMP_RSA_CB:
2224 { 2161 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2225 SSLerr(SSL_F_SSL3_CTX_CTRL, 2162 return (0);
2226 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2227 return (0);
2228 }
2229 break;
2230 case SSL_CTRL_SET_TMP_DH: 2163 case SSL_CTRL_SET_TMP_DH:
2231 { 2164 {
2232 DH *new = NULL, *dh; 2165 DH *new = NULL, *dh;
@@ -2366,19 +2299,13 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
2366 2299
2367 switch (cmd) { 2300 switch (cmd) {
2368 case SSL_CTRL_SET_TMP_RSA_CB: 2301 case SSL_CTRL_SET_TMP_RSA_CB:
2369 { 2302 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2370 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 2303 return (0);
2371 }
2372 break;
2373 case SSL_CTRL_SET_TMP_DH_CB: 2304 case SSL_CTRL_SET_TMP_DH_CB:
2374 { 2305 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2375 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2376 }
2377 break; 2306 break;
2378 case SSL_CTRL_SET_TMP_ECDH_CB: 2307 case SSL_CTRL_SET_TMP_ECDH_CB:
2379 { 2308 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
2380 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
2381 }
2382 break; 2309 break;
2383 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 2310 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
2384 ctx->tlsext_servername_callback = 2311 ctx->tlsext_servername_callback =
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index 719b4c56c1..1b97895f76 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_srvr.c,v 1.87 2014/10/18 16:13:16 jsing Exp $ */ 1/* $OpenBSD: s3_srvr.c,v 1.88 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -392,37 +392,14 @@ ssl3_accept(SSL *s)
392 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 392 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
393 393
394 /* 394 /*
395 * Clear this, it may get reset by 395 * Only send if using a DH key exchange.
396 * send_server_key_exchange.
397 */
398 if ((s->options & SSL_OP_EPHEMERAL_RSA)
399 )
400 /*
401 * option SSL_OP_EPHEMERAL_RSA sends temporary
402 * RSA key even when forbidden by protocol
403 * specs (handshake may fail as clients are
404 * not required to be able to handle this)
405 */
406 s->s3->tmp.use_rsa_tmp = 1;
407 else
408 s->s3->tmp.use_rsa_tmp = 0;
409
410
411 /*
412 * Only send if a DH key exchange, fortezza or
413 * RSA but we have a sign only certificate.
414 * 396 *
415 * For ECC ciphersuites, we send a serverKeyExchange 397 * For ECC ciphersuites, we send a ServerKeyExchange
416 * message only if the cipher suite is either 398 * message only if the cipher suite is ECDHE. In other
417 * ECDH-anon or ECDHE. In other cases, the 399 * cases, the server certificate contains the server's
418 * server certificate contains the server's
419 * public key for key exchange. 400 * public key for key exchange.
420 */ 401 */
421 if (s->s3->tmp.use_rsa_tmp || 402 if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
422 (alg_k & (SSL_kDHE|SSL_kECDHE)) ||
423 ((alg_k & SSL_kRSA) &&
424 (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey ==
425 NULL))) {
426 ret = ssl3_send_server_key_exchange(s); 403 ret = ssl3_send_server_key_exchange(s);
427 if (ret <= 0) 404 if (ret <= 0)
428 goto end; 405 goto end;
@@ -1352,7 +1329,6 @@ ssl3_send_server_key_exchange(SSL *s)
1352{ 1329{
1353 unsigned char *q; 1330 unsigned char *q;
1354 int j, num; 1331 int j, num;
1355 RSA *rsa;
1356 unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; 1332 unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
1357 unsigned int u; 1333 unsigned int u;
1358 DH *dh = NULL, *dhp; 1334 DH *dh = NULL, *dhp;
@@ -1383,31 +1359,6 @@ ssl3_send_server_key_exchange(SSL *s)
1383 1359
1384 r[0] = r[1] = r[2] = r[3] = NULL; 1360 r[0] = r[1] = r[2] = r[3] = NULL;
1385 n = 0; 1361 n = 0;
1386 if (type & SSL_kRSA) {
1387 rsa = cert->rsa_tmp;
1388 if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
1389 rsa = s->cert->rsa_tmp_cb(s, 0,
1390 SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
1391 if (rsa == NULL) {
1392 al = SSL_AD_HANDSHAKE_FAILURE;
1393 SSLerr(
1394 SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1395 SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
1396 goto f_err;
1397 }
1398 RSA_up_ref(rsa);
1399 cert->rsa_tmp = rsa;
1400 }
1401 if (rsa == NULL) {
1402 al = SSL_AD_HANDSHAKE_FAILURE;
1403 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1404 SSL_R_MISSING_TMP_RSA_KEY);
1405 goto f_err;
1406 }
1407 r[0] = rsa->n;
1408 r[1] = rsa->e;
1409 s->s3->tmp.use_rsa_tmp = 1;
1410 } else
1411 if (type & SSL_kDHE) { 1362 if (type & SSL_kDHE) {
1412 dhp = cert->dh_tmp; 1363 dhp = cert->dh_tmp;
1413 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) 1364 if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
@@ -1855,32 +1806,15 @@ ssl3_get_client_key_exchange(SSL *s)
1855 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 1806 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
1856 1807
1857 if (alg_k & SSL_kRSA) { 1808 if (alg_k & SSL_kRSA) {
1858 /* FIX THIS UP EAY EAY EAY EAY */ 1809 pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
1859 if (s->s3->tmp.use_rsa_tmp) { 1810 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) ||
1860 if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL)) 1811 (pkey->pkey.rsa == NULL)) {
1861 rsa = s->cert->rsa_tmp; 1812 al = SSL_AD_HANDSHAKE_FAILURE;
1862 /* 1813 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1863 * Don't do a callback because rsa_tmp should 1814 SSL_R_MISSING_RSA_CERTIFICATE);
1864 * be sent already 1815 goto f_err;
1865 */
1866 if (rsa == NULL) {
1867 al = SSL_AD_HANDSHAKE_FAILURE;
1868 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1869 SSL_R_MISSING_TMP_RSA_PKEY);
1870 goto f_err;
1871
1872 }
1873 } else {
1874 pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
1875 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) ||
1876 (pkey->pkey.rsa == NULL)) {
1877 al = SSL_AD_HANDSHAKE_FAILURE;
1878 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
1879 SSL_R_MISSING_RSA_CERTIFICATE);
1880 goto f_err;
1881 }
1882 rsa = pkey->pkey.rsa;
1883 } 1816 }
1817 rsa = pkey->pkey.rsa;
1884 1818
1885 /* TLS and [incidentally] DTLS{0xFEFF} */ 1819 /* TLS and [incidentally] DTLS{0xFEFF} */
1886 if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) { 1820 if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) {
diff --git a/src/lib/libssl/src/ssl/ssl3.h b/src/lib/libssl/src/ssl/ssl3.h
index 9a28b4701f..18afa304c9 100644
--- a/src/lib/libssl/src/ssl/ssl3.h
+++ b/src/lib/libssl/src/ssl/ssl3.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl3.h,v 1.26 2014/08/11 01:10:42 jsing Exp $ */ 1/* $OpenBSD: ssl3.h,v 1.27 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -473,7 +473,7 @@ typedef struct ssl3_state_st {
473 char ctype[SSL3_CT_NUMBER]; 473 char ctype[SSL3_CT_NUMBER];
474 STACK_OF(X509_NAME) *ca_names; 474 STACK_OF(X509_NAME) *ca_names;
475 475
476 int use_rsa_tmp; 476 int use_rsa_tmp; /* XXX - remove at next bump. */
477 477
478 int key_block_length; 478 int key_block_length;
479 unsigned char *key_block; 479 unsigned char *key_block;
diff --git a/src/lib/libssl/src/ssl/ssl_cert.c b/src/lib/libssl/src/ssl/ssl_cert.c
index 6f1815067b..beea31c64b 100644
--- a/src/lib/libssl/src/ssl/ssl_cert.c
+++ b/src/lib/libssl/src/ssl/ssl_cert.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_cert.c,v 1.42 2014/10/03 13:58:18 jsing Exp $ */ 1/* $OpenBSD: ssl_cert.c,v 1.43 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -205,12 +205,6 @@ ssl_cert_dup(CERT *cert)
205 ret->mask_k = cert->mask_k; 205 ret->mask_k = cert->mask_k;
206 ret->mask_a = cert->mask_a; 206 ret->mask_a = cert->mask_a;
207 207
208 if (cert->rsa_tmp != NULL) {
209 RSA_up_ref(cert->rsa_tmp);
210 ret->rsa_tmp = cert->rsa_tmp;
211 }
212 ret->rsa_tmp_cb = cert->rsa_tmp_cb;
213
214 if (cert->dh_tmp != NULL) { 208 if (cert->dh_tmp != NULL) {
215 ret->dh_tmp = DHparams_dup(cert->dh_tmp); 209 ret->dh_tmp = DHparams_dup(cert->dh_tmp);
216 if (ret->dh_tmp == NULL) { 210 if (ret->dh_tmp == NULL) {
@@ -305,7 +299,6 @@ ssl_cert_dup(CERT *cert)
305 return (ret); 299 return (ret);
306 300
307err: 301err:
308 RSA_free(ret->rsa_tmp);
309 DH_free(ret->dh_tmp); 302 DH_free(ret->dh_tmp);
310 EC_KEY_free(ret->ecdh_tmp); 303 EC_KEY_free(ret->ecdh_tmp);
311 304
@@ -331,7 +324,6 @@ ssl_cert_free(CERT *c)
331 if (i > 0) 324 if (i > 0)
332 return; 325 return;
333 326
334 RSA_free(c->rsa_tmp);
335 DH_free(c->dh_tmp); 327 DH_free(c->dh_tmp);
336 EC_KEY_free(c->ecdh_tmp); 328 EC_KEY_free(c->ecdh_tmp);
337 329
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index 3fa8f5039f..579c005cc3 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.87 2014/10/18 16:13:16 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.88 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1931,7 +1931,7 @@ void
1931ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) 1931ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1932{ 1932{
1933 CERT_PKEY *cpk; 1933 CERT_PKEY *cpk;
1934 int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dsa_sign; 1934 int rsa_enc, rsa_sign, dh_tmp, dsa_sign;
1935 unsigned long mask_k, mask_a; 1935 unsigned long mask_k, mask_a;
1936 int have_ecc_cert, ecdh_ok, ecdsa_ok; 1936 int have_ecc_cert, ecdh_ok, ecdsa_ok;
1937 int have_ecdh_tmp; 1937 int have_ecdh_tmp;
@@ -1942,7 +1942,6 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1942 if (c == NULL) 1942 if (c == NULL)
1943 return; 1943 return;
1944 1944
1945 rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
1946 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL); 1945 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
1947 1946
1948 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL || 1947 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL ||
@@ -1970,7 +1969,7 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1970 mask_a |= SSL_aGOST94; 1969 mask_a |= SSL_aGOST94;
1971 } 1970 }
1972 1971
1973 if (rsa_enc || (rsa_tmp && rsa_sign)) 1972 if (rsa_enc)
1974 mask_k|=SSL_kRSA; 1973 mask_k|=SSL_kRSA;
1975 1974
1976 if (dh_tmp) 1975 if (dh_tmp)
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 976f835c92..955c169244 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.71 2014/10/03 13:58:18 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.72 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -440,9 +440,6 @@ typedef struct cert_st {
440 unsigned long mask_k; 440 unsigned long mask_k;
441 unsigned long mask_a; 441 unsigned long mask_a;
442 442
443 RSA *rsa_tmp;
444 RSA *(*rsa_tmp_cb)(SSL *ssl, int is_export, int keysize);
445
446 DH *dh_tmp; 443 DH *dh_tmp;
447 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize); 444 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize);
448 445
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
index 9a28b4701f..18afa304c9 100644
--- a/src/lib/libssl/ssl3.h
+++ b/src/lib/libssl/ssl3.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl3.h,v 1.26 2014/08/11 01:10:42 jsing Exp $ */ 1/* $OpenBSD: ssl3.h,v 1.27 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -473,7 +473,7 @@ typedef struct ssl3_state_st {
473 char ctype[SSL3_CT_NUMBER]; 473 char ctype[SSL3_CT_NUMBER];
474 STACK_OF(X509_NAME) *ca_names; 474 STACK_OF(X509_NAME) *ca_names;
475 475
476 int use_rsa_tmp; 476 int use_rsa_tmp; /* XXX - remove at next bump. */
477 477
478 int key_block_length; 478 int key_block_length;
479 unsigned char *key_block; 479 unsigned char *key_block;
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index 6f1815067b..beea31c64b 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_cert.c,v 1.42 2014/10/03 13:58:18 jsing Exp $ */ 1/* $OpenBSD: ssl_cert.c,v 1.43 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -205,12 +205,6 @@ ssl_cert_dup(CERT *cert)
205 ret->mask_k = cert->mask_k; 205 ret->mask_k = cert->mask_k;
206 ret->mask_a = cert->mask_a; 206 ret->mask_a = cert->mask_a;
207 207
208 if (cert->rsa_tmp != NULL) {
209 RSA_up_ref(cert->rsa_tmp);
210 ret->rsa_tmp = cert->rsa_tmp;
211 }
212 ret->rsa_tmp_cb = cert->rsa_tmp_cb;
213
214 if (cert->dh_tmp != NULL) { 208 if (cert->dh_tmp != NULL) {
215 ret->dh_tmp = DHparams_dup(cert->dh_tmp); 209 ret->dh_tmp = DHparams_dup(cert->dh_tmp);
216 if (ret->dh_tmp == NULL) { 210 if (ret->dh_tmp == NULL) {
@@ -305,7 +299,6 @@ ssl_cert_dup(CERT *cert)
305 return (ret); 299 return (ret);
306 300
307err: 301err:
308 RSA_free(ret->rsa_tmp);
309 DH_free(ret->dh_tmp); 302 DH_free(ret->dh_tmp);
310 EC_KEY_free(ret->ecdh_tmp); 303 EC_KEY_free(ret->ecdh_tmp);
311 304
@@ -331,7 +324,6 @@ ssl_cert_free(CERT *c)
331 if (i > 0) 324 if (i > 0)
332 return; 325 return;
333 326
334 RSA_free(c->rsa_tmp);
335 DH_free(c->dh_tmp); 327 DH_free(c->dh_tmp);
336 EC_KEY_free(c->ecdh_tmp); 328 EC_KEY_free(c->ecdh_tmp);
337 329
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 3fa8f5039f..579c005cc3 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.87 2014/10/18 16:13:16 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.88 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1931,7 +1931,7 @@ void
1931ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) 1931ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1932{ 1932{
1933 CERT_PKEY *cpk; 1933 CERT_PKEY *cpk;
1934 int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dsa_sign; 1934 int rsa_enc, rsa_sign, dh_tmp, dsa_sign;
1935 unsigned long mask_k, mask_a; 1935 unsigned long mask_k, mask_a;
1936 int have_ecc_cert, ecdh_ok, ecdsa_ok; 1936 int have_ecc_cert, ecdh_ok, ecdsa_ok;
1937 int have_ecdh_tmp; 1937 int have_ecdh_tmp;
@@ -1942,7 +1942,6 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1942 if (c == NULL) 1942 if (c == NULL)
1943 return; 1943 return;
1944 1944
1945 rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
1946 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL); 1945 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
1947 1946
1948 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL || 1947 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL ||
@@ -1970,7 +1969,7 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1970 mask_a |= SSL_aGOST94; 1969 mask_a |= SSL_aGOST94;
1971 } 1970 }
1972 1971
1973 if (rsa_enc || (rsa_tmp && rsa_sign)) 1972 if (rsa_enc)
1974 mask_k|=SSL_kRSA; 1973 mask_k|=SSL_kRSA;
1975 1974
1976 if (dh_tmp) 1975 if (dh_tmp)
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 976f835c92..955c169244 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.71 2014/10/03 13:58:18 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.72 2014/10/31 14:51:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -440,9 +440,6 @@ typedef struct cert_st {
440 unsigned long mask_k; 440 unsigned long mask_k;
441 unsigned long mask_a; 441 unsigned long mask_a;
442 442
443 RSA *rsa_tmp;
444 RSA *(*rsa_tmp_cb)(SSL *ssl, int is_export, int keysize);
445
446 DH *dh_tmp; 443 DH *dh_tmp;
447 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize); 444 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize);
448 445
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-31 22:55:36 +0000