From 9ef9f06708ef4fe615f3485f5d82f3fb919fdf03 Mon Sep 17 00:00:00 2001
From: miod <>
Date: Fri, 13 Jun 2014 04:29:13 +0000
Subject: Remove support for the `opaque PRF input' extension, which draft has
expired 7 years ago and never made it into an RFC. That code wasn't compiled
in anyway unless one would define the actual on-the-wire extension id bytes;
crank libssl major.
With help and enlightenment from Brendan MacDonell.
---
src/lib/libssl/d1_lib.c | 4 +-
src/lib/libssl/s3_lib.c | 56 +---------
src/lib/libssl/shlib_version | 4 +-
src/lib/libssl/src/apps/s_cb.c | 7 +-
src/lib/libssl/src/apps/s_client.c | 7 +-
src/lib/libssl/src/apps/s_server.c | 7 +-
src/lib/libssl/src/ssl/d1_lib.c | 4 +-
src/lib/libssl/src/ssl/s3_lib.c | 56 +---------
src/lib/libssl/src/ssl/ssl.h | 15 +--
src/lib/libssl/src/ssl/ssl3.h | 11 +-
src/lib/libssl/src/ssl/ssl_err.c | 3 +-
src/lib/libssl/src/ssl/ssl_lib.c | 3 +-
src/lib/libssl/src/ssl/t1_enc.c | 19 +---
src/lib/libssl/src/ssl/t1_lib.c | 214 +------------------------------------
src/lib/libssl/src/ssl/tls1.h | 9 +-
src/lib/libssl/ssl.h | 15 +--
src/lib/libssl/ssl/shlib_version | 4 +-
src/lib/libssl/ssl3.h | 11 +-
src/lib/libssl/ssl_err.c | 3 +-
src/lib/libssl/ssl_lib.c | 3 +-
src/lib/libssl/t1_enc.c | 19 +---
src/lib/libssl/t1_lib.c | 214 +------------------------------------
src/lib/libssl/tls1.h | 9 +-
23 files changed, 29 insertions(+), 668 deletions(-)
(limited to 'src/lib')
diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c
index 0b7c6404c5..13c93a77cf 100644
--- a/src/lib/libssl/d1_lib.c
+++ b/src/lib/libssl/d1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_lib.c,v 1.19 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: d1_lib.c,v 1.20 2014/06/13 04:29:13 miod Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -135,6 +135,7 @@ dtls1_new(SSL *s)
if (d1->buffered_app_data.q)
pqueue_free(d1->buffered_app_data.q);
free(d1);
+ ssl3_free(s);
return (0);
}
@@ -199,6 +200,7 @@ dtls1_free(SSL *s)
pqueue_free(s->d1->sent_messages);
pqueue_free(s->d1->buffered_app_data.q);
+ OPENSSL_cleanse(s->d1, sizeof *s->d1);
free(s->d1);
s->d1 = NULL;
}
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 03d30125b9..576ce2e52b 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.58 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.59 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -2322,11 +2322,6 @@ ssl3_free(SSL *s)
if (s == NULL)
return;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- free(s->s3->client_opaque_prf_input);
- free(s->s3->server_opaque_prf_input);
-#endif
-
ssl3_cleanup_key_block(s);
ssl3_release_read_buffer(s);
ssl3_release_write_buffer(s);
@@ -2351,13 +2346,6 @@ ssl3_clear(SSL *s)
size_t rlen, wlen;
int init_extra;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- free(s->s3->client_opaque_prf_input);
- s->s3->client_opaque_prf_input = NULL;
- free(s->s3->server_opaque_prf_input);
- s->s3->server_opaque_prf_input = NULL;
-#endif
-
ssl3_cleanup_key_block(s);
if (s->s3->tmp.ca_names != NULL)
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
@@ -2570,35 +2558,6 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
ret = 1;
break;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
- if (larg > 12288) {
- /*
- * Actual internal limit is 2^16 for the complete
- * hello message (including the cert chain and
- * everything)
- */
- SSLerr(SSL_F_SSL3_CTRL,
- SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
- break;
- }
- free(s->tlsext_opaque_prf_input);
- if ((size_t)larg == 0) {
- s->tlsext_opaque_prf_input = NULL;
- s->tlsext_opaque_prf_input_len = 0;
- ret = 1;
- } else {
- s->tlsext_opaque_prf_input =
- BUF_memdup(parg, (size_t)larg);
- if (s->tlsext_opaque_prf_input != NULL) {
- s->tlsext_opaque_prf_input_len = (size_t)larg;
- ret = 1;
- } else
- s->tlsext_opaque_prf_input_len = 0;
- }
- break;
-#endif
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
s->tlsext_status_type = larg;
ret = 1;
@@ -2824,12 +2783,6 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return 1;
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
- ctx->tlsext_opaque_prf_input_callback_arg = parg;
- return 1;
-#endif
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
ctx->tlsext_status_arg = parg;
return 1;
@@ -2890,13 +2843,6 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
(int (*)(SSL *, int *, void *))fp;
break;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
- ctx->tlsext_opaque_prf_input_callback =
- (int (*)(SSL *, void *, size_t, void *))fp;
- break;
-#endif
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
break;
diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version
index aa54cbb404..361604a5eb 100644
--- a/src/lib/libssl/shlib_version
+++ b/src/lib/libssl/shlib_version
@@ -1,2 +1,2 @@
-major=24
-minor=1
+major=25
+minor=0
diff --git a/src/lib/libssl/src/apps/s_cb.c b/src/lib/libssl/src/apps/s_cb.c
index 51df99b2e8..29dd80e87d 100644
--- a/src/lib/libssl/src/apps/s_cb.c
+++ b/src/lib/libssl/src/apps/s_cb.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_cb.c,v 1.21 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: s_cb.c,v 1.22 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -696,11 +696,6 @@ tlsext_cb(SSL * s, int client_server, int type, unsigned char *data, int len,
extname = "renegotiation info";
break;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- case TLSEXT_TYPE_opaque_prf_input:
- extname = "opaque PRF input";
- break;
-#endif
#ifdef TLSEXT_TYPE_next_proto_neg
case TLSEXT_TYPE_next_proto_neg:
extname = "next protocol";
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c
index 1e12eca895..c453875c07 100644
--- a/src/lib/libssl/src/apps/s_client.c
+++ b/src/lib/libssl/src/apps/s_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_client.c,v 1.60 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: s_client.c,v 1.61 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -910,11 +910,6 @@ bad:
}
#endif
/* SSL_set_cipher_list(con,"RC4-MD5"); */
-#if 0
-#ifdef TLSEXT_TYPE_opaque_prf_input
- SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
-#endif
-#endif
re_start:
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c
index 25be6121b5..e73b249ca3 100644
--- a/src/lib/libssl/src/apps/s_server.c
+++ b/src/lib/libssl/src/apps/s_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_server.c,v 1.52 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: s_server.c,v 1.53 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1541,11 +1541,6 @@ sv_body(char *hostname, int s, unsigned char *context)
strlen((char *) context));
}
SSL_clear(con);
-#if 0
-#ifdef TLSEXT_TYPE_opaque_prf_input
- SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
-#endif
-#endif
if (SSL_version(con) == DTLS1_VERSION) {
diff --git a/src/lib/libssl/src/ssl/d1_lib.c b/src/lib/libssl/src/ssl/d1_lib.c
index 0b7c6404c5..13c93a77cf 100644
--- a/src/lib/libssl/src/ssl/d1_lib.c
+++ b/src/lib/libssl/src/ssl/d1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_lib.c,v 1.19 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: d1_lib.c,v 1.20 2014/06/13 04:29:13 miod Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -135,6 +135,7 @@ dtls1_new(SSL *s)
if (d1->buffered_app_data.q)
pqueue_free(d1->buffered_app_data.q);
free(d1);
+ ssl3_free(s);
return (0);
}
@@ -199,6 +200,7 @@ dtls1_free(SSL *s)
pqueue_free(s->d1->sent_messages);
pqueue_free(s->d1->buffered_app_data.q);
+ OPENSSL_cleanse(s->d1, sizeof *s->d1);
free(s->d1);
s->d1 = NULL;
}
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 03d30125b9..576ce2e52b 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.58 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.59 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -2322,11 +2322,6 @@ ssl3_free(SSL *s)
if (s == NULL)
return;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- free(s->s3->client_opaque_prf_input);
- free(s->s3->server_opaque_prf_input);
-#endif
-
ssl3_cleanup_key_block(s);
ssl3_release_read_buffer(s);
ssl3_release_write_buffer(s);
@@ -2351,13 +2346,6 @@ ssl3_clear(SSL *s)
size_t rlen, wlen;
int init_extra;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- free(s->s3->client_opaque_prf_input);
- s->s3->client_opaque_prf_input = NULL;
- free(s->s3->server_opaque_prf_input);
- s->s3->server_opaque_prf_input = NULL;
-#endif
-
ssl3_cleanup_key_block(s);
if (s->s3->tmp.ca_names != NULL)
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
@@ -2570,35 +2558,6 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
ret = 1;
break;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
- if (larg > 12288) {
- /*
- * Actual internal limit is 2^16 for the complete
- * hello message (including the cert chain and
- * everything)
- */
- SSLerr(SSL_F_SSL3_CTRL,
- SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
- break;
- }
- free(s->tlsext_opaque_prf_input);
- if ((size_t)larg == 0) {
- s->tlsext_opaque_prf_input = NULL;
- s->tlsext_opaque_prf_input_len = 0;
- ret = 1;
- } else {
- s->tlsext_opaque_prf_input =
- BUF_memdup(parg, (size_t)larg);
- if (s->tlsext_opaque_prf_input != NULL) {
- s->tlsext_opaque_prf_input_len = (size_t)larg;
- ret = 1;
- } else
- s->tlsext_opaque_prf_input_len = 0;
- }
- break;
-#endif
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
s->tlsext_status_type = larg;
ret = 1;
@@ -2824,12 +2783,6 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return 1;
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
- ctx->tlsext_opaque_prf_input_callback_arg = parg;
- return 1;
-#endif
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
ctx->tlsext_status_arg = parg;
return 1;
@@ -2890,13 +2843,6 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
(int (*)(SSL *, int *, void *))fp;
break;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
- ctx->tlsext_opaque_prf_input_callback =
- (int (*)(SSL *, void *, size_t, void *))fp;
- break;
-#endif
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
break;
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
index a550a442a0..cd71f7bcfe 100644
--- a/src/lib/libssl/src/ssl/ssl.h
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.52 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl.h,v 1.53 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -847,11 +847,6 @@ struct ssl_ctx_st {
int (*tlsext_status_cb)(SSL *ssl, void *arg);
void *tlsext_status_arg;
- /* draft-rescorla-tls-opaque-prf-input-00.txt information */
- int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput,
- size_t len, void *arg);
- void *tlsext_opaque_prf_input_callback_arg;
-
#ifndef OPENSSL_NO_PSK
char *psk_identity_hint;
unsigned int (*psk_client_callback)(SSL *ssl, const char *hint,
@@ -1201,10 +1196,6 @@ struct ssl_st {
size_t tlsext_ellipticcurvelist_length;
unsigned char *tlsext_ellipticcurvelist; /* our list */
- /* draft-rescorla-tls-opaque-prf-input-00.txt information to be used for handshakes */
- void *tlsext_opaque_prf_input;
- size_t tlsext_opaque_prf_input_len;
-
/* TLS Session Ticket extension override */
TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
@@ -1454,9 +1445,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
-#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60
-#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
-#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
@@ -2259,7 +2247,6 @@ void ERR_load_SSL_strings(void);
#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
-#define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
#define SSL_R_PACKET_LENGTH_TOO_LONG 198
#define SSL_R_PARSE_TLSEXT 227
#define SSL_R_PATH_TOO_LONG 270
diff --git a/src/lib/libssl/src/ssl/ssl3.h b/src/lib/libssl/src/ssl/ssl3.h
index 7378136646..7fd00be2d3 100644
--- a/src/lib/libssl/src/ssl/ssl3.h
+++ b/src/lib/libssl/src/ssl/ssl3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl3.h,v 1.21 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl3.h,v 1.22 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -452,15 +452,6 @@ typedef struct ssl3_state_st {
int in_read_app_data;
- /* Opaque PRF input as used for the current handshake.
- * These fields are used only if TLSEXT_TYPE_opaque_prf_input is defined
- * (otherwise, they are merely present to improve binary compatibility)
- */
- void *client_opaque_prf_input;
- size_t client_opaque_prf_input_len;
- void *server_opaque_prf_input;
- size_t server_opaque_prf_input_len;
-
struct {
/* actually only needs to be 16+20 */
unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
diff --git a/src/lib/libssl/src/ssl/ssl_err.c b/src/lib/libssl/src/ssl/ssl_err.c
index 2bb6dcb4a8..0f18b1bc5f 100644
--- a/src/lib/libssl/src/ssl/ssl_err.c
+++ b/src/lib/libssl/src/ssl/ssl_err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_err.c,v 1.23 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_err.c,v 1.24 2014/06/13 04:29:13 miod Exp $ */
/* ====================================================================
* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
@@ -454,7 +454,6 @@ static ERR_STRING_DATA SSL_str_reasons[]= {
{ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED), "old session cipher not returned"},
{ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED), "old session compression algorithm not returned"},
{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE), "only tls allowed in fips mode"},
- {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG), "opaque PRF input too long"},
{ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
{ERR_REASON(SSL_R_PARSE_TLSEXT) , "parse tlsext"},
{ERR_REASON(SSL_R_PATH_TOO_LONG) , "path too long"},
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index 54b737d482..05abdb3944 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.65 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.66 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -536,7 +536,6 @@ SSL_free(SSL *s)
SSL_CTX_free(s->initial_ctx);
free(s->tlsext_ecpointformatlist);
free(s->tlsext_ellipticcurvelist);
- free(s->tlsext_opaque_prf_input);
if (s->tlsext_ocsp_exts)
sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
X509_EXTENSION_free);
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c
index 304898aeb8..6d2e21c412 100644
--- a/src/lib/libssl/src/ssl/t1_enc.c
+++ b/src/lib/libssl/src/ssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.54 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.55 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -998,23 +998,6 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
const void *co = NULL, *so = NULL;
int col = 0, sol = 0;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->client_opaque_prf_input != NULL &&
- s->s3->server_opaque_prf_input != NULL &&
- s->s3->client_opaque_prf_input_len > 0 &&
- s->s3->client_opaque_prf_input_len ==
- s->s3->server_opaque_prf_input_len) {
- /*
- * sol must be same as col - see section 3.1 of
- * draft-rescorla-tls-opaque-prf-input-00.txt.
- */
- co = s->s3->client_opaque_prf_input;
- col = s->s3->server_opaque_prf_input_len;
- so = s->s3->server_opaque_prf_input;
- sol = s->s3->client_opaque_prf_input_len;
- }
-#endif
-
tls1_PRF(ssl_get_algorithm2(s),
TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
s->s3->client_random, SSL3_RANDOM_SIZE, co, col,
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c
index 6e4a29c4c8..b780faf603 100644
--- a/src/lib/libssl/src/ssl/t1_lib.c
+++ b/src/lib/libssl/src/ssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.45 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.46 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -557,25 +557,6 @@ skip_ext:
ret += sizeof(tls12_sigalgs);
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->client_opaque_prf_input != NULL &&
- s->version != DTLS1_VERSION) {
- size_t col = s->s3->client_opaque_prf_input_len;
-
- if ((size_t)(limit - ret) < 6 + col)
- return NULL;
- if (col > 0xFFFD) /* can't happen */
- return NULL;
-
- s2n(TLSEXT_TYPE_opaque_prf_input, ret);
-
- s2n(col + 2, ret);
- s2n(col, ret);
- memcpy(ret, s->s3->client_opaque_prf_input, col);
- ret += col;
- }
-#endif
-
if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
s->version != DTLS1_VERSION) {
int i;
@@ -783,25 +764,6 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
s2n(0, ret);
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->server_opaque_prf_input != NULL &&
- s->version != DTLS1_VERSION) {
- size_t sol = s->s3->server_opaque_prf_input_len;
-
- if ((size_t)(limit - ret) < 6 + sol)
- return NULL;
- if (sol > 0xFFFD) /* can't happen */
- return NULL;
-
- s2n(TLSEXT_TYPE_opaque_prf_input, ret);
-
- s2n(sol + 2, ret);
- s2n(sol, ret);
- memcpy(ret, s->s3->server_opaque_prf_input, sol);
- ret += sol;
- }
-#endif
-
#ifndef OPENSSL_NO_SRTP
if (s->srtp_profile) {
int el;
@@ -1131,35 +1093,6 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);
}
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- else if (type == TLSEXT_TYPE_opaque_prf_input &&
- s->version != DTLS1_VERSION) {
- unsigned char *sdata = data;
-
- if (size < 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
- n2s(sdata, s->s3->client_opaque_prf_input_len);
- if (s->s3->client_opaque_prf_input_len != size - 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
-
- free(s->s3->client_opaque_prf_input);
- s->s3->client_opaque_prf_input = NULL;
-
- if (s->s3->client_opaque_prf_input_len != 0) {
- s->s3->client_opaque_prf_input =
- BUF_memdup(sdata,
- s->s3->client_opaque_prf_input_len);
- if (s->s3->client_opaque_prf_input == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- }
- }
-#endif
else if (type == TLSEXT_TYPE_session_ticket) {
if (s->tls_session_ticket_ext_cb &&
!s->tls_session_ticket_ext_cb(s, data, size, s->tls_session_ticket_ext_cb_arg)) {
@@ -1428,35 +1361,6 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
}
s->tlsext_ticket_expected = 1;
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- else if (type == TLSEXT_TYPE_opaque_prf_input &&
- s->version != DTLS1_VERSION) {
- unsigned char *sdata = data;
-
- if (size < 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
- n2s(sdata, s->s3->server_opaque_prf_input_len);
- if (s->s3->server_opaque_prf_input_len != size - 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
-
- free(s->s3->server_opaque_prf_input);
- s->s3->server_opaque_prf_input = NULL;
-
- if (s->s3->server_opaque_prf_input_len != 0)
- s->s3->server_opaque_prf_input =
- BUF_memdup(sdata,
- s->s3->server_opaque_prf_input_len);
- if (s->s3->server_opaque_prf_input == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- }
- }
-#endif
else if (type == TLSEXT_TYPE_status_request &&
s->version != DTLS1_VERSION) {
/* MUST be empty and only sent if we've requested
@@ -1609,42 +1513,6 @@ ssl_prepare_clienthello_tlsext(SSL *s)
}
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- {
- int r = 1;
-
- if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
- r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
- s->ctx->tlsext_opaque_prf_input_callback_arg);
- if (!r)
- return -1;
- }
-
- if (s->tlsext_opaque_prf_input != NULL) {
- free(s->s3->client_opaque_prf_input);
- s->s3->client_opaque_prf_input = NULL;
- if (s->tlsext_opaque_prf_input_len != 0) {
- s->s3->client_opaque_prf_input =
- BUF_memdup(s->tlsext_opaque_prf_input,
- s->tlsext_opaque_prf_input_len);
- if (s->s3->client_opaque_prf_input == NULL) {
- SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
- ERR_R_MALLOC_FAILURE);
- return -1;
- }
- }
- s->s3->client_opaque_prf_input_len =
- s->tlsext_opaque_prf_input_len;
- }
-
- if (r == 2) {
- /* at callback's request, insist on receiving an appropriate server opaque PRF input */
- s->s3->server_opaque_prf_input_len =
- s->tlsext_opaque_prf_input_len;
- }
- }
-#endif
-
return 1;
}
@@ -1694,65 +1562,6 @@ ssl_check_clienthello_tlsext_early(SSL *s)
else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)
ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
-#ifdef TLSEXT_TYPE_opaque_prf_input
- {
- /* This sort of belongs into ssl_prepare_serverhello_tlsext(),
- * but we might be sending an alert in response to the client hello,
- * so this has to happen here in
- * ssl_check_clienthello_tlsext_early(). */
-
- int r = 1;
-
- if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
- r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
- s->ctx->tlsext_opaque_prf_input_callback_arg);
- if (!r) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_INTERNAL_ERROR;
- goto err;
- }
- }
-
- free(s->s3->server_opaque_prf_input);
- s->s3->server_opaque_prf_input = NULL;
-
- if (s->tlsext_opaque_prf_input != NULL) {
- if (s->s3->client_opaque_prf_input != NULL &&
- s->s3->client_opaque_prf_input_len ==
- s->tlsext_opaque_prf_input_len) {
- /*
- * Can only use this extension if we have a
- * server opaque PRF input of the same length
- * as the client opaque PRF input!
- */
- if (s->tlsext_opaque_prf_input_len != 0) {
- s->s3->server_opaque_prf_input =
- BUF_memdup(s->tlsext_opaque_prf_input,
- s->tlsext_opaque_prf_input_len);
- if (s->s3->server_opaque_prf_input ==
- NULL) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_INTERNAL_ERROR;
- goto err;
- }
- }
- s->s3->server_opaque_prf_input_len =
- s->tlsext_opaque_prf_input_len;
- }
- }
-
- if (r == 2 && s->s3->server_opaque_prf_input == NULL) {
- /* The callback wants to enforce use of the extension,
- * but we can't do that with the client opaque PRF input;
- * abort the handshake.
- */
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_HANDSHAKE_FAILURE;
- }
- }
-
-err:
-#endif
switch (ret) {
case SSL_TLSEXT_ERR_ALERT_FATAL:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -1867,27 +1676,6 @@ ssl_check_serverhello_tlsext(SSL *s)
else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)
ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->server_opaque_prf_input_len > 0) {
- /* This case may indicate that we, as a client, want to insist on using opaque PRF inputs.
- * So first verify that we really have a value from the server too. */
-
- if (s->s3->server_opaque_prf_input == NULL) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_HANDSHAKE_FAILURE;
- }
-
- /* Anytime the server *has* sent an opaque PRF input, we need to check
- * that we have a client opaque PRF input of the same size. */
- if (s->s3->client_opaque_prf_input == NULL ||
- s->s3->client_opaque_prf_input_len !=
- s->s3->server_opaque_prf_input_len) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_ILLEGAL_PARAMETER;
- }
- }
-#endif
-
/* If we've requested certificate status and we wont get one
* tell the callback
*/
diff --git a/src/lib/libssl/src/ssl/tls1.h b/src/lib/libssl/src/ssl/tls1.h
index f3341017a7..dbe8979a88 100644
--- a/src/lib/libssl/src/ssl/tls1.h
+++ b/src/lib/libssl/src/ssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.17 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: tls1.h,v 1.18 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -342,13 +342,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
-#define SSL_set_tlsext_opaque_prf_input(s, src, len) \
-SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
-#define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
-SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
-#define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
-
#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index a550a442a0..cd71f7bcfe 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.52 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl.h,v 1.53 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -847,11 +847,6 @@ struct ssl_ctx_st {
int (*tlsext_status_cb)(SSL *ssl, void *arg);
void *tlsext_status_arg;
- /* draft-rescorla-tls-opaque-prf-input-00.txt information */
- int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput,
- size_t len, void *arg);
- void *tlsext_opaque_prf_input_callback_arg;
-
#ifndef OPENSSL_NO_PSK
char *psk_identity_hint;
unsigned int (*psk_client_callback)(SSL *ssl, const char *hint,
@@ -1201,10 +1196,6 @@ struct ssl_st {
size_t tlsext_ellipticcurvelist_length;
unsigned char *tlsext_ellipticcurvelist; /* our list */
- /* draft-rescorla-tls-opaque-prf-input-00.txt information to be used for handshakes */
- void *tlsext_opaque_prf_input;
- size_t tlsext_opaque_prf_input_len;
-
/* TLS Session Ticket extension override */
TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
@@ -1454,9 +1445,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
-#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60
-#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
-#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
@@ -2259,7 +2247,6 @@ void ERR_load_SSL_strings(void);
#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
-#define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
#define SSL_R_PACKET_LENGTH_TOO_LONG 198
#define SSL_R_PARSE_TLSEXT 227
#define SSL_R_PATH_TOO_LONG 270
diff --git a/src/lib/libssl/ssl/shlib_version b/src/lib/libssl/ssl/shlib_version
index aa54cbb404..361604a5eb 100644
--- a/src/lib/libssl/ssl/shlib_version
+++ b/src/lib/libssl/ssl/shlib_version
@@ -1,2 +1,2 @@
-major=24
-minor=1
+major=25
+minor=0
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
index 7378136646..7fd00be2d3 100644
--- a/src/lib/libssl/ssl3.h
+++ b/src/lib/libssl/ssl3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl3.h,v 1.21 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl3.h,v 1.22 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -452,15 +452,6 @@ typedef struct ssl3_state_st {
int in_read_app_data;
- /* Opaque PRF input as used for the current handshake.
- * These fields are used only if TLSEXT_TYPE_opaque_prf_input is defined
- * (otherwise, they are merely present to improve binary compatibility)
- */
- void *client_opaque_prf_input;
- size_t client_opaque_prf_input_len;
- void *server_opaque_prf_input;
- size_t server_opaque_prf_input_len;
-
struct {
/* actually only needs to be 16+20 */
unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
index 2bb6dcb4a8..0f18b1bc5f 100644
--- a/src/lib/libssl/ssl_err.c
+++ b/src/lib/libssl/ssl_err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_err.c,v 1.23 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_err.c,v 1.24 2014/06/13 04:29:13 miod Exp $ */
/* ====================================================================
* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
@@ -454,7 +454,6 @@ static ERR_STRING_DATA SSL_str_reasons[]= {
{ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED), "old session cipher not returned"},
{ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED), "old session compression algorithm not returned"},
{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE), "only tls allowed in fips mode"},
- {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG), "opaque PRF input too long"},
{ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
{ERR_REASON(SSL_R_PARSE_TLSEXT) , "parse tlsext"},
{ERR_REASON(SSL_R_PATH_TOO_LONG) , "path too long"},
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 54b737d482..05abdb3944 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.65 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.66 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -536,7 +536,6 @@ SSL_free(SSL *s)
SSL_CTX_free(s->initial_ctx);
free(s->tlsext_ecpointformatlist);
free(s->tlsext_ellipticcurvelist);
- free(s->tlsext_opaque_prf_input);
if (s->tlsext_ocsp_exts)
sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
X509_EXTENSION_free);
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 304898aeb8..6d2e21c412 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.54 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.55 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -998,23 +998,6 @@ tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
const void *co = NULL, *so = NULL;
int col = 0, sol = 0;
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->client_opaque_prf_input != NULL &&
- s->s3->server_opaque_prf_input != NULL &&
- s->s3->client_opaque_prf_input_len > 0 &&
- s->s3->client_opaque_prf_input_len ==
- s->s3->server_opaque_prf_input_len) {
- /*
- * sol must be same as col - see section 3.1 of
- * draft-rescorla-tls-opaque-prf-input-00.txt.
- */
- co = s->s3->client_opaque_prf_input;
- col = s->s3->server_opaque_prf_input_len;
- so = s->s3->server_opaque_prf_input;
- sol = s->s3->client_opaque_prf_input_len;
- }
-#endif
-
tls1_PRF(ssl_get_algorithm2(s),
TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
s->s3->client_random, SSL3_RANDOM_SIZE, co, col,
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 6e4a29c4c8..b780faf603 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.45 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.46 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -557,25 +557,6 @@ skip_ext:
ret += sizeof(tls12_sigalgs);
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->client_opaque_prf_input != NULL &&
- s->version != DTLS1_VERSION) {
- size_t col = s->s3->client_opaque_prf_input_len;
-
- if ((size_t)(limit - ret) < 6 + col)
- return NULL;
- if (col > 0xFFFD) /* can't happen */
- return NULL;
-
- s2n(TLSEXT_TYPE_opaque_prf_input, ret);
-
- s2n(col + 2, ret);
- s2n(col, ret);
- memcpy(ret, s->s3->client_opaque_prf_input, col);
- ret += col;
- }
-#endif
-
if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
s->version != DTLS1_VERSION) {
int i;
@@ -783,25 +764,6 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
s2n(0, ret);
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->server_opaque_prf_input != NULL &&
- s->version != DTLS1_VERSION) {
- size_t sol = s->s3->server_opaque_prf_input_len;
-
- if ((size_t)(limit - ret) < 6 + sol)
- return NULL;
- if (sol > 0xFFFD) /* can't happen */
- return NULL;
-
- s2n(TLSEXT_TYPE_opaque_prf_input, ret);
-
- s2n(sol + 2, ret);
- s2n(sol, ret);
- memcpy(ret, s->s3->server_opaque_prf_input, sol);
- ret += sol;
- }
-#endif
-
#ifndef OPENSSL_NO_SRTP
if (s->srtp_profile) {
int el;
@@ -1131,35 +1093,6 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);
}
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- else if (type == TLSEXT_TYPE_opaque_prf_input &&
- s->version != DTLS1_VERSION) {
- unsigned char *sdata = data;
-
- if (size < 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
- n2s(sdata, s->s3->client_opaque_prf_input_len);
- if (s->s3->client_opaque_prf_input_len != size - 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
-
- free(s->s3->client_opaque_prf_input);
- s->s3->client_opaque_prf_input = NULL;
-
- if (s->s3->client_opaque_prf_input_len != 0) {
- s->s3->client_opaque_prf_input =
- BUF_memdup(sdata,
- s->s3->client_opaque_prf_input_len);
- if (s->s3->client_opaque_prf_input == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- }
- }
-#endif
else if (type == TLSEXT_TYPE_session_ticket) {
if (s->tls_session_ticket_ext_cb &&
!s->tls_session_ticket_ext_cb(s, data, size, s->tls_session_ticket_ext_cb_arg)) {
@@ -1428,35 +1361,6 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
}
s->tlsext_ticket_expected = 1;
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- else if (type == TLSEXT_TYPE_opaque_prf_input &&
- s->version != DTLS1_VERSION) {
- unsigned char *sdata = data;
-
- if (size < 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
- n2s(sdata, s->s3->server_opaque_prf_input_len);
- if (s->s3->server_opaque_prf_input_len != size - 2) {
- *al = SSL_AD_DECODE_ERROR;
- return 0;
- }
-
- free(s->s3->server_opaque_prf_input);
- s->s3->server_opaque_prf_input = NULL;
-
- if (s->s3->server_opaque_prf_input_len != 0)
- s->s3->server_opaque_prf_input =
- BUF_memdup(sdata,
- s->s3->server_opaque_prf_input_len);
- if (s->s3->server_opaque_prf_input == NULL) {
- *al = TLS1_AD_INTERNAL_ERROR;
- return 0;
- }
- }
- }
-#endif
else if (type == TLSEXT_TYPE_status_request &&
s->version != DTLS1_VERSION) {
/* MUST be empty and only sent if we've requested
@@ -1609,42 +1513,6 @@ ssl_prepare_clienthello_tlsext(SSL *s)
}
}
-#ifdef TLSEXT_TYPE_opaque_prf_input
- {
- int r = 1;
-
- if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
- r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
- s->ctx->tlsext_opaque_prf_input_callback_arg);
- if (!r)
- return -1;
- }
-
- if (s->tlsext_opaque_prf_input != NULL) {
- free(s->s3->client_opaque_prf_input);
- s->s3->client_opaque_prf_input = NULL;
- if (s->tlsext_opaque_prf_input_len != 0) {
- s->s3->client_opaque_prf_input =
- BUF_memdup(s->tlsext_opaque_prf_input,
- s->tlsext_opaque_prf_input_len);
- if (s->s3->client_opaque_prf_input == NULL) {
- SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
- ERR_R_MALLOC_FAILURE);
- return -1;
- }
- }
- s->s3->client_opaque_prf_input_len =
- s->tlsext_opaque_prf_input_len;
- }
-
- if (r == 2) {
- /* at callback's request, insist on receiving an appropriate server opaque PRF input */
- s->s3->server_opaque_prf_input_len =
- s->tlsext_opaque_prf_input_len;
- }
- }
-#endif
-
return 1;
}
@@ -1694,65 +1562,6 @@ ssl_check_clienthello_tlsext_early(SSL *s)
else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)
ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
-#ifdef TLSEXT_TYPE_opaque_prf_input
- {
- /* This sort of belongs into ssl_prepare_serverhello_tlsext(),
- * but we might be sending an alert in response to the client hello,
- * so this has to happen here in
- * ssl_check_clienthello_tlsext_early(). */
-
- int r = 1;
-
- if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
- r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
- s->ctx->tlsext_opaque_prf_input_callback_arg);
- if (!r) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_INTERNAL_ERROR;
- goto err;
- }
- }
-
- free(s->s3->server_opaque_prf_input);
- s->s3->server_opaque_prf_input = NULL;
-
- if (s->tlsext_opaque_prf_input != NULL) {
- if (s->s3->client_opaque_prf_input != NULL &&
- s->s3->client_opaque_prf_input_len ==
- s->tlsext_opaque_prf_input_len) {
- /*
- * Can only use this extension if we have a
- * server opaque PRF input of the same length
- * as the client opaque PRF input!
- */
- if (s->tlsext_opaque_prf_input_len != 0) {
- s->s3->server_opaque_prf_input =
- BUF_memdup(s->tlsext_opaque_prf_input,
- s->tlsext_opaque_prf_input_len);
- if (s->s3->server_opaque_prf_input ==
- NULL) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_INTERNAL_ERROR;
- goto err;
- }
- }
- s->s3->server_opaque_prf_input_len =
- s->tlsext_opaque_prf_input_len;
- }
- }
-
- if (r == 2 && s->s3->server_opaque_prf_input == NULL) {
- /* The callback wants to enforce use of the extension,
- * but we can't do that with the client opaque PRF input;
- * abort the handshake.
- */
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_HANDSHAKE_FAILURE;
- }
- }
-
-err:
-#endif
switch (ret) {
case SSL_TLSEXT_ERR_ALERT_FATAL:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -1867,27 +1676,6 @@ ssl_check_serverhello_tlsext(SSL *s)
else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)
ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
-#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->server_opaque_prf_input_len > 0) {
- /* This case may indicate that we, as a client, want to insist on using opaque PRF inputs.
- * So first verify that we really have a value from the server too. */
-
- if (s->s3->server_opaque_prf_input == NULL) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_HANDSHAKE_FAILURE;
- }
-
- /* Anytime the server *has* sent an opaque PRF input, we need to check
- * that we have a client opaque PRF input of the same size. */
- if (s->s3->client_opaque_prf_input == NULL ||
- s->s3->client_opaque_prf_input_len !=
- s->s3->server_opaque_prf_input_len) {
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
- al = SSL_AD_ILLEGAL_PARAMETER;
- }
- }
-#endif
-
/* If we've requested certificate status and we wont get one
* tell the callback
*/
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index f3341017a7..dbe8979a88 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.17 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: tls1.h,v 1.18 2014/06/13 04:29:13 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -342,13 +342,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
-#define SSL_set_tlsext_opaque_prf_input(s, src, len) \
-SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
-#define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
-SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
-#define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
-
#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
--
cgit v1.2.3-55-g6feb