From db7dd4a99d7178b382b418c54f97633ffb935da8 Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Sun, 13 Apr 2014 16:03:32 +0000 Subject: send this directory of observations from 20 years to oblivion ok miod --- src/lib/libssl/src/bugs/MS | 7 -- src/lib/libssl/src/bugs/SSLv3 | 49 -------------- src/lib/libssl/src/bugs/alpha.c | 91 -------------------------- src/lib/libssl/src/bugs/dggccbug.c | 45 ------------- src/lib/libssl/src/bugs/sgiccbug.c | 57 ---------------- src/lib/libssl/src/bugs/sslref.dif | 26 -------- src/lib/libssl/src/bugs/stream.c | 131 ------------------------------------- src/lib/libssl/src/bugs/ultrixcc.c | 45 ------------- 8 files changed, 451 deletions(-) delete mode 100644 src/lib/libssl/src/bugs/MS delete mode 100644 src/lib/libssl/src/bugs/SSLv3 delete mode 100644 src/lib/libssl/src/bugs/alpha.c delete mode 100644 src/lib/libssl/src/bugs/dggccbug.c delete mode 100644 src/lib/libssl/src/bugs/sgiccbug.c delete mode 100644 src/lib/libssl/src/bugs/sslref.dif delete mode 100644 src/lib/libssl/src/bugs/stream.c delete mode 100644 src/lib/libssl/src/bugs/ultrixcc.c (limited to 'src') diff --git a/src/lib/libssl/src/bugs/MS b/src/lib/libssl/src/bugs/MS deleted file mode 100644 index a1dcfb90de..0000000000 --- a/src/lib/libssl/src/bugs/MS +++ /dev/null @@ -1,7 +0,0 @@ -If you use the function that does an fopen inside the DLL, it's malloc -will be used and when the function is then written inside, more -hassles -.... - - -think about it. diff --git a/src/lib/libssl/src/bugs/SSLv3 b/src/lib/libssl/src/bugs/SSLv3 deleted file mode 100644 index a75a1652d9..0000000000 --- a/src/lib/libssl/src/bugs/SSLv3 +++ /dev/null @@ -1,49 +0,0 @@ -So far... - -ssl3.netscape.com:443 does not support client side dynamic -session-renegotiation. - -ssl3.netscape.com:444 (asks for client cert) sends out all the CA RDN -in an invalid format (the outer sequence is removed). - -Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte -challenge but then appears to only use 16 bytes when generating the -encryption keys. Using 16 bytes is ok but it should be ok to use 32. -According to the SSLv3 spec, one should use 32 bytes for the challenge -when opperating in SSLv2/v3 compatablity mode, but as mentioned above, -this breaks this server so 16 bytes is the way to go. - -www.microsoft.com - when talking SSLv2, if session-id reuse is -performed, the session-id passed back in the server-finished message -is different from the one decided upon. - -ssl3.netscape.com:443, first a connection is established with RC4-MD5. -If it is then resumed, we end up using DES-CBC3-SHA. It should be -RC4-MD5 according to 7.6.1.3, 'cipher_suite'. -Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug. -It only really shows up when connecting via SSLv2/v3 then reconnecting -via SSLv3. The cipher list changes.... -NEW INFORMATION. Try connecting with a cipher list of just -DES-CBC-SHA:RC4-MD5. For some weird reason, each new connection uses -RC4-MD5, but a re-connect tries to use DES-CBC-SHA. So netscape, when -doing a re-connect, always takes the first cipher in the cipher list. - -If we accept a netscape connection, demand a client cert, have a -non-self-signed CA which does not have it's CA in netscape, and the -browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta - -Netscape browsers do not really notice the server sending a -close notify message. I was sending one, and then some invalid data. -netscape complained of an invalid mac. (a fork()ed child doing a -SSL_shutdown() and still sharing the socket with its parent). - -Netscape, when using export ciphers, will accept a 1024 bit temporary -RSA key. It is supposed to only accept 512. - -If Netscape connects to a server which requests a client certificate -it will frequently hang after the user has selected one and never -complete the connection. Hitting "Stop" and reload fixes this and -all subsequent connections work fine. This appears to be because -Netscape wont read any new records in when it is awaiting a server -done message at this point. The fix is to send the certificate request -and server done messages in one record. diff --git a/src/lib/libssl/src/bugs/alpha.c b/src/lib/libssl/src/bugs/alpha.c deleted file mode 100644 index 701d6a7c74..0000000000 --- a/src/lib/libssl/src/bugs/alpha.c +++ /dev/null @@ -1,91 +0,0 @@ -/* bugs/alpha.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* while not exactly a bug (ASN1 C leaves this undefined) it is - * something to watch out for. This was fine on linux/NT/Solaris but not - * Alpha */ - -/* it is basically an example of - * func(*(a++),*(a++)) - * which parameter is evaluated first? It is not defined in ASN1 C. - */ - -#include - -#define TYPE unsigned int - -void func(a,b) -TYPE *a; -TYPE b; - { - printf("%ld -1 == %ld\n",a[0],b); - } - -main() - { - TYPE data[5]={1L,2L,3L,4L,5L}; - TYPE *p; - int i; - - p=data; - - for (i=0; i<4; i++) - { - func(p,*(p++)); - } - } diff --git a/src/lib/libssl/src/bugs/dggccbug.c b/src/lib/libssl/src/bugs/dggccbug.c deleted file mode 100644 index 30e07a60ea..0000000000 --- a/src/lib/libssl/src/bugs/dggccbug.c +++ /dev/null @@ -1,45 +0,0 @@ -/* NOCW */ -/* dggccbug.c */ -/* bug found by Eric Young (eay@cryptsoft.com) - May 1995 */ - -#include - -/* There is a bug in - * gcc version 2.5.8 (88open OCS/BCS, DG-2.5.8.3, Oct 14 1994) - * as shipped with DGUX 5.4R3.10 that can be bypassed by defining - * DG_GCC_BUG in my code. - * The bug manifests itself by the vaule of a pointer that is - * used only by reference, not having it's value change when it is used - * to check for exiting the loop. Probably caused by there being 2 - * copies of the valiable, one in a register and one being an address - * that is passed. */ - -/* compare the out put from - * gcc dggccbug.c; ./a.out - * and - * gcc -O dggccbug.c; ./a.out - * compile with -DFIXBUG to remove the bug when optimising. - */ - -void inc(a) -int *a; - { - (*a)++; - } - -main() - { - int p=0; -#ifdef FIXBUG - int dummy; -#endif - - while (p<3) - { - fprintf(stderr,"%08X\n",p); - inc(&p); -#ifdef FIXBUG - dummy+=p; -#endif - } - } diff --git a/src/lib/libssl/src/bugs/sgiccbug.c b/src/lib/libssl/src/bugs/sgiccbug.c deleted file mode 100644 index 178239d492..0000000000 --- a/src/lib/libssl/src/bugs/sgiccbug.c +++ /dev/null @@ -1,57 +0,0 @@ -/* NOCW */ -/* sgibug.c */ -/* bug found by Eric Young (eay@mincom.oz.au) May 95 */ - -#include - -/* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are - * the only versions of IRIX I have access to. - * defining FIXBUG removes the bug. - * (bug is still present in IRIX 6.3 according to - * Gage - */ - -/* Compare the output from - * cc sgiccbug.c; ./a.out - * and - * cc -O sgiccbug.c; ./a.out - */ - -static unsigned long a[4]={0x01234567,0x89ABCDEF,0xFEDCBA98,0x76543210}; -static unsigned long b[4]={0x89ABCDEF,0xFEDCBA98,0x76543210,0x01234567}; -static unsigned long c[4]={0x77777778,0x8ACF1357,0x88888888,0x7530ECA9}; - -main() - { - unsigned long r[4]; - sub(r,a,b); - fprintf(stderr,"input a= %08X %08X %08X %08X\n",a[3],a[2],a[1],a[0]); - fprintf(stderr,"input b= %08X %08X %08X %08X\n",b[3],b[2],b[1],b[0]); - fprintf(stderr,"output = %08X %08X %08X %08X\n",r[3],r[2],r[1],r[0]); - fprintf(stderr,"correct= %08X %08X %08X %08X\n",c[3],c[2],c[1],c[0]); - } - -int sub(r,a,b) -unsigned long *r,*a,*b; - { - register unsigned long t1,t2,*ap,*bp,*rp; - int i,carry; -#ifdef FIXBUG - unsigned long dummy; -#endif - - ap=a; - bp=b; - rp=r; - carry=0; - for (i=0; i<4; i++) - { - t1= *(ap++); - t2= *(bp++); - t1=(t1-t2); -#ifdef FIXBUG - dummy=t1; -#endif - *(rp++)=t1&0xffffffff; - } - } diff --git a/src/lib/libssl/src/bugs/sslref.dif b/src/lib/libssl/src/bugs/sslref.dif deleted file mode 100644 index 0aa92bfe6d..0000000000 --- a/src/lib/libssl/src/bugs/sslref.dif +++ /dev/null @@ -1,26 +0,0 @@ -The February 9th, 1995 version of the SSL document differs from -https://www.netscape.com in the following ways. -===== -The key material for generating a SSL_CK_DES_64_CBC_WITH_MD5 key is -KEY-MATERIAL-0 = MD5[MASTER-KEY,"0",CHALLENGE,CONNECTION-ID] -not -KEY-MATERIAL-0 = MD5[MASTER-KEY,CHALLENGE,CONNECTION-ID] -as specified in the documentation. -===== -From the section 2.6 Server Only Protocol Messages - -If the SESSION-ID-HIT flag is non-zero then the CERTIFICATE-TYPE, -CERTIFICATE-LENGTH and CIPHER-SPECS-LENGTH fields will be zero. - -This is not true for https://www.netscape.com. The CERTIFICATE-TYPE -is returned as 1. -===== -I have not tested the following but it is reported by holtzman@mit.edu. - -SSLref clients wait to recieve a server-verify before they send a -client-finished. Besides this not being evident from the examples in -2.2.1, it makes more sense to always send all packets you can before -reading. SSLeay was waiting in the server to recieve a client-finish -before sending the server-verify :-). I have changed SSLeay to send a -server-verify before trying to read the client-finished. - diff --git a/src/lib/libssl/src/bugs/stream.c b/src/lib/libssl/src/bugs/stream.c deleted file mode 100644 index c3b5e867d2..0000000000 --- a/src/lib/libssl/src/bugs/stream.c +++ /dev/null @@ -1,131 +0,0 @@ -/* bugs/stream.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#ifdef OPENSSL_NO_DES -#include -#else -#include -#endif - -/* show how stream ciphers are not very good. The mac has no affect - * on RC4 while it does for cfb DES - */ - -main() - { - fprintf(stderr,"rc4\n"); - rc4(); - fprintf(stderr,"cfb des\n"); - des(); - } - -int des() - { - des_key_schedule ks; - des_cblock iv,key; - int num; - static char *keystr="01234567"; - static char *in1="0123456789ABCEDFdata 12345"; - static char *in2="9876543210abcdefdata 12345"; - unsigned char out[100]; - int i; - - des_set_key((des_cblock *)keystr,ks); - - num=0; - memset(iv,0,8); - des_cfb64_encrypt(in1,out,26,ks,(des_cblock *)iv,&num,1); - for (i=0; i<26; i++) - fprintf(stderr,"%02X ",out[i]); - fprintf(stderr,"\n"); - - num=0; - memset(iv,0,8); - des_cfb64_encrypt(in2,out,26,ks,(des_cblock *)iv,&num,1); - for (i=0; i<26; i++) - fprintf(stderr,"%02X ",out[i]); - fprintf(stderr,"\n"); - } - -int rc4() - { - static char *keystr="0123456789abcdef"; - RC4_KEY key; - unsigned char in[100],out[100]; - int i; - - RC4_set_key(&key,16,keystr); - in[0]='\0'; - strcpy(in,"0123456789ABCEDFdata 12345"); - RC4(key,26,in,out); - - for (i=0; i<26; i++) - fprintf(stderr,"%02X ",out[i]); - fprintf(stderr,"\n"); - - RC4_set_key(&key,16,keystr); - in[0]='\0'; - strcpy(in,"9876543210abcdefdata 12345"); - RC4(key,26,in,out); - - for (i=0; i<26; i++) - fprintf(stderr,"%02X ",out[i]); - fprintf(stderr,"\n"); - } diff --git a/src/lib/libssl/src/bugs/ultrixcc.c b/src/lib/libssl/src/bugs/ultrixcc.c deleted file mode 100644 index 7ba75b140f..0000000000 --- a/src/lib/libssl/src/bugs/ultrixcc.c +++ /dev/null @@ -1,45 +0,0 @@ -#include - -/* This is a cc optimiser bug for ultrix 4.3, mips CPU. - * What happens is that the compiler, due to the (a)&7, - * does - * i=a&7; - * i--; - * i*=4; - * Then uses i as the offset into a jump table. - * The problem is that a value of 0 generates an offset of - * 0xfffffffc. - */ - -main() - { - f(5); - f(0); - } - -int f(a) -int a; - { - switch(a&7) - { - case 7: - printf("7\n"); - case 6: - printf("6\n"); - case 5: - printf("5\n"); - case 4: - printf("4\n"); - case 3: - printf("3\n"); - case 2: - printf("2\n"); - case 1: - printf("1\n"); -#ifdef FIX_BUG - case 0: - ; -#endif - } - } - -- cgit v1.2.3-55-g6feb