From 7723dd904089c4d1a622d1dd5d462e875069308d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= Date: Tue, 21 Apr 2009 10:05:11 +0000 Subject: [PATCH] - support compatibility DTLS mode for CISCO AnyConnect (#464629) --- openssl-0.9.8k-dtls-compat.patch | 164 +++++++++++++++++++++++++++++++ openssl.spec | 7 +- 2 files changed, 170 insertions(+), 1 deletion(-) create mode 100644 openssl-0.9.8k-dtls-compat.patch diff --git a/openssl-0.9.8k-dtls-compat.patch b/openssl-0.9.8k-dtls-compat.patch new file mode 100644 index 0000000..c18a1db --- /dev/null +++ b/openssl-0.9.8k-dtls-compat.patch @@ -0,0 +1,164 @@ +Support old DTLS version for compatibility with CISCO AnyConnect. +Index: openssl/ssl/d1_clnt.c +RCS File: /v/openssl/cvs/openssl/ssl/d1_clnt.c,v +rcsdiff -q -kk '-r1.3.2.15' '-r1.3.2.16' -u '/v/openssl/cvs/openssl/ssl/d1_clnt.c,v' 2>/dev/null +--- openssl/ssl/d1_clnt.c 2009/04/14 15:20:47 1.3.2.15 ++++ openssl/ssl/d1_clnt.c 2009/04/19 18:08:11 1.3.2.16 +@@ -130,7 +130,7 @@ + + static SSL_METHOD *dtls1_get_client_method(int ver) + { +- if (ver == DTLS1_VERSION) ++ if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER) + return(DTLSv1_client_method()); + else + return(NULL); +@@ -181,7 +181,8 @@ + s->server=0; + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); + +- if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00)) ++ if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) && ++ (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00)) + { + SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR); + ret = -1; +Index: openssl/ssl/d1_lib.c +RCS File: /v/openssl/cvs/openssl/ssl/d1_lib.c,v +rcsdiff -q -kk '-r1.1.2.7' '-r1.1.2.8' -u '/v/openssl/cvs/openssl/ssl/d1_lib.c,v' 2>/dev/null +--- openssl/ssl/d1_lib.c 2009/04/02 22:34:59 1.1.2.7 ++++ openssl/ssl/d1_lib.c 2009/04/19 18:08:11 1.1.2.8 +@@ -198,7 +198,10 @@ + void dtls1_clear(SSL *s) + { + ssl3_clear(s); +- s->version=DTLS1_VERSION; ++ if (s->options & SSL_OP_CISCO_ANYCONNECT) ++ s->version=DTLS1_BAD_VER; ++ else ++ s->version=DTLS1_VERSION; + } + + /* +Index: openssl/ssl/d1_pkt.c +RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v +rcsdiff -q -kk '-r1.4.2.15' '-r1.4.2.16' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null +--- openssl/ssl/d1_pkt.c 2009/04/02 22:34:59 1.4.2.15 ++++ openssl/ssl/d1_pkt.c 2009/04/19 18:08:12 1.4.2.16 +@@ -1024,15 +1024,17 @@ + if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) + { + struct ccs_header_st ccs_hdr; ++ int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH; + + dtls1_get_ccs_header(rr->data, &ccs_hdr); + + /* 'Change Cipher Spec' is just a single byte, so we know + * exactly what the record payload has to look like */ + /* XDTLS: check that epoch is consistent */ +- if ( (s->client_version == DTLS1_BAD_VER && rr->length != 3) || +- (s->client_version != DTLS1_BAD_VER && rr->length != DTLS1_CCS_HEADER_LENGTH) || +- (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) ++ if (s->client_version == DTLS1_BAD_VER || s->version == DTLS1_BAD_VER) ++ ccs_hdr_len = 3; ++ ++ if ((rr->length != ccs_hdr_len) || (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) + { + i=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); +@@ -1358,7 +1360,7 @@ + #if 0 + /* 'create_empty_fragment' is true only when this function calls itself */ + if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done +- && SSL_version(s) != DTLS1_VERSION) ++ && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER) + { + /* countermeasure against known-IV weakness in CBC ciphersuites + * (see http://www.openssl.org/~bodo/tls-cbc.txt) +Index: openssl/ssl/s3_clnt.c +RCS File: /v/openssl/cvs/openssl/ssl/s3_clnt.c,v +rcsdiff -q -kk '-r1.88.2.21' '-r1.88.2.22' -u '/v/openssl/cvs/openssl/ssl/s3_clnt.c,v' 2>/dev/null +--- openssl/ssl/s3_clnt.c 2009/02/14 21:50:14 1.88.2.21 ++++ openssl/ssl/s3_clnt.c 2009/04/19 18:08:12 1.88.2.22 +@@ -708,7 +708,7 @@ + + if (!ok) return((int)n); + +- if ( SSL_version(s) == DTLS1_VERSION) ++ if ( SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) + { + if ( s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) + { +Index: openssl/ssl/ssl.h +RCS File: /v/openssl/cvs/openssl/ssl/ssl.h,v +rcsdiff -q -kk '-r1.161.2.21' '-r1.161.2.22' -u '/v/openssl/cvs/openssl/ssl/ssl.h,v' 2>/dev/null +--- openssl/ssl/ssl.h 2008/08/13 19:44:44 1.161.2.21 ++++ openssl/ssl/ssl.h 2009/04/19 18:08:12 1.161.2.22 +@@ -510,6 +510,8 @@ + #define SSL_OP_COOKIE_EXCHANGE 0x00002000L + /* Don't use RFC4507 ticket extension */ + #define SSL_OP_NO_TICKET 0x00004000L ++/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */ ++#define SSL_OP_CISCO_ANYCONNECT 0x00008000L + + /* As server, disallow session resumption on renegotiation */ + #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L +Index: openssl/ssl/ssl_lib.c +RCS File: /v/openssl/cvs/openssl/ssl/ssl_lib.c,v +rcsdiff -q -kk '-r1.133.2.16' '-r1.133.2.17' -u '/v/openssl/cvs/openssl/ssl/ssl_lib.c,v' 2>/dev/null +--- openssl/ssl/ssl_lib.c 2009/02/23 16:02:47 1.133.2.16 ++++ openssl/ssl/ssl_lib.c 2009/04/19 18:08:12 1.133.2.17 +@@ -995,7 +995,8 @@ + s->max_cert_list=larg; + return(l); + case SSL_CTRL_SET_MTU: +- if (SSL_version(s) == DTLS1_VERSION) ++ if (SSL_version(s) == DTLS1_VERSION || ++ SSL_version(s) == DTLS1_BAD_VER) + { + s->d1->mtu = larg; + return larg; +Index: openssl/ssl/ssl_sess.c +RCS File: /v/openssl/cvs/openssl/ssl/ssl_sess.c,v +rcsdiff -q -kk '-r1.51.2.9' '-r1.51.2.10' -u '/v/openssl/cvs/openssl/ssl/ssl_sess.c,v' 2>/dev/null +--- openssl/ssl/ssl_sess.c 2008/06/04 18:35:27 1.51.2.9 ++++ openssl/ssl/ssl_sess.c 2009/04/19 18:08:12 1.51.2.10 +@@ -211,6 +211,11 @@ + ss->ssl_version=TLS1_VERSION; + ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; + } ++ else if (s->version == DTLS1_BAD_VER) ++ { ++ ss->ssl_version=DTLS1_BAD_VER; ++ ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; ++ } + else if (s->version == DTLS1_VERSION) + { + ss->ssl_version=DTLS1_VERSION; +Index: openssl/ssl/t1_enc.c +RCS File: /v/openssl/cvs/openssl/ssl/t1_enc.c,v +rcsdiff -q -kk '-r1.35.2.8' '-r1.35.2.9' -u '/v/openssl/cvs/openssl/ssl/t1_enc.c,v' 2>/dev/null +--- openssl/ssl/t1_enc.c 2009/01/05 14:43:07 1.35.2.8 ++++ openssl/ssl/t1_enc.c 2009/04/19 18:08:12 1.35.2.9 +@@ -765,10 +765,10 @@ + HMAC_CTX_init(&hmac); + HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL); + +- if (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER) ++ if (ssl->version == DTLS1_BAD_VER || ++ (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER)) + { + unsigned char dtlsseq[8],*p=dtlsseq; +- + s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p); + memcpy (p,&seq[2],6); + +@@ -793,7 +793,7 @@ + {unsigned int z; for (z=0; zlength; z++) printf("%02X ",buf[z]); printf("\n"); } + #endif + +- if ( SSL_version(ssl) != DTLS1_VERSION) ++ if ( SSL_version(ssl) != DTLS1_VERSION && SSL_version(ssl) != DTLS1_BAD_VER) + { + for (i=7; i>=0; i--) + { diff --git a/openssl.spec b/openssl.spec index 7779040..3db47f1 100644 --- a/openssl.spec +++ b/openssl.spec @@ -23,7 +23,7 @@ Summary: A general purpose cryptography library with TLS implementation Name: openssl Version: 0.9.8k -Release: 3%{?dist} +Release: 4%{?dist} # We remove certain patented algorithms from the openssl source tarball # with the hobble-openssl script which is included below. Source: openssl-%{version}-usa.tar.bz2 @@ -65,6 +65,7 @@ Patch48: openssl-0.9.8j-bad-mime.patch Patch49: openssl-0.9.8j-fips-no-pairwise.patch Patch50: openssl-0.9.8j-fips-rng-seed.patch Patch51: openssl-0.9.8k-multi-crl.patch +Patch52: openssl-0.9.8k-dtls-compat.patch # Backported fixes including security fixes License: OpenSSL @@ -150,6 +151,7 @@ from other formats to the formats used by the OpenSSL toolkit. %patch49 -p1 -b .no-pairwise %patch50 -p1 -b .rng-seed %patch51 -p1 -b .multi-crl +%patch52 -p1 -b .dtls-compat # Modify the various perl scripts to reference perl in the right location. perl util/perlpath.pl `dirname %{__perl}` @@ -408,6 +410,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* %postun -p /sbin/ldconfig %changelog +* Tue Apr 21 2009 Tomas Mraz 0.9.8k-4 +- support compatibility DTLS mode for CISCO AnyConnect (#464629) + * Fri Apr 17 2009 Tomas Mraz 0.9.8k-3 - correct the SHLIB_VERSION define