- new upstream release
This commit is contained in:
parent
79249339a7
commit
ae5568515b
@ -1 +1 @@
|
|||||||
openssl-1.0.0-beta4-usa.tar.bz2
|
openssl-1.0.0-beta5-usa.tar.bz2
|
||||||
|
@ -1,45 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c.backports openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c.backports 2008-11-12 04:57:49.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/asn1/d2i_pu.c 2009-11-18 14:11:14.000000000 +0100
|
|
||||||
@@ -87,9 +87,13 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PK
|
|
||||||
}
|
|
||||||
else ret= *a;
|
|
||||||
|
|
||||||
- ret->save_type=type;
|
|
||||||
- ret->type=EVP_PKEY_type(type);
|
|
||||||
- switch (ret->type)
|
|
||||||
+ if (!EVP_PKEY_set_type(ret, type))
|
|
||||||
+ {
|
|
||||||
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ switch (EVP_PKEY_id(ret))
|
|
||||||
{
|
|
||||||
#ifndef OPENSSL_NO_RSA
|
|
||||||
case EVP_PKEY_RSA:
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/p_lib.c.backports openssl-1.0.0-beta4/crypto/evp/p_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/p_lib.c.backports 2006-07-04 22:27:44.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/p_lib.c 2009-11-18 14:11:26.000000000 +0100
|
|
||||||
@@ -220,7 +220,10 @@ static int pkey_set_type(EVP_PKEY *pkey,
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
/* If we have an ENGINE release it */
|
|
||||||
if (pkey->engine)
|
|
||||||
+ {
|
|
||||||
ENGINE_finish(pkey->engine);
|
|
||||||
+ pkey->engine = NULL;
|
|
||||||
+ }
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
if (str)
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/x509/x509_vfy.c.backports openssl-1.0.0-beta4/crypto/x509/x509_vfy.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/x509/x509_vfy.c.backports 2009-10-31 20:21:47.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/x509/x509_vfy.c 2009-11-18 14:11:31.000000000 +0100
|
|
||||||
@@ -1727,6 +1727,7 @@ int X509_cmp_time(const ASN1_TIME *ctm,
|
|
||||||
offset= -offset;
|
|
||||||
}
|
|
||||||
atm.type=ctm->type;
|
|
||||||
+ atm.flags = 0;
|
|
||||||
atm.length=sizeof(buff2);
|
|
||||||
atm.data=(unsigned char *)buff2;
|
|
||||||
|
|
@ -1,334 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/apps/ca.c.backports2 openssl-1.0.0-beta4/apps/ca.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/ca.c.backports2 2009-10-04 18:43:21.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/apps/ca.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -215,7 +215,6 @@ static int certify_spkac(X509 **xret, ch
|
|
||||||
char *startdate, char *enddate, long days, char *ext_sect,
|
|
||||||
CONF *conf, int verbose, unsigned long certopt,
|
|
||||||
unsigned long nameopt, int default_op, int ext_copy);
|
|
||||||
-static int fix_data(int nid, int *type);
|
|
||||||
static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext);
|
|
||||||
static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
|
|
||||||
STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn,
|
|
||||||
@@ -2334,25 +2333,9 @@ static int certify_spkac(X509 **xret, ch
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
- /*
|
|
||||||
- if ((nid == NID_pkcs9_emailAddress) && (email_dn == 0))
|
|
||||||
- continue;
|
|
||||||
- */
|
|
||||||
-
|
|
||||||
- j=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
|
|
||||||
- if (fix_data(nid, &j) == 0)
|
|
||||||
- {
|
|
||||||
- BIO_printf(bio_err,
|
|
||||||
- "invalid characters in string %s\n",buf);
|
|
||||||
- goto err;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- if ((ne=X509_NAME_ENTRY_create_by_NID(&ne,nid,j,
|
|
||||||
- (unsigned char *)buf,
|
|
||||||
- strlen(buf))) == NULL)
|
|
||||||
+ if (!X509_NAME_add_entry_by_NID(n, nid, chtype,
|
|
||||||
+ (unsigned char *)buf, -1, -1, 0))
|
|
||||||
goto err;
|
|
||||||
-
|
|
||||||
- if (!X509_NAME_add_entry(n,ne,-1, 0)) goto err;
|
|
||||||
}
|
|
||||||
if (spki == NULL)
|
|
||||||
{
|
|
||||||
@@ -2395,21 +2378,6 @@ err:
|
|
||||||
return(ok);
|
|
||||||
}
|
|
||||||
|
|
||||||
-static int fix_data(int nid, int *type)
|
|
||||||
- {
|
|
||||||
- if (nid == NID_pkcs9_emailAddress)
|
|
||||||
- *type=V_ASN1_IA5STRING;
|
|
||||||
- if ((nid == NID_commonName) && (*type == V_ASN1_IA5STRING))
|
|
||||||
- *type=V_ASN1_T61STRING;
|
|
||||||
- if ((nid == NID_pkcs9_challengePassword) && (*type == V_ASN1_IA5STRING))
|
|
||||||
- *type=V_ASN1_T61STRING;
|
|
||||||
- if ((nid == NID_pkcs9_unstructuredName) && (*type == V_ASN1_T61STRING))
|
|
||||||
- return(0);
|
|
||||||
- if (nid == NID_pkcs9_unstructuredName)
|
|
||||||
- *type=V_ASN1_IA5STRING;
|
|
||||||
- return(1);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
static int check_time_format(const char *str)
|
|
||||||
{
|
|
||||||
return ASN1_TIME_set_string(NULL, str);
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/asn1/ameth_lib.c.backports2 openssl-1.0.0-beta4/crypto/asn1/ameth_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/asn1/ameth_lib.c.backports2 2008-11-12 04:57:49.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/asn1/ameth_lib.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -301,6 +301,8 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(
|
|
||||||
if (!ameth->info)
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
+ else
|
|
||||||
+ ameth->info = NULL;
|
|
||||||
|
|
||||||
if (pem_str)
|
|
||||||
{
|
|
||||||
@@ -308,6 +310,8 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(
|
|
||||||
if (!ameth->pem_str)
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
+ else
|
|
||||||
+ ameth->pem_str = NULL;
|
|
||||||
|
|
||||||
ameth->pub_decode = 0;
|
|
||||||
ameth->pub_encode = 0;
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/bio/b_sock.c.backports2 openssl-1.0.0-beta4/crypto/bio/b_sock.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bio/b_sock.c.backports2 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bio/b_sock.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -595,7 +595,7 @@ int BIO_get_accept_socket(char *host, in
|
|
||||||
struct sockaddr_in6 sa_in6;
|
|
||||||
#endif
|
|
||||||
} server,client;
|
|
||||||
- int s=INVALID_SOCKET,cs;
|
|
||||||
+ int s=INVALID_SOCKET,cs,addrlen;
|
|
||||||
unsigned char ip[4];
|
|
||||||
unsigned short port;
|
|
||||||
char *str=NULL,*e;
|
|
||||||
@@ -666,8 +666,10 @@ int BIO_get_accept_socket(char *host, in
|
|
||||||
|
|
||||||
if ((*p_getaddrinfo.f)(h,p,&hint,&res)) break;
|
|
||||||
|
|
||||||
- memcpy(&server, res->ai_addr,
|
|
||||||
- res->ai_addrlen<=sizeof(server)?res->ai_addrlen:sizeof(server));
|
|
||||||
+ addrlen = res->ai_addrlen<=sizeof(server) ?
|
|
||||||
+ res->ai_addrlen :
|
|
||||||
+ sizeof(server);
|
|
||||||
+ memcpy(&server, res->ai_addr, addrlen);
|
|
||||||
|
|
||||||
(*p_freeaddrinfo.f)(res);
|
|
||||||
goto again;
|
|
||||||
@@ -679,6 +681,7 @@ int BIO_get_accept_socket(char *host, in
|
|
||||||
memset((char *)&server,0,sizeof(server));
|
|
||||||
server.sa_in.sin_family=AF_INET;
|
|
||||||
server.sa_in.sin_port=htons(port);
|
|
||||||
+ addrlen = sizeof(server.sa_in);
|
|
||||||
|
|
||||||
if (h == NULL || strcmp(h,"*") == 0)
|
|
||||||
server.sa_in.sin_addr.s_addr=INADDR_ANY;
|
|
||||||
@@ -712,7 +715,7 @@ again:
|
|
||||||
bind_mode=BIO_BIND_NORMAL;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
- if (bind(s,&server.sa,sizeof(server)) == -1)
|
|
||||||
+ if (bind(s,&server.sa,addrlen) == -1)
|
|
||||||
{
|
|
||||||
#ifdef SO_REUSEADDR
|
|
||||||
err_num=get_last_socket_error();
|
|
||||||
@@ -740,7 +743,7 @@ again:
|
|
||||||
if (cs != INVALID_SOCKET)
|
|
||||||
{
|
|
||||||
int ii;
|
|
||||||
- ii=connect(cs,&client.sa,sizeof(client));
|
|
||||||
+ ii=connect(cs,&client.sa,addrlen);
|
|
||||||
closesocket(cs);
|
|
||||||
if (ii == INVALID_SOCKET)
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.backports2 openssl-1.0.0-beta4/crypto/bio/bss_dgram.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.backports2 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bio/bss_dgram.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -335,11 +335,21 @@ static int dgram_write(BIO *b, const cha
|
|
||||||
if ( data->connected )
|
|
||||||
ret=writesocket(b->num,in,inl);
|
|
||||||
else
|
|
||||||
+ {
|
|
||||||
+ int peerlen = sizeof(data->peer);
|
|
||||||
+
|
|
||||||
+ if (data->peer.sa.sa_family == AF_INET)
|
|
||||||
+ peerlen = sizeof(data->peer.sa_in);
|
|
||||||
+#if OPENSSL_USE_IVP6
|
|
||||||
+ else if (data->peer.sa.sa_family == AF_INET6)
|
|
||||||
+ peerlen = sizeof(data->peer.sa_in6);
|
|
||||||
+#endif
|
|
||||||
#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
|
||||||
- ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
|
||||||
+ ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
|
|
||||||
#else
|
|
||||||
- ret=sendto(b->num, in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
|
||||||
+ ret=sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
|
|
||||||
#endif
|
|
||||||
+ }
|
|
||||||
|
|
||||||
BIO_clear_retry_flags(b);
|
|
||||||
if (ret <= 0)
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/bn/bn_mul.c.backports2 openssl-1.0.0-beta4/crypto/bn/bn_mul.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bn/bn_mul.c.backports2 2009-06-17 13:47:54.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bn/bn_mul.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -1032,15 +1032,15 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, c
|
|
||||||
goto err;
|
|
||||||
if (al > j || bl > j)
|
|
||||||
{
|
|
||||||
- bn_wexpand(t,k*4);
|
|
||||||
- bn_wexpand(rr,k*4);
|
|
||||||
+ if (bn_wexpand(t,k*4) == NULL) goto err;
|
|
||||||
+ if (bn_wexpand(rr,k*4) == NULL) goto err;
|
|
||||||
bn_mul_part_recursive(rr->d,a->d,b->d,
|
|
||||||
j,al-j,bl-j,t->d);
|
|
||||||
}
|
|
||||||
else /* al <= j || bl <= j */
|
|
||||||
{
|
|
||||||
- bn_wexpand(t,k*2);
|
|
||||||
- bn_wexpand(rr,k*2);
|
|
||||||
+ if (bn_wexpand(t,k*2) == NULL) goto err;
|
|
||||||
+ if (bn_wexpand(rr,k*2) == NULL) goto err;
|
|
||||||
bn_mul_recursive(rr->d,a->d,b->d,
|
|
||||||
j,al-j,bl-j,t->d);
|
|
||||||
}
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_pmeth.c.backports2 openssl-1.0.0-beta4/crypto/dsa/dsa_pmeth.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/dsa/dsa_pmeth.c.backports2 2009-09-02 17:51:28.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/dsa/dsa_pmeth.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -132,7 +132,7 @@ static int pkey_dsa_sign(EVP_PKEY_CTX *c
|
|
||||||
|
|
||||||
ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
|
|
||||||
|
|
||||||
- if (ret < 0)
|
|
||||||
+ if (ret <= 0)
|
|
||||||
return ret;
|
|
||||||
*siglen = sltmp;
|
|
||||||
return 1;
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/digest.c.backports2 openssl-1.0.0-beta4/crypto/evp/digest.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/digest.c.backports2 2010-01-07 23:16:07.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/digest.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -127,7 +127,8 @@ EVP_MD_CTX *EVP_MD_CTX_create(void)
|
|
||||||
{
|
|
||||||
EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
|
|
||||||
|
|
||||||
- EVP_MD_CTX_init(ctx);
|
|
||||||
+ if (ctx)
|
|
||||||
+ EVP_MD_CTX_init(ctx);
|
|
||||||
|
|
||||||
return ctx;
|
|
||||||
}
|
|
||||||
@@ -256,6 +257,12 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c
|
|
||||||
{
|
|
||||||
ctx->update = type->update;
|
|
||||||
ctx->md_data=OPENSSL_malloc(type->ctx_size);
|
|
||||||
+ if (ctx->md_data == NULL)
|
|
||||||
+ {
|
|
||||||
+ EVPerr(EVP_F_EVP_DIGESTINIT_EX,
|
|
||||||
+ ERR_R_MALLOC_FAILURE);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
@@ -346,8 +353,17 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,
|
|
||||||
|
|
||||||
if (in->md_data && out->digest->ctx_size)
|
|
||||||
{
|
|
||||||
- if (tmp_buf) out->md_data = tmp_buf;
|
|
||||||
- else out->md_data=OPENSSL_malloc(out->digest->ctx_size);
|
|
||||||
+ if (tmp_buf)
|
|
||||||
+ out->md_data = tmp_buf;
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ out->md_data=OPENSSL_malloc(out->digest->ctx_size);
|
|
||||||
+ if (!out->md_data)
|
|
||||||
+ {
|
|
||||||
+ EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
memcpy(out->md_data,in->md_data,out->digest->ctx_size);
|
|
||||||
}
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/evp_err.c.backports2 openssl-1.0.0-beta4/crypto/evp/evp_err.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/evp_err.c.backports2 2010-01-07 23:16:07.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/evp_err.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -186,6 +186,8 @@ static ERR_STRING_DATA EVP_str_reasons[]
|
|
||||||
{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"},
|
|
||||||
{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"},
|
|
||||||
{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"},
|
|
||||||
+{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"},
|
|
||||||
+{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"},
|
|
||||||
{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
|
|
||||||
{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
|
|
||||||
{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/evp.h.backports2 openssl-1.0.0-beta4/crypto/evp/evp.h
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/evp.h.backports2 2010-01-07 23:16:07.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/evp.h 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -1275,6 +1275,8 @@ void ERR_load_EVP_strings(void);
|
|
||||||
#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
|
|
||||||
#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
|
|
||||||
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
|
|
||||||
+#define EVP_R_UNKNOWN_CIPHER 160
|
|
||||||
+#define EVP_R_UNKNOWN_DIGEST 161
|
|
||||||
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
|
|
||||||
#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
|
|
||||||
#define EVP_R_UNSUPPORTED_ALGORITHM 156
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/evp/evp_pbe.c.backports2 openssl-1.0.0-beta4/crypto/evp/evp_pbe.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/evp/evp_pbe.c.backports2 2008-11-05 19:38:57.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/evp/evp_pbe.c 2010-01-07 23:17:15.000000000 +0100
|
|
||||||
@@ -174,12 +174,26 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_
|
|
||||||
if (cipher_nid == -1)
|
|
||||||
cipher = NULL;
|
|
||||||
else
|
|
||||||
+ {
|
|
||||||
cipher = EVP_get_cipherbynid(cipher_nid);
|
|
||||||
+ if (!cipher)
|
|
||||||
+ {
|
|
||||||
+ EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_CIPHER);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
|
|
||||||
if (md_nid == -1)
|
|
||||||
md = NULL;
|
|
||||||
else
|
|
||||||
+ {
|
|
||||||
md = EVP_get_digestbynid(md_nid);
|
|
||||||
+ if (!md)
|
|
||||||
+ {
|
|
||||||
+ EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_DIGEST);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
|
|
||||||
if (!keygen(ctx, pass, passlen, param, cipher, md, en_de))
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c.backports2 openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c.backports2 2010-01-07 23:16:07.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -208,7 +208,16 @@ RSA *RSA_new_method(ENGINE *engine)
|
|
||||||
ret->mt_blinding=NULL;
|
|
||||||
ret->bignum_data=NULL;
|
|
||||||
ret->flags=ret->meth->flags;
|
|
||||||
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
|
|
||||||
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
|
|
||||||
+ {
|
|
||||||
+#ifndef OPENSSL_NO_ENGINE
|
|
||||||
+ if (ret->engine)
|
|
||||||
+ ENGINE_finish(ret->engine);
|
|
||||||
+#endif
|
|
||||||
+ OPENSSL_free(ret);
|
|
||||||
+ return(NULL);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
|
|
||||||
{
|
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/x509/x509_lu.c.backports2 openssl-1.0.0-beta4/crypto/x509/x509_lu.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/x509/x509_lu.c.backports2 2009-10-18 16:42:27.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/x509/x509_lu.c 2010-01-07 23:16:08.000000000 +0100
|
|
||||||
@@ -200,7 +200,13 @@ X509_STORE *X509_STORE_new(void)
|
|
||||||
ret->lookup_crls = 0;
|
|
||||||
ret->cleanup = 0;
|
|
||||||
|
|
||||||
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data);
|
|
||||||
+ if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
|
|
||||||
+ {
|
|
||||||
+ sk_X509_OBJECT_free(ret->objs);
|
|
||||||
+ OPENSSL_free(ret);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
ret->references=1;
|
|
||||||
return ret;
|
|
||||||
}
|
|
@ -1,56 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/crypto/md5/asm/md5-x86_64.pl.binutils openssl-1.0.0-beta4/crypto/md5/asm/md5-x86_64.pl
|
|
||||||
--- openssl-1.0.0-beta4/crypto/md5/asm/md5-x86_64.pl.binutils 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/md5/asm/md5-x86_64.pl 2009-11-12 17:26:08.000000000 +0100
|
|
||||||
@@ -19,6 +19,7 @@ my $code;
|
|
||||||
sub round1_step
|
|
||||||
{
|
|
||||||
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
|
|
||||||
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
|
|
||||||
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
|
|
||||||
$code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
|
|
||||||
$code .= <<EOF;
|
|
||||||
@@ -43,6 +44,7 @@ EOF
|
|
||||||
sub round2_step
|
|
||||||
{
|
|
||||||
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
|
|
||||||
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
|
|
||||||
$code .= " mov 1*4(%rsi), %r10d /* (NEXT STEP) X[1] */\n" if ($pos == -1);
|
|
||||||
$code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
|
|
||||||
$code .= " mov %edx, %r12d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
|
|
||||||
@@ -69,6 +71,7 @@ EOF
|
|
||||||
sub round3_step
|
|
||||||
{
|
|
||||||
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
|
|
||||||
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
|
|
||||||
$code .= " mov 5*4(%rsi), %r10d /* (NEXT STEP) X[5] */\n" if ($pos == -1);
|
|
||||||
$code .= " mov %ecx, %r11d /* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
|
|
||||||
$code .= <<EOF;
|
|
||||||
@@ -91,6 +94,7 @@ EOF
|
|
||||||
sub round4_step
|
|
||||||
{
|
|
||||||
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
|
|
||||||
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
|
|
||||||
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
|
|
||||||
$code .= " mov \$0xffffffff, %r11d\n" if ($pos == -1);
|
|
||||||
$code .= " xor %edx, %r11d /* (NEXT STEP) not z' = not %edx*/\n"
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl.binutils openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl
|
|
||||||
--- openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl.binutils 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl 2009-11-12 17:24:18.000000000 +0100
|
|
||||||
@@ -150,7 +150,7 @@ ___
|
|
||||||
sub BODY_20_39 {
|
|
||||||
my ($i,$a,$b,$c,$d,$e,$f)=@_;
|
|
||||||
my $j=$i+1;
|
|
||||||
-my $K=($i<40)?0x6ed9eba1:0xca62c1d6;
|
|
||||||
+my $K=($i<40)?0x6ed9eba1:-0x359d3e2a;
|
|
||||||
$code.=<<___ if ($i<79);
|
|
||||||
lea $K($xi,$e),$f
|
|
||||||
mov `4*($j%16)`(%rsp),$xi
|
|
||||||
@@ -187,7 +187,7 @@ sub BODY_40_59 {
|
|
||||||
my ($i,$a,$b,$c,$d,$e,$f)=@_;
|
|
||||||
my $j=$i+1;
|
|
||||||
$code.=<<___;
|
|
||||||
- lea 0x8f1bbcdc($xi,$e),$f
|
|
||||||
+ lea -0x70e44324($xi,$e),$f
|
|
||||||
mov `4*($j%16)`(%rsp),$xi
|
|
||||||
mov $b,$t0
|
|
||||||
mov $b,$t1
|
|
@ -1,35 +0,0 @@
|
|||||||
Do not enforce the renegotiation extension on the client - too many broken servers remain.
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.client-reneg openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.client-reneg 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2009-11-18 14:04:19.000000000 +0100
|
|
||||||
@@ -985,6 +985,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
{
|
|
||||||
+#if 0
|
|
||||||
/* Because the client does not see any renegotiation during an
|
|
||||||
attack, we must enforce this on all server hellos, even the
|
|
||||||
first */
|
|
||||||
@@ -994,6 +995,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+#endif
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1126,12 +1128,14 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#if 0
|
|
||||||
if (!renegotiate_seen
|
|
||||||
&& !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
{
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
if (!s->hit && tlsext_servername == 1)
|
|
||||||
{
|
|
@ -1,49 +0,0 @@
|
|||||||
Modify compression code so it frees up structures without using the
|
|
||||||
ex_data callbacks. This works around a problem where some applications
|
|
||||||
call CRYPTO_free_all_ex_data() before application exit (e.g. when
|
|
||||||
restarting) then use compression (e.g. SSL with compression) later.
|
|
||||||
This results in significant per-connection memory leaks and
|
|
||||||
has caused some security issues including CVE-2008-1678 and
|
|
||||||
CVE-2009-4355.
|
|
||||||
[Steve Henson]
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/comp/c_zlib.c.compleak openssl-1.0.0-beta4/crypto/comp/c_zlib.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/comp/c_zlib.c.compleak 2008-12-13 18:19:40.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/comp/c_zlib.c 2010-01-13 22:06:20.000000000 +0100
|
|
||||||
@@ -136,15 +136,6 @@ struct zlib_state
|
|
||||||
|
|
||||||
static int zlib_stateful_ex_idx = -1;
|
|
||||||
|
|
||||||
-static void zlib_stateful_free_ex_data(void *obj, void *item,
|
|
||||||
- CRYPTO_EX_DATA *ad, int ind,long argl, void *argp)
|
|
||||||
- {
|
|
||||||
- struct zlib_state *state = (struct zlib_state *)item;
|
|
||||||
- inflateEnd(&state->istream);
|
|
||||||
- deflateEnd(&state->ostream);
|
|
||||||
- OPENSSL_free(state);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
static int zlib_stateful_init(COMP_CTX *ctx)
|
|
||||||
{
|
|
||||||
int err;
|
|
||||||
@@ -188,6 +179,12 @@ static int zlib_stateful_init(COMP_CTX *
|
|
||||||
|
|
||||||
static void zlib_stateful_finish(COMP_CTX *ctx)
|
|
||||||
{
|
|
||||||
+ struct zlib_state *state =
|
|
||||||
+ (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
|
|
||||||
+ zlib_stateful_ex_idx);
|
|
||||||
+ inflateEnd(&state->istream);
|
|
||||||
+ deflateEnd(&state->ostream);
|
|
||||||
+ OPENSSL_free(state);
|
|
||||||
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -402,7 +399,7 @@ COMP_METHOD *COMP_zlib(void)
|
|
||||||
if (zlib_stateful_ex_idx == -1)
|
|
||||||
zlib_stateful_ex_idx =
|
|
||||||
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
|
|
||||||
- 0,NULL,NULL,NULL,zlib_stateful_free_ex_data);
|
|
||||||
+ 0,NULL,NULL,NULL,NULL);
|
|
||||||
CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
|
|
||||||
if (zlib_stateful_ex_idx == -1)
|
|
||||||
goto err;
|
|
@ -1,222 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/crypto/bio/b_sock.c.dtls-ipv6 openssl-1.0.0-beta4/crypto/bio/b_sock.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bio/b_sock.c.dtls-ipv6 2009-11-09 15:09:53.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bio/b_sock.c 2009-11-23 08:50:45.000000000 +0100
|
|
||||||
@@ -822,7 +822,8 @@ int BIO_accept(int sock, char **addr)
|
|
||||||
if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
|
|
||||||
{
|
|
||||||
OPENSSL_assert(sa.len.s<=sizeof(sa.from));
|
|
||||||
- sa.len.i = (unsigned int)sa.len.s;
|
|
||||||
+ sa.len.i = (int)sa.len.s;
|
|
||||||
+ /* use sa.len.i from this point */
|
|
||||||
}
|
|
||||||
if (ret == INVALID_SOCKET)
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.dtls-ipv6 openssl-1.0.0-beta4/crypto/bio/bss_dgram.c
|
|
||||||
--- openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.dtls-ipv6 2009-10-15 19:41:44.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/crypto/bio/bss_dgram.c 2010-01-07 17:31:00.000000000 +0100
|
|
||||||
@@ -108,11 +108,13 @@ static BIO_METHOD methods_dgramp=
|
|
||||||
|
|
||||||
typedef struct bio_dgram_data_st
|
|
||||||
{
|
|
||||||
+ union {
|
|
||||||
+ struct sockaddr sa;
|
|
||||||
+ struct sockaddr_in sa_in;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- struct sockaddr_storage peer;
|
|
||||||
-#else
|
|
||||||
- struct sockaddr_in peer;
|
|
||||||
+ struct sockaddr_in6 sa_in6;
|
|
||||||
#endif
|
|
||||||
+ } peer;
|
|
||||||
unsigned int connected;
|
|
||||||
unsigned int _errno;
|
|
||||||
unsigned int mtu;
|
|
||||||
@@ -278,28 +280,38 @@ static int dgram_read(BIO *b, char *out,
|
|
||||||
int ret=0;
|
|
||||||
bio_dgram_data *data = (bio_dgram_data *)b->ptr;
|
|
||||||
|
|
||||||
+ struct {
|
|
||||||
+ /*
|
|
||||||
+ * See commentary in b_sock.c. <appro>
|
|
||||||
+ */
|
|
||||||
+ union { size_t s; int i; } len;
|
|
||||||
+ union {
|
|
||||||
+ struct sockaddr sa;
|
|
||||||
+ struct sockaddr_in sa_in;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- struct sockaddr_storage peer;
|
|
||||||
-#else
|
|
||||||
- struct sockaddr_in peer;
|
|
||||||
+ struct sockaddr_in6 sa_in6;
|
|
||||||
#endif
|
|
||||||
- int peerlen = sizeof(peer);
|
|
||||||
+ } peer;
|
|
||||||
+ } sa;
|
|
||||||
+
|
|
||||||
+ sa.len.s=0;
|
|
||||||
+ sa.len.i=sizeof(sa.peer);
|
|
||||||
|
|
||||||
if (out != NULL)
|
|
||||||
{
|
|
||||||
clear_socket_error();
|
|
||||||
- memset(&peer, 0x00, peerlen);
|
|
||||||
- /* Last arg in recvfrom is signed on some platforms and
|
|
||||||
- * unsigned on others. It is of type socklen_t on some
|
|
||||||
- * but this is not universal. Cast to (void *) to avoid
|
|
||||||
- * compiler warnings.
|
|
||||||
- */
|
|
||||||
+ memset(&sa.peer, 0x00, sizeof(sa.peer));
|
|
||||||
dgram_adjust_rcv_timeout(b);
|
|
||||||
- ret=recvfrom(b->num,out,outl,0,(struct sockaddr *)&peer,(void *)&peerlen);
|
|
||||||
+ ret=recvfrom(b->num,out,outl,0,&sa.peer.sa,(void *)&sa.len);
|
|
||||||
+ if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
|
|
||||||
+ {
|
|
||||||
+ OPENSSL_assert(sa.len.s<=sizeof(sa.peer));
|
|
||||||
+ sa.len.i = (int)sa.len.s;
|
|
||||||
+ }
|
|
||||||
dgram_reset_rcv_timeout(b);
|
|
||||||
|
|
||||||
if ( ! data->connected && ret >= 0)
|
|
||||||
- BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &peer);
|
|
||||||
+ BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
|
|
||||||
|
|
||||||
BIO_clear_retry_flags(b);
|
|
||||||
if (ret < 0)
|
|
||||||
@@ -323,25 +335,10 @@ static int dgram_write(BIO *b, const cha
|
|
||||||
if ( data->connected )
|
|
||||||
ret=writesocket(b->num,in,inl);
|
|
||||||
else
|
|
||||||
-#if OPENSSL_USE_IPV6
|
|
||||||
- if (data->peer.ss_family == AF_INET)
|
|
||||||
#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
|
||||||
- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
|
||||||
+ ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
|
||||||
#else
|
|
||||||
- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
- else
|
|
||||||
-#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
|
||||||
- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in6));
|
|
||||||
-#else
|
|
||||||
- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in6));
|
|
||||||
-#endif
|
|
||||||
-#else
|
|
||||||
-#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
|
|
||||||
- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
|
||||||
-#else
|
|
||||||
- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ ret=sendto(b->num, in, inl, 0, &data->peer.sa, sizeof(data->peer));
|
|
||||||
#endif
|
|
||||||
|
|
||||||
BIO_clear_retry_flags(b);
|
|
||||||
@@ -428,11 +425,20 @@ static long dgram_ctrl(BIO *b, int cmd,
|
|
||||||
else
|
|
||||||
{
|
|
||||||
#endif
|
|
||||||
+ switch (to->sa_family)
|
|
||||||
+ {
|
|
||||||
+ case AF_INET:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
|
|
||||||
+ break;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_storage));
|
|
||||||
-#else
|
|
||||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ case AF_INET6:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+ default:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa));
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
#if 0
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
@@ -537,41 +543,62 @@ static long dgram_ctrl(BIO *b, int cmd,
|
|
||||||
if ( to != NULL)
|
|
||||||
{
|
|
||||||
data->connected = 1;
|
|
||||||
+ switch (to->sa_family)
|
|
||||||
+ {
|
|
||||||
+ case AF_INET:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
|
|
||||||
+ break;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_storage));
|
|
||||||
-#else
|
|
||||||
- memcpy(&(data->peer),to, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ case AF_INET6:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+ default:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa));
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
data->connected = 0;
|
|
||||||
-#if OPENSSL_USE_IPV6
|
|
||||||
- memset(&(data->peer), 0x00, sizeof(struct sockaddr_storage));
|
|
||||||
-#else
|
|
||||||
- memset(&(data->peer), 0x00, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ memset(&(data->peer), 0x00, sizeof(data->peer));
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case BIO_CTRL_DGRAM_GET_PEER:
|
|
||||||
- to = (struct sockaddr *) ptr;
|
|
||||||
-
|
|
||||||
+ switch (data->peer.sa.sa_family)
|
|
||||||
+ {
|
|
||||||
+ case AF_INET:
|
|
||||||
+ ret=sizeof(data->peer.sa_in);
|
|
||||||
+ break;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- memcpy(to, &(data->peer), sizeof(struct sockaddr_storage));
|
|
||||||
- ret = sizeof(struct sockaddr_storage);
|
|
||||||
-#else
|
|
||||||
- memcpy(to, &(data->peer), sizeof(struct sockaddr_in));
|
|
||||||
- ret = sizeof(struct sockaddr_in);
|
|
||||||
-#endif
|
|
||||||
+ case AF_INET6:
|
|
||||||
+ ret=sizeof(data->peer.sa_in6);
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+ default:
|
|
||||||
+ ret=sizeof(data->peer.sa);
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ if (num==0 || num>ret)
|
|
||||||
+ num=ret;
|
|
||||||
+ memcpy(ptr,&data->peer,(ret=num));
|
|
||||||
break;
|
|
||||||
case BIO_CTRL_DGRAM_SET_PEER:
|
|
||||||
to = (struct sockaddr *) ptr;
|
|
||||||
-
|
|
||||||
+ switch (to->sa_family)
|
|
||||||
+ {
|
|
||||||
+ case AF_INET:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
|
|
||||||
+ break;
|
|
||||||
#if OPENSSL_USE_IPV6
|
|
||||||
- memcpy(&(data->peer), to, sizeof(struct sockaddr_storage));
|
|
||||||
-#else
|
|
||||||
- memcpy(&(data->peer), to, sizeof(struct sockaddr_in));
|
|
||||||
-#endif
|
|
||||||
+ case AF_INET6:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+ default:
|
|
||||||
+ memcpy(&data->peer,to,sizeof(data->peer.sa));
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
break;
|
|
||||||
case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
|
|
||||||
memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
|
|
@ -1,571 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/ssl/d1_both.c.dtls-reneg openssl-1.0.0-beta4/ssl/d1_both.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_both.c.dtls-reneg 2009-11-02 14:37:17.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_both.c 2010-01-07 17:35:19.000000000 +0100
|
|
||||||
@@ -764,6 +764,24 @@ int dtls1_send_finished(SSL *s, int a, i
|
|
||||||
p+=i;
|
|
||||||
l=i;
|
|
||||||
|
|
||||||
+ /* Copy the finished so we can use it for
|
|
||||||
+ * renegotiation checks
|
|
||||||
+ */
|
|
||||||
+ if(s->type == SSL_ST_CONNECT)
|
|
||||||
+ {
|
|
||||||
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
|
|
||||||
+ memcpy(s->s3->previous_client_finished,
|
|
||||||
+ s->s3->tmp.finish_md, i);
|
|
||||||
+ s->s3->previous_client_finished_len=i;
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
|
|
||||||
+ memcpy(s->s3->previous_server_finished,
|
|
||||||
+ s->s3->tmp.finish_md, i);
|
|
||||||
+ s->s3->previous_server_finished_len=i;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
#ifdef OPENSSL_SYS_WIN16
|
|
||||||
/* MSVC 1.5 does not clear the top bytes of the word unless
|
|
||||||
* I do this.
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_clnt.c.dtls-reneg openssl-1.0.0-beta4/ssl/d1_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_clnt.c.dtls-reneg 2009-07-24 13:52:32.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_clnt.c 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -286,16 +286,44 @@ int dtls1_connect(SSL *s)
|
|
||||||
|
|
||||||
case SSL3_ST_CR_CERT_A:
|
|
||||||
case SSL3_ST_CR_CERT_B:
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ ret=ssl3_check_finished(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ if (ret == 2)
|
|
||||||
+ {
|
|
||||||
+ s->hit = 1;
|
|
||||||
+ if (s->tlsext_ticket_expected)
|
|
||||||
+ s->state=SSL3_ST_CR_SESSION_TICKET_A;
|
|
||||||
+ else
|
|
||||||
+ s->state=SSL3_ST_CR_FINISHED_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
/* Check if it is anon DH or PSK */
|
|
||||||
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
|
|
||||||
!(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
|
|
||||||
{
|
|
||||||
ret=ssl3_get_server_certificate(s);
|
|
||||||
if (ret <= 0) goto end;
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ if (s->tlsext_status_expected)
|
|
||||||
+ s->state=SSL3_ST_CR_CERT_STATUS_A;
|
|
||||||
+ else
|
|
||||||
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ skip = 1;
|
|
||||||
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
|
|
||||||
+ }
|
|
||||||
+#else
|
|
||||||
}
|
|
||||||
else
|
|
||||||
skip=1;
|
|
||||||
+
|
|
||||||
s->state=SSL3_ST_CR_KEY_EXCH_A;
|
|
||||||
+#endif
|
|
||||||
s->init_num=0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
@@ -437,11 +465,36 @@ int dtls1_connect(SSL *s)
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ /* Allow NewSessionTicket if ticket expected */
|
|
||||||
+ if (s->tlsext_ticket_expected)
|
|
||||||
+ s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
|
|
||||||
+ else
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
|
|
||||||
}
|
|
||||||
s->init_num=0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ case SSL3_ST_CR_SESSION_TICKET_A:
|
|
||||||
+ case SSL3_ST_CR_SESSION_TICKET_B:
|
|
||||||
+ ret=ssl3_get_new_session_ticket(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ s->state=SSL3_ST_CR_FINISHED_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+ case SSL3_ST_CR_CERT_STATUS_A:
|
|
||||||
+ case SSL3_ST_CR_CERT_STATUS_B:
|
|
||||||
+ ret=ssl3_get_cert_status(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
case SSL3_ST_CR_FINISHED_A:
|
|
||||||
case SSL3_ST_CR_FINISHED_B:
|
|
||||||
s->d1->change_cipher_spec_ok = 1;
|
|
||||||
@@ -554,8 +607,14 @@ int dtls1_client_hello(SSL *s)
|
|
||||||
buf=(unsigned char *)s->init_buf->data;
|
|
||||||
if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
|
|
||||||
{
|
|
||||||
+ SSL_SESSION *sess = s->session;
|
|
||||||
if ((s->session == NULL) ||
|
|
||||||
(s->session->ssl_version != s->version) ||
|
|
||||||
+#ifdef OPENSSL_NO_TLSEXT
|
|
||||||
+ !sess->session_id_length ||
|
|
||||||
+#else
|
|
||||||
+ (!sess->session_id_length && !sess->tlsext_tick) ||
|
|
||||||
+#endif
|
|
||||||
(s->session->not_resumable))
|
|
||||||
{
|
|
||||||
if (!ssl_get_new_session(s,0))
|
|
||||||
@@ -635,7 +694,15 @@ int dtls1_client_hello(SSL *s)
|
|
||||||
*(p++)=comp->id;
|
|
||||||
}
|
|
||||||
*(p++)=0; /* Add the NULL method */
|
|
||||||
-
|
|
||||||
+
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
l=(p-d);
|
|
||||||
d=buf;
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_lib.c.dtls-reneg openssl-1.0.0-beta4/ssl/d1_lib.c
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_srvr.c.dtls-reneg openssl-1.0.0-beta4/ssl/d1_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_srvr.c.dtls-reneg 2009-09-09 19:05:42.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_srvr.c 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -305,8 +305,18 @@ int dtls1_accept(SSL *s)
|
|
||||||
ret=dtls1_send_server_hello(s);
|
|
||||||
if (ret <= 0) goto end;
|
|
||||||
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
if (s->hit)
|
|
||||||
- s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
+ {
|
|
||||||
+ if (s->tlsext_ticket_expected)
|
|
||||||
+ s->state=SSL3_ST_SW_SESSION_TICKET_A;
|
|
||||||
+ else
|
|
||||||
+ s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
+ }
|
|
||||||
+#else
|
|
||||||
+ if (s->hit)
|
|
||||||
+ s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
+#endif
|
|
||||||
else
|
|
||||||
s->state=SSL3_ST_SW_CERT_A;
|
|
||||||
s->init_num=0;
|
|
||||||
@@ -321,10 +331,24 @@ int dtls1_accept(SSL *s)
|
|
||||||
dtls1_start_timer(s);
|
|
||||||
ret=dtls1_send_server_certificate(s);
|
|
||||||
if (ret <= 0) goto end;
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ if (s->tlsext_status_expected)
|
|
||||||
+ s->state=SSL3_ST_SW_CERT_STATUS_A;
|
|
||||||
+ else
|
|
||||||
+ s->state=SSL3_ST_SW_KEY_EXCH_A;
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ skip = 1;
|
|
||||||
+ s->state=SSL3_ST_SW_KEY_EXCH_A;
|
|
||||||
+ }
|
|
||||||
+#else
|
|
||||||
}
|
|
||||||
else
|
|
||||||
skip=1;
|
|
||||||
+
|
|
||||||
s->state=SSL3_ST_SW_KEY_EXCH_A;
|
|
||||||
+#endif
|
|
||||||
s->init_num=0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
@@ -519,11 +543,34 @@ int dtls1_accept(SSL *s)
|
|
||||||
dtls1_stop_timer(s);
|
|
||||||
if (s->hit)
|
|
||||||
s->state=SSL_ST_OK;
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ else if (s->tlsext_ticket_expected)
|
|
||||||
+ s->state=SSL3_ST_SW_SESSION_TICKET_A;
|
|
||||||
+#endif
|
|
||||||
else
|
|
||||||
s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
s->init_num=0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ case SSL3_ST_SW_SESSION_TICKET_A:
|
|
||||||
+ case SSL3_ST_SW_SESSION_TICKET_B:
|
|
||||||
+ ret=dtls1_send_newsession_ticket(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ s->state=SSL3_ST_SW_CHANGE_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+ case SSL3_ST_SW_CERT_STATUS_A:
|
|
||||||
+ case SSL3_ST_SW_CERT_STATUS_B:
|
|
||||||
+ ret=ssl3_send_cert_status(s);
|
|
||||||
+ if (ret <= 0) goto end;
|
|
||||||
+ s->state=SSL3_ST_SW_KEY_EXCH_A;
|
|
||||||
+ s->init_num=0;
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
case SSL3_ST_SW_CHANGE_A:
|
|
||||||
case SSL3_ST_SW_CHANGE_B:
|
|
||||||
|
|
||||||
@@ -749,6 +796,8 @@ int dtls1_send_server_hello(SSL *s)
|
|
||||||
p+=sl;
|
|
||||||
|
|
||||||
/* put the cipher */
|
|
||||||
+ if (s->s3->tmp.new_cipher == NULL)
|
|
||||||
+ return -1;
|
|
||||||
i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
|
|
||||||
p+=i;
|
|
||||||
|
|
||||||
@@ -762,6 +811,14 @@ int dtls1_send_server_hello(SSL *s)
|
|
||||||
*(p++)=s->s3->tmp.new_compression->id;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+ if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
/* do the header */
|
|
||||||
l=(p-d);
|
|
||||||
d=buf;
|
|
||||||
@@ -1384,3 +1441,114 @@ int dtls1_send_server_certificate(SSL *s
|
|
||||||
/* SSL3_ST_SW_CERT_B */
|
|
||||||
return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+int dtls1_send_newsession_ticket(SSL *s)
|
|
||||||
+ {
|
|
||||||
+ if (s->state == SSL3_ST_SW_SESSION_TICKET_A)
|
|
||||||
+ {
|
|
||||||
+ unsigned char *p, *senc, *macstart;
|
|
||||||
+ int len, slen;
|
|
||||||
+ unsigned int hlen, msg_len;
|
|
||||||
+ EVP_CIPHER_CTX ctx;
|
|
||||||
+ HMAC_CTX hctx;
|
|
||||||
+ SSL_CTX *tctx = s->initial_ctx;
|
|
||||||
+ unsigned char iv[EVP_MAX_IV_LENGTH];
|
|
||||||
+ unsigned char key_name[16];
|
|
||||||
+
|
|
||||||
+ /* get session encoding length */
|
|
||||||
+ slen = i2d_SSL_SESSION(s->session, NULL);
|
|
||||||
+ /* Some length values are 16 bits, so forget it if session is
|
|
||||||
+ * too long
|
|
||||||
+ */
|
|
||||||
+ if (slen > 0xFF00)
|
|
||||||
+ return -1;
|
|
||||||
+ /* Grow buffer if need be: the length calculation is as
|
|
||||||
+ * follows 12 (DTLS handshake message header) +
|
|
||||||
+ * 4 (ticket lifetime hint) + 2 (ticket length) +
|
|
||||||
+ * 16 (key name) + max_iv_len (iv length) +
|
|
||||||
+ * session_length + max_enc_block_size (max encrypted session
|
|
||||||
+ * length) + max_md_size (HMAC).
|
|
||||||
+ */
|
|
||||||
+ if (!BUF_MEM_grow(s->init_buf,
|
|
||||||
+ DTLS1_HM_HEADER_LENGTH + 22 + EVP_MAX_IV_LENGTH +
|
|
||||||
+ EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
|
|
||||||
+ return -1;
|
|
||||||
+ senc = OPENSSL_malloc(slen);
|
|
||||||
+ if (!senc)
|
|
||||||
+ return -1;
|
|
||||||
+ p = senc;
|
|
||||||
+ i2d_SSL_SESSION(s->session, &p);
|
|
||||||
+
|
|
||||||
+ p=(unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]);
|
|
||||||
+ EVP_CIPHER_CTX_init(&ctx);
|
|
||||||
+ HMAC_CTX_init(&hctx);
|
|
||||||
+ /* Initialize HMAC and cipher contexts. If callback present
|
|
||||||
+ * it does all the work otherwise use generated values
|
|
||||||
+ * from parent ctx.
|
|
||||||
+ */
|
|
||||||
+ if (tctx->tlsext_ticket_key_cb)
|
|
||||||
+ {
|
|
||||||
+ if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
|
|
||||||
+ &hctx, 1) < 0)
|
|
||||||
+ {
|
|
||||||
+ OPENSSL_free(senc);
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ RAND_pseudo_bytes(iv, 16);
|
|
||||||
+ EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
|
|
||||||
+ tctx->tlsext_tick_aes_key, iv);
|
|
||||||
+ HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
|
|
||||||
+ tlsext_tick_md(), NULL);
|
|
||||||
+ memcpy(key_name, tctx->tlsext_tick_key_name, 16);
|
|
||||||
+ }
|
|
||||||
+ l2n(s->session->tlsext_tick_lifetime_hint, p);
|
|
||||||
+ /* Skip ticket length for now */
|
|
||||||
+ p += 2;
|
|
||||||
+ /* Output key name */
|
|
||||||
+ macstart = p;
|
|
||||||
+ memcpy(p, key_name, 16);
|
|
||||||
+ p += 16;
|
|
||||||
+ /* output IV */
|
|
||||||
+ memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
|
|
||||||
+ p += EVP_CIPHER_CTX_iv_length(&ctx);
|
|
||||||
+ /* Encrypt session data */
|
|
||||||
+ EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
|
|
||||||
+ p += len;
|
|
||||||
+ EVP_EncryptFinal(&ctx, p, &len);
|
|
||||||
+ p += len;
|
|
||||||
+ EVP_CIPHER_CTX_cleanup(&ctx);
|
|
||||||
+
|
|
||||||
+ HMAC_Update(&hctx, macstart, p - macstart);
|
|
||||||
+ HMAC_Final(&hctx, p, &hlen);
|
|
||||||
+ HMAC_CTX_cleanup(&hctx);
|
|
||||||
+
|
|
||||||
+ p += hlen;
|
|
||||||
+ /* Now write out lengths: p points to end of data written */
|
|
||||||
+ /* Total length */
|
|
||||||
+ len = p - (unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]);
|
|
||||||
+ p=(unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]) + 4;
|
|
||||||
+ s2n(len - 18, p); /* Ticket length */
|
|
||||||
+
|
|
||||||
+ /* number of bytes to write */
|
|
||||||
+ s->init_num= len;
|
|
||||||
+ s->state=SSL3_ST_SW_SESSION_TICKET_B;
|
|
||||||
+ s->init_off=0;
|
|
||||||
+ OPENSSL_free(senc);
|
|
||||||
+
|
|
||||||
+ /* XDTLS: set message header ? */
|
|
||||||
+ msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
|
|
||||||
+ dtls1_set_message_header(s, (void *)s->init_buf->data,
|
|
||||||
+ SSL3_MT_NEWSESSION_TICKET, msg_len, 0, msg_len);
|
|
||||||
+
|
|
||||||
+ /* buffer the message to handle re-xmits */
|
|
||||||
+ dtls1_buffer_message(s, 0);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ /* SSL3_ST_SW_SESSION_TICKET_B */
|
|
||||||
+ return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_locl.h.dtls-reneg openssl-1.0.0-beta4/ssl/ssl_locl.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_locl.h.dtls-reneg 2009-11-23 08:36:03.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_locl.h 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -933,7 +933,7 @@ void dtls1_start_timer(SSL *s);
|
|
||||||
void dtls1_stop_timer(SSL *s);
|
|
||||||
int dtls1_is_timer_expired(SSL *s);
|
|
||||||
void dtls1_double_timeout(SSL *s);
|
|
||||||
-
|
|
||||||
+int dtls1_send_newsession_ticket(SSL *s);
|
|
||||||
|
|
||||||
/* some client-only functions */
|
|
||||||
int ssl3_client_hello(SSL *s);
|
|
||||||
@@ -949,6 +949,9 @@ int ssl3_send_client_key_exchange(SSL *s
|
|
||||||
int ssl3_get_key_exchange(SSL *s);
|
|
||||||
int ssl3_get_server_certificate(SSL *s);
|
|
||||||
int ssl3_check_cert_and_algorithm(SSL *s);
|
|
||||||
+#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
+int ssl3_check_finished(SSL *s);
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
int dtls1_client_hello(SSL *s);
|
|
||||||
int dtls1_send_client_certificate(SSL *s);
|
|
||||||
@@ -1030,6 +1033,7 @@ int ssl_prepare_clienthello_tlsext(SSL *
|
|
||||||
int ssl_prepare_serverhello_tlsext(SSL *s);
|
|
||||||
int ssl_check_clienthello_tlsext(SSL *s);
|
|
||||||
int ssl_check_serverhello_tlsext(SSL *s);
|
|
||||||
+
|
|
||||||
#ifdef OPENSSL_NO_SHA256
|
|
||||||
#define tlsext_tick_md EVP_sha1
|
|
||||||
#else
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_clnt.c.dtls-reneg openssl-1.0.0-beta4/ssl/s3_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_clnt.c.dtls-reneg 2009-11-23 08:36:04.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_clnt.c 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -170,9 +170,6 @@
|
|
||||||
|
|
||||||
static const SSL_METHOD *ssl3_get_client_method(int ver);
|
|
||||||
static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
|
|
||||||
-#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
-static int ssl3_check_finished(SSL *s);
|
|
||||||
-#endif
|
|
||||||
|
|
||||||
static const SSL_METHOD *ssl3_get_client_method(int ver)
|
|
||||||
{
|
|
||||||
@@ -1827,6 +1824,7 @@ int ssl3_get_new_session_ticket(SSL *s)
|
|
||||||
SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,SSL_R_LENGTH_MISMATCH);
|
|
||||||
goto f_err;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
p=d=(unsigned char *)s->init_msg;
|
|
||||||
n2l(p, s->session->tlsext_tick_lifetime_hint);
|
|
||||||
n2s(p, ticklen);
|
|
||||||
@@ -2991,7 +2989,7 @@ err:
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
-static int ssl3_check_finished(SSL *s)
|
|
||||||
+int ssl3_check_finished(SSL *s)
|
|
||||||
{
|
|
||||||
int ok;
|
|
||||||
long n;
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.dtls-reneg openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.dtls-reneg 2009-11-23 08:36:04.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2010-01-07 17:44:55.000000000 +0100
|
|
||||||
@@ -340,7 +340,8 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
- if (s->tlsext_ecpointformatlist != NULL)
|
|
||||||
+ if (s->tlsext_ecpointformatlist != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
/* Add TLS extension ECPointFormats to the ClientHello message */
|
|
||||||
long lenmax;
|
|
||||||
@@ -359,7 +360,8 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
|
|
||||||
ret+=s->tlsext_ecpointformatlist_length;
|
|
||||||
}
|
|
||||||
- if (s->tlsext_ellipticcurvelist != NULL)
|
|
||||||
+ if (s->tlsext_ellipticcurvelist != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
/* Add TLS extension EllipticCurves to the ClientHello message */
|
|
||||||
long lenmax;
|
|
||||||
@@ -423,7 +425,8 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
skip_ext:
|
|
||||||
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
- if (s->s3->client_opaque_prf_input != NULL)
|
|
||||||
+ if (s->s3->client_opaque_prf_input != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
size_t col = s->s3->client_opaque_prf_input_len;
|
|
||||||
|
|
||||||
@@ -440,7 +443,8 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
- if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp)
|
|
||||||
+ if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
long extlen, idlen, itmp;
|
|
||||||
@@ -515,7 +519,7 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
s2n(0,ret);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if(s->s3->send_connection_binding)
|
|
||||||
+ if(s->s3->send_connection_binding)
|
|
||||||
{
|
|
||||||
int el;
|
|
||||||
|
|
||||||
@@ -540,7 +544,8 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
- if (s->tlsext_ecpointformatlist != NULL)
|
|
||||||
+ if (s->tlsext_ecpointformatlist != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
/* Add TLS extension ECPointFormats to the ServerHello message */
|
|
||||||
long lenmax;
|
|
||||||
@@ -579,7 +584,8 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
- if (s->s3->server_opaque_prf_input != NULL)
|
|
||||||
+ if (s->s3->server_opaque_prf_input != NULL &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
size_t sol = s->s3->server_opaque_prf_input_len;
|
|
||||||
|
|
||||||
@@ -757,7 +763,8 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
- else if (type == TLSEXT_TYPE_ec_point_formats)
|
|
||||||
+ else if (type == TLSEXT_TYPE_ec_point_formats &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
int ecpointformatlist_length = *(sdata++);
|
|
||||||
@@ -784,7 +791,8 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
fprintf(stderr,"\n");
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
- else if (type == TLSEXT_TYPE_elliptic_curves)
|
|
||||||
+ else if (type == TLSEXT_TYPE_elliptic_curves &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
int ellipticcurvelist_length = (*(sdata++) << 8);
|
|
||||||
@@ -814,7 +822,8 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
#endif /* OPENSSL_NO_EC */
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
- else if (type == TLSEXT_TYPE_opaque_prf_input)
|
|
||||||
+ else if (type == TLSEXT_TYPE_opaque_prf_input &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
|
|
||||||
@@ -858,8 +867,8 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
renegotiate_seen = 1;
|
|
||||||
}
|
|
||||||
- else if (type == TLSEXT_TYPE_status_request
|
|
||||||
- && s->ctx->tlsext_status_cb)
|
|
||||||
+ else if (type == TLSEXT_TYPE_status_request &&
|
|
||||||
+ s->version != DTLS1_VERSION && s->ctx->tlsext_status_cb)
|
|
||||||
{
|
|
||||||
|
|
||||||
if (size < 5)
|
|
||||||
@@ -1027,7 +1036,8 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
- else if (type == TLSEXT_TYPE_ec_point_formats)
|
|
||||||
+ else if (type == TLSEXT_TYPE_ec_point_formats &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
int ecpointformatlist_length = *(sdata++);
|
|
||||||
@@ -1073,7 +1083,8 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
s->tlsext_ticket_expected = 1;
|
|
||||||
}
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
- else if (type == TLSEXT_TYPE_opaque_prf_input)
|
|
||||||
+ else if (type == TLSEXT_TYPE_opaque_prf_input &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
unsigned char *sdata = data;
|
|
||||||
|
|
||||||
@@ -1103,7 +1114,8 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
- else if (type == TLSEXT_TYPE_status_request)
|
|
||||||
+ else if (type == TLSEXT_TYPE_status_request &&
|
|
||||||
+ s->version != DTLS1_VERSION)
|
|
||||||
{
|
|
||||||
/* MUST be empty and only sent if we've requested
|
|
||||||
* a status request message.
|
|
@ -1,93 +0,0 @@
|
|||||||
Better error reporting for unsafe renegotiation.
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_err.c.reneg-err openssl-1.0.0-beta4/ssl/ssl_err.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_err.c.reneg-err 2009-11-09 19:45:42.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_err.c 2009-11-20 17:56:57.000000000 +0100
|
|
||||||
@@ -226,7 +226,9 @@ static ERR_STRING_DATA SSL_str_functs[]=
|
|
||||||
{ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT), "SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
|
|
||||||
+{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT), "SSL_PARSE_CLIENTHELLO_TLSEXT"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT), "SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
|
|
||||||
+{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT), "SSL_PARSE_SERVERHELLO_TLSEXT"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT), "SSL_PREPARE_CLIENTHELLO_TLSEXT"},
|
|
||||||
{ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT), "SSL_PREPARE_SERVERHELLO_TLSEXT"},
|
|
||||||
@@ -526,6 +528,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE),"unknown remote error type"},
|
|
||||||
{ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION) ,"unknown ssl version"},
|
|
||||||
{ERR_REASON(SSL_R_UNKNOWN_STATE) ,"unknown state"},
|
|
||||||
+{ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),"unsafe legacy renegotiation disabled"},
|
|
||||||
{ERR_REASON(SSL_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
|
|
||||||
{ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),"unsupported compression algorithm"},
|
|
||||||
{ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE),"unsupported digest type"},
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl.h.reneg-err openssl-1.0.0-beta4/ssl/ssl.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl.h.reneg-err 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl.h 2009-11-20 17:56:57.000000000 +0100
|
|
||||||
@@ -1934,7 +1934,9 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
|
|
||||||
#define SSL_F_SSL_NEW 186
|
|
||||||
#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
|
|
||||||
+#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
|
|
||||||
#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
|
|
||||||
+#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
|
|
||||||
#define SSL_F_SSL_PEEK 270
|
|
||||||
#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
|
|
||||||
#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
|
|
||||||
@@ -2231,6 +2233,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
|
|
||||||
#define SSL_R_UNKNOWN_SSL_VERSION 254
|
|
||||||
#define SSL_R_UNKNOWN_STATE 255
|
|
||||||
+#define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
|
|
||||||
#define SSL_R_UNSUPPORTED_CIPHER 256
|
|
||||||
#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
|
|
||||||
#define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s23_srvr.c.reneg-err openssl-1.0.0-beta4/ssl/s23_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s23_srvr.c.reneg-err 2009-11-12 15:17:29.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s23_srvr.c 2009-11-20 17:57:23.000000000 +0100
|
|
||||||
@@ -497,6 +497,11 @@ int ssl23_get_client_hello(SSL *s)
|
|
||||||
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
|
|
||||||
goto err;
|
|
||||||
#else
|
|
||||||
+ if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
/* we are talking sslv2 */
|
|
||||||
/* we need to clean up the SSLv3/TLSv1 setup and put in the
|
|
||||||
* sslv2 stuff. */
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.reneg-err openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.reneg-err 2009-11-18 14:04:19.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2009-11-20 17:56:57.000000000 +0100
|
|
||||||
@@ -636,6 +636,7 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
{
|
|
||||||
/* We should always see one extension: the renegotiate extension */
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
return 1;
|
|
||||||
@@ -965,6 +966,7 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
if (s->new_session && !renegotiate_seen
|
|
||||||
&& !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
{
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
@@ -993,6 +995,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
{
|
|
||||||
/* We should always see one extension: the renegotiate extension */
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
@@ -1133,6 +1136,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
&& !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
{
|
|
||||||
*al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
#endif
|
|
@ -1,793 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/apps/s_client.c.scsv openssl-1.0.0-beta4/apps/s_client.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_client.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_client.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -382,7 +382,7 @@ int MAIN(int, char **);
|
|
||||||
|
|
||||||
int MAIN(int argc, char **argv)
|
|
||||||
{
|
|
||||||
- int off=0;
|
|
||||||
+ unsigned int off=0, clr=0;
|
|
||||||
SSL *con=NULL;
|
|
||||||
int s,k,width,state=0;
|
|
||||||
char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
|
|
||||||
@@ -660,6 +660,10 @@ int MAIN(int argc, char **argv)
|
|
||||||
off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
|
|
||||||
else if (strcmp(*argv,"-legacy_renegotiation") == 0)
|
|
||||||
off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
|
|
||||||
+ else if (strcmp(*argv,"-legacy_server_connect") == 0)
|
|
||||||
+ { off|=SSL_OP_LEGACY_SERVER_CONNECT; }
|
|
||||||
+ else if (strcmp(*argv,"-no_legacy_server_connect") == 0)
|
|
||||||
+ { clr|=SSL_OP_LEGACY_SERVER_CONNECT; }
|
|
||||||
else if (strcmp(*argv,"-cipher") == 0)
|
|
||||||
{
|
|
||||||
if (--argc < 1) goto bad;
|
|
||||||
@@ -870,6 +874,9 @@ bad:
|
|
||||||
SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
|
|
||||||
else
|
|
||||||
SSL_CTX_set_options(ctx,off);
|
|
||||||
+
|
|
||||||
+ if (clr)
|
|
||||||
+ SSL_CTX_clear_options(ctx, clr);
|
|
||||||
/* DTLS: partial reads end up discarding unread UDP bytes :-(
|
|
||||||
* Setting read ahead solves this problem.
|
|
||||||
*/
|
|
||||||
@@ -1725,6 +1732,8 @@ static void print_stuff(BIO *bio, SSL *s
|
|
||||||
EVP_PKEY_bits(pktmp));
|
|
||||||
EVP_PKEY_free(pktmp);
|
|
||||||
}
|
|
||||||
+ BIO_printf(bio, "Secure Renegotiation IS%s supported\n",
|
|
||||||
+ SSL_get_secure_renegotiation_support(s) ? "" : " NOT");
|
|
||||||
#ifndef OPENSSL_NO_COMP
|
|
||||||
comp=SSL_get_current_compression(s);
|
|
||||||
expansion=SSL_get_current_expansion(s);
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/s_server.c.scsv openssl-1.0.0-beta4/apps/s_server.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_server.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_server.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -2212,6 +2212,8 @@ static int init_ssl_connection(SSL *con)
|
|
||||||
con->kssl_ctx->client_princ);
|
|
||||||
}
|
|
||||||
#endif /* OPENSSL_NO_KRB5 */
|
|
||||||
+ BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
|
|
||||||
+ SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
|
|
||||||
return(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/doc/ssl/SSL_CTX_set_options.pod.scsv openssl-1.0.0-beta4/doc/ssl/SSL_CTX_set_options.pod
|
|
||||||
--- openssl-1.0.0-beta4/doc/ssl/SSL_CTX_set_options.pod.scsv 2007-08-24 00:49:13.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/doc/ssl/SSL_CTX_set_options.pod 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -2,7 +2,7 @@
|
|
||||||
|
|
||||||
=head1 NAME
|
|
||||||
|
|
||||||
-SSL_CTX_set_options, SSL_set_options, SSL_CTX_get_options, SSL_get_options - manipulate SSL engine options
|
|
||||||
+SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options
|
|
||||||
|
|
||||||
=head1 SYNOPSIS
|
|
||||||
|
|
||||||
@@ -11,26 +11,41 @@ SSL_CTX_set_options, SSL_set_options, SS
|
|
||||||
long SSL_CTX_set_options(SSL_CTX *ctx, long options);
|
|
||||||
long SSL_set_options(SSL *ssl, long options);
|
|
||||||
|
|
||||||
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
|
|
||||||
+ long SSL_clear_options(SSL *ssl, long options);
|
|
||||||
+
|
|
||||||
long SSL_CTX_get_options(SSL_CTX *ctx);
|
|
||||||
long SSL_get_options(SSL *ssl);
|
|
||||||
|
|
||||||
+ long SSL_get_secure_renegotiation_support(SSL *ssl);
|
|
||||||
+
|
|
||||||
=head1 DESCRIPTION
|
|
||||||
|
|
||||||
+Note: all these functions are implemented using macros.
|
|
||||||
+
|
|
||||||
SSL_CTX_set_options() adds the options set via bitmask in B<options> to B<ctx>.
|
|
||||||
Options already set before are not cleared!
|
|
||||||
|
|
||||||
SSL_set_options() adds the options set via bitmask in B<options> to B<ssl>.
|
|
||||||
Options already set before are not cleared!
|
|
||||||
|
|
||||||
+SSL_CTX_clear_options() clears the options set via bitmask in B<options>
|
|
||||||
+to B<ctx>.
|
|
||||||
+
|
|
||||||
+SSL_clear_options() clears the options set via bitmask in B<options> to B<ssl>.
|
|
||||||
+
|
|
||||||
SSL_CTX_get_options() returns the options set for B<ctx>.
|
|
||||||
|
|
||||||
SSL_get_options() returns the options set for B<ssl>.
|
|
||||||
|
|
||||||
+SSL_get_secure_renegotiation_support() indicates whether the peer supports
|
|
||||||
+secure renegotiation.
|
|
||||||
+
|
|
||||||
=head1 NOTES
|
|
||||||
|
|
||||||
The behaviour of the SSL library can be changed by setting several options.
|
|
||||||
The options are coded as bitmasks and can be combined by a logical B<or>
|
|
||||||
-operation (|). Options can only be added but can never be reset.
|
|
||||||
+operation (|).
|
|
||||||
|
|
||||||
SSL_CTX_set_options() and SSL_set_options() affect the (external)
|
|
||||||
protocol behaviour of the SSL library. The (internal) behaviour of
|
|
||||||
@@ -199,7 +214,7 @@ Do not use the TLSv1 protocol.
|
|
||||||
|
|
||||||
When performing renegotiation as a server, always start a new session
|
|
||||||
(i.e., session resumption requests are only accepted in the initial
|
|
||||||
-handshake). This option is not needed for clients.
|
|
||||||
+handshake). This option is not needed for clients.
|
|
||||||
|
|
||||||
=item SSL_OP_NO_TICKET
|
|
||||||
|
|
||||||
@@ -209,15 +224,63 @@ of RFC4507bis tickets for stateless sess
|
|
||||||
If this option is set this functionality is disabled and tickets will
|
|
||||||
not be used by clients or servers.
|
|
||||||
|
|
||||||
+=item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
|
|
||||||
+
|
|
||||||
+See the B<SECURE RENEGOTIATION> section for a discussion of the purpose of
|
|
||||||
+this option
|
|
||||||
+
|
|
||||||
=back
|
|
||||||
|
|
||||||
+=head1 SECURE RENEGOTIATION
|
|
||||||
+
|
|
||||||
+OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
|
|
||||||
+described in draft-ietf-tls-renegotiation (FIXME: replace by RFC). This
|
|
||||||
+counters a prefix attack described in the draft and elsewhere (FIXME: need full
|
|
||||||
+reference).
|
|
||||||
+
|
|
||||||
+This attack has far reaching consequences which application writers should be
|
|
||||||
+aware of. In the description below an implementation supporting secure
|
|
||||||
+renegotiation is referred to as I<patched>. A server not supporting secure
|
|
||||||
+renegotiation is referred to as I<unpatched>.
|
|
||||||
+
|
|
||||||
+If an unpatched client attempts to connect to a patched OpenSSL server then
|
|
||||||
+the attempt will succeed but renegotiation is not permitted. As required
|
|
||||||
+by the standard a B<no_renegotiation> alert is sent back to the client if
|
|
||||||
+the TLS v1.0 protocol is used. If SSLv3.0 is used then renegotiation results
|
|
||||||
+in a fatal B<handshake_failed> alert.
|
|
||||||
+
|
|
||||||
+If a patched OpenSSL client attempts to connect to an unpatched server
|
|
||||||
+then the connection will fail because it is not possible to determine
|
|
||||||
+whether an attack is taking place.
|
|
||||||
+
|
|
||||||
+If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then the
|
|
||||||
+above restrictions are relaxed. Renegotiation is permissible and initial
|
|
||||||
+connections to unpatched servers will succeed.
|
|
||||||
+
|
|
||||||
+This option should be used with caution because it leaves both clients and
|
|
||||||
+servers vulnerable. However unpatched servers and clients are likely to be
|
|
||||||
+around for some time and refusing to connect to unpatched servers or denying
|
|
||||||
+renegotion altogether may be unacceptable. So applications may be forced to
|
|
||||||
+tolerate unsafe renegotiation for the immediate future.
|
|
||||||
+
|
|
||||||
+The function SSL_get_secure_renegotiation_support() indicates whether the peer
|
|
||||||
+supports secure renegotiation.
|
|
||||||
+
|
|
||||||
+The deprecated SSLv2 protocol does not support secure renegotiation at all.
|
|
||||||
+
|
|
||||||
=head1 RETURN VALUES
|
|
||||||
|
|
||||||
SSL_CTX_set_options() and SSL_set_options() return the new options bitmask
|
|
||||||
after adding B<options>.
|
|
||||||
|
|
||||||
+SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask
|
|
||||||
+after clearing B<options>.
|
|
||||||
+
|
|
||||||
SSL_CTX_get_options() and SSL_get_options() return the current bitmask.
|
|
||||||
|
|
||||||
+SSL_get_secure_renegotiation_support() returns 1 is the peer supports
|
|
||||||
+secure renegotiation and 0 if it does not.
|
|
||||||
+
|
|
||||||
=head1 SEE ALSO
|
|
||||||
|
|
||||||
L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
|
|
||||||
@@ -240,4 +303,10 @@ Versions up to OpenSSL 0.9.6c do not inc
|
|
||||||
can be disabled with this option (in OpenSSL 0.9.6d, it was always
|
|
||||||
enabled).
|
|
||||||
|
|
||||||
+SSL_CTX_clear_options() and SSL_clear_options() were first added in OpenSSL
|
|
||||||
+0.9.8m.
|
|
||||||
+
|
|
||||||
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> was first added in OpenSSL
|
|
||||||
+0.9.8m.
|
|
||||||
+
|
|
||||||
=cut
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_clnt.c.scsv openssl-1.0.0-beta4/ssl/d1_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_clnt.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_clnt.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -698,7 +698,7 @@ int dtls1_client_hello(SSL *s)
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
|
||||||
{
|
|
||||||
- SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
+ SSLerr(SSL_F_DTLS1_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/d1_srvr.c.scsv openssl-1.0.0-beta4/ssl/d1_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/d1_srvr.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/d1_srvr.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -814,7 +814,7 @@ int dtls1_send_server_hello(SSL *s)
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
|
||||||
{
|
|
||||||
- SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
+ SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_err.c.scsv openssl-1.0.0-beta4/ssl/ssl_err.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_err.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_err.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -414,6 +414,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED),"no private key assigned"},
|
|
||||||
{ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE),"no protocols available"},
|
|
||||||
{ERR_REASON(SSL_R_NO_PUBLICKEY) ,"no publickey"},
|
|
||||||
+{ERR_REASON(SSL_R_NO_RENEGOTIATION) ,"no renegotiation"},
|
|
||||||
{ERR_REASON(SSL_R_NO_REQUIRED_DIGEST) ,"digest requred for handshake isn't computed"},
|
|
||||||
{ERR_REASON(SSL_R_NO_SHARED_CIPHER) ,"no shared cipher"},
|
|
||||||
{ERR_REASON(SSL_R_NO_VERIFY_CALLBACK) ,"no verify callback"},
|
|
||||||
@@ -453,6 +454,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),"reuse cert length not zero"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO),"reuse cert type not zero"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),"reuse cipher list not zero"},
|
|
||||||
+{ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),"scsv received when renegotiating"},
|
|
||||||
{ERR_REASON(SSL_R_SERVERHELLO_TLSEXT) ,"serverhello tlsext"},
|
|
||||||
{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
|
|
||||||
{ERR_REASON(SSL_R_SHORT_READ) ,"short read"},
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl.h.scsv openssl-1.0.0-beta4/ssl/ssl.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl.h.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl.h 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -511,6 +511,8 @@ typedef struct ssl_session_st
|
|
||||||
|
|
||||||
#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
|
|
||||||
#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
|
|
||||||
+/* Allow initial connection to servers that don't support RI */
|
|
||||||
+#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
|
|
||||||
#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L /* can break some security expectations */
|
|
||||||
#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
|
|
||||||
#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
|
|
||||||
@@ -518,7 +520,6 @@ typedef struct ssl_session_st
|
|
||||||
#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
|
|
||||||
#define SSL_OP_TLS_D5_BUG 0x00000100L
|
|
||||||
#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
|
|
||||||
-#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00000400L
|
|
||||||
|
|
||||||
/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
|
|
||||||
* in OpenSSL 0.9.6d. Usually (depending on the application protocol)
|
|
||||||
@@ -544,6 +545,8 @@ typedef struct ssl_session_st
|
|
||||||
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
|
|
||||||
/* Don't use compression even if supported */
|
|
||||||
#define SSL_OP_NO_COMPRESSION 0x00020000L
|
|
||||||
+/* Permit unsafe legacy renegotiation */
|
|
||||||
+#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
|
|
||||||
/* If set, always create a new key when using tmp_ecdh parameters */
|
|
||||||
#define SSL_OP_SINGLE_ECDH_USE 0x00080000L
|
|
||||||
/* If set, always create a new key when using tmp_dh parameters */
|
|
||||||
@@ -599,17 +602,25 @@ typedef struct ssl_session_st
|
|
||||||
|
|
||||||
#define SSL_CTX_set_options(ctx,op) \
|
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
|
|
||||||
+#define SSL_CTX_clear_options(ctx,op) \
|
|
||||||
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
|
|
||||||
#define SSL_CTX_get_options(ctx) \
|
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
|
|
||||||
#define SSL_set_options(ssl,op) \
|
|
||||||
SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
|
|
||||||
+#define SSL_clear_options(ssl,op) \
|
|
||||||
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
|
|
||||||
#define SSL_get_options(ssl) \
|
|
||||||
SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
|
|
||||||
|
|
||||||
#define SSL_CTX_set_mode(ctx,op) \
|
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
|
|
||||||
+#define SSL_CTX_clear_mode(ctx,op) \
|
|
||||||
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
|
|
||||||
#define SSL_CTX_get_mode(ctx) \
|
|
||||||
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
|
|
||||||
+#define SSL_clear_mode(ssl,op) \
|
|
||||||
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
|
|
||||||
#define SSL_set_mode(ssl,op) \
|
|
||||||
SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
|
|
||||||
#define SSL_get_mode(ssl) \
|
|
||||||
@@ -617,6 +628,8 @@ typedef struct ssl_session_st
|
|
||||||
#define SSL_set_mtu(ssl, mtu) \
|
|
||||||
SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
|
|
||||||
|
|
||||||
+#define SSL_get_secure_renegotiation_support(ssl) \
|
|
||||||
+ SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
|
|
||||||
|
|
||||||
void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
|
|
||||||
void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
|
|
||||||
@@ -1389,6 +1402,10 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
|
||||||
#define DTLS_CTRL_HANDLE_TIMEOUT 74
|
|
||||||
#define DTLS_CTRL_LISTEN 75
|
|
||||||
|
|
||||||
+#define SSL_CTRL_GET_RI_SUPPORT 76
|
|
||||||
+#define SSL_CTRL_CLEAR_OPTIONS 77
|
|
||||||
+#define SSL_CTRL_CLEAR_MODE 78
|
|
||||||
+
|
|
||||||
#define DTLSv1_get_timeout(ssl, arg) \
|
|
||||||
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
|
|
||||||
#define DTLSv1_handle_timeout(ssl) \
|
|
||||||
@@ -2119,6 +2136,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
|
|
||||||
#define SSL_R_NO_PROTOCOLS_AVAILABLE 191
|
|
||||||
#define SSL_R_NO_PUBLICKEY 192
|
|
||||||
+#define SSL_R_NO_RENEGOTIATION 339
|
|
||||||
#define SSL_R_NO_REQUIRED_DIGEST 324
|
|
||||||
#define SSL_R_NO_SHARED_CIPHER 193
|
|
||||||
#define SSL_R_NO_VERIFY_CALLBACK 194
|
|
||||||
@@ -2158,6 +2176,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
|
|
||||||
#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
|
|
||||||
#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
|
|
||||||
+#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
|
|
||||||
#define SSL_R_SERVERHELLO_TLSEXT 275
|
|
||||||
#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
|
|
||||||
#define SSL_R_SHORT_READ 219
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_lib.c.scsv openssl-1.0.0-beta4/ssl/ssl_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_lib.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_lib.c 2010-01-07 23:38:08.000000000 +0100
|
|
||||||
@@ -1041,8 +1041,12 @@ long SSL_ctrl(SSL *s,int cmd,long larg,v
|
|
||||||
|
|
||||||
case SSL_CTRL_OPTIONS:
|
|
||||||
return(s->options|=larg);
|
|
||||||
+ case SSL_CTRL_CLEAR_OPTIONS:
|
|
||||||
+ return(s->options&=~larg);
|
|
||||||
case SSL_CTRL_MODE:
|
|
||||||
return(s->mode|=larg);
|
|
||||||
+ case SSL_CTRL_CLEAR_MODE:
|
|
||||||
+ return(s->mode &=~larg);
|
|
||||||
case SSL_CTRL_GET_MAX_CERT_LIST:
|
|
||||||
return(s->max_cert_list);
|
|
||||||
case SSL_CTRL_SET_MAX_CERT_LIST:
|
|
||||||
@@ -1062,6 +1066,10 @@ long SSL_ctrl(SSL *s,int cmd,long larg,v
|
|
||||||
return 0;
|
|
||||||
s->max_send_fragment = larg;
|
|
||||||
return 1;
|
|
||||||
+ case SSL_CTRL_GET_RI_SUPPORT:
|
|
||||||
+ if (s->s3)
|
|
||||||
+ return s->s3->send_connection_binding;
|
|
||||||
+ else return 0;
|
|
||||||
default:
|
|
||||||
return(s->method->ssl_ctrl(s,cmd,larg,parg));
|
|
||||||
}
|
|
||||||
@@ -1148,8 +1156,12 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,l
|
|
||||||
return(ctx->stats.sess_cache_full);
|
|
||||||
case SSL_CTRL_OPTIONS:
|
|
||||||
return(ctx->options|=larg);
|
|
||||||
+ case SSL_CTRL_CLEAR_OPTIONS:
|
|
||||||
+ return(ctx->options&=~larg);
|
|
||||||
case SSL_CTRL_MODE:
|
|
||||||
return(ctx->mode|=larg);
|
|
||||||
+ case SSL_CTRL_CLEAR_MODE:
|
|
||||||
+ return(ctx->mode&=~larg);
|
|
||||||
case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
|
|
||||||
if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
|
|
||||||
return 0;
|
|
||||||
@@ -1357,6 +1369,22 @@ int ssl_cipher_list_to_bytes(SSL *s,STAC
|
|
||||||
j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
|
|
||||||
p+=j;
|
|
||||||
}
|
|
||||||
+ /* If p == q, no ciphers and caller indicates an error. Otherwise
|
|
||||||
+ * add SCSV if not renegotiating.
|
|
||||||
+ */
|
|
||||||
+ if (p != q && !s->new_session)
|
|
||||||
+ {
|
|
||||||
+ static SSL_CIPHER scsv =
|
|
||||||
+ {
|
|
||||||
+ 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
|
||||||
+ };
|
|
||||||
+ j = put_cb ? put_cb(&scsv,p) : ssl_put_cipher_by_char(s,&scsv,p);
|
|
||||||
+ p+=j;
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "SCSV sent by client\n");
|
|
||||||
+#endif
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
return(p-q);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1366,6 +1394,8 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_ciphe
|
|
||||||
const SSL_CIPHER *c;
|
|
||||||
STACK_OF(SSL_CIPHER) *sk;
|
|
||||||
int i,n;
|
|
||||||
+ if (s->s3)
|
|
||||||
+ s->s3->send_connection_binding = 0;
|
|
||||||
|
|
||||||
n=ssl_put_cipher_by_char(s,NULL,NULL);
|
|
||||||
if ((num%n) != 0)
|
|
||||||
@@ -1383,6 +1413,26 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_ciphe
|
|
||||||
|
|
||||||
for (i=0; i<num; i+=n)
|
|
||||||
{
|
|
||||||
+ /* Check for SCSV */
|
|
||||||
+ if (s->s3 && (n != 3 || !p[0]) &&
|
|
||||||
+ (p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
|
|
||||||
+ (p[n-1] == (SSL3_CK_SCSV & 0xff)))
|
|
||||||
+ {
|
|
||||||
+ /* SCSV fatal if renegotiating */
|
|
||||||
+ if (s->new_session)
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
|
|
||||||
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
|
|
||||||
+ goto err;
|
|
||||||
+ }
|
|
||||||
+ s->s3->send_connection_binding = 1;
|
|
||||||
+ p += n;
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "SCSV received by server\n");
|
|
||||||
+#endif
|
|
||||||
+ continue;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
c=ssl_get_cipher_by_char(s,p);
|
|
||||||
p+=n;
|
|
||||||
if (c != NULL)
|
|
||||||
@@ -1642,6 +1692,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
+ /* Default is to connect to non-RI servers. When RI is more widely
|
|
||||||
+ * deployed might change this.
|
|
||||||
+ */
|
|
||||||
+ ret->options = SSL_OP_LEGACY_SERVER_CONNECT;
|
|
||||||
|
|
||||||
return(ret);
|
|
||||||
err:
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl3.h.scsv openssl-1.0.0-beta4/ssl/ssl3.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl3.h.scsv 2010-01-07 23:37:38.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl3.h 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -128,6 +128,9 @@
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */
|
|
||||||
+#define SSL3_CK_SCSV 0x030000FF
|
|
||||||
+
|
|
||||||
#define SSL3_CK_RSA_NULL_MD5 0x03000001
|
|
||||||
#define SSL3_CK_RSA_NULL_SHA 0x03000002
|
|
||||||
#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_clnt.c.scsv openssl-1.0.0-beta4/ssl/s3_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_clnt.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_clnt.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -916,7 +916,7 @@ int ssl3_get_server_hello(SSL *s)
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
/* TLS extensions*/
|
|
||||||
- if (s->version > SSL3_VERSION)
|
|
||||||
+ if (s->version >= SSL3_VERSION)
|
|
||||||
{
|
|
||||||
if (!ssl_parse_serverhello_tlsext(s,&p,d,n, &al))
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_pkt.c.scsv openssl-1.0.0-beta4/ssl/s3_pkt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_pkt.c.scsv 2009-07-14 17:28:44.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_pkt.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -1120,7 +1120,25 @@ start:
|
|
||||||
* now try again to obtain the (application) data we were asked for */
|
|
||||||
goto start;
|
|
||||||
}
|
|
||||||
-
|
|
||||||
+ /* If we are a server and get a client hello when renegotiation isn't
|
|
||||||
+ * allowed send back a no renegotiation alert and carry on.
|
|
||||||
+ * WARNING: experimental code, needs reviewing (steve)
|
|
||||||
+ */
|
|
||||||
+ if (s->server &&
|
|
||||||
+ SSL_is_init_finished(s) &&
|
|
||||||
+ !s->s3->send_connection_binding &&
|
|
||||||
+ (s->version > SSL3_VERSION) &&
|
|
||||||
+ (s->s3->handshake_fragment_len >= 4) &&
|
|
||||||
+ (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
|
|
||||||
+ (s->session != NULL) && (s->session->cipher != NULL) &&
|
|
||||||
+ !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+
|
|
||||||
+ {
|
|
||||||
+ /*s->s3->handshake_fragment_len = 0;*/
|
|
||||||
+ rr->length = 0;
|
|
||||||
+ ssl3_send_alert(s,SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
|
|
||||||
+ goto start;
|
|
||||||
+ }
|
|
||||||
if (s->s3->alert_fragment_len >= 2)
|
|
||||||
{
|
|
||||||
int alert_level = s->s3->alert_fragment[0];
|
|
||||||
@@ -1150,6 +1168,21 @@ start:
|
|
||||||
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
|
|
||||||
return(0);
|
|
||||||
}
|
|
||||||
+ /* This is a warning but we receive it if we requested
|
|
||||||
+ * renegotiation and the peer denied it. Terminate with
|
|
||||||
+ * a fatal alert because if application tried to
|
|
||||||
+ * renegotiatie it presumably had a good reason and
|
|
||||||
+ * expects it to succeed.
|
|
||||||
+ *
|
|
||||||
+ * In future we might have a renegotiation where we
|
|
||||||
+ * don't care if the peer refused it where we carry on.
|
|
||||||
+ */
|
|
||||||
+ else if (alert_descr == SSL_AD_NO_RENEGOTIATION)
|
|
||||||
+ {
|
|
||||||
+ al = SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_NO_RENEGOTIATION);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
else if (alert_level == 2) /* fatal */
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_srvr.c.scsv openssl-1.0.0-beta4/ssl/s3_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_srvr.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_srvr.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -1015,7 +1015,7 @@ int ssl3_get_client_hello(SSL *s)
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
/* TLS extensions*/
|
|
||||||
- if (s->version > SSL3_VERSION)
|
|
||||||
+ if (s->version >= SSL3_VERSION)
|
|
||||||
{
|
|
||||||
if (!ssl_parse_clienthello_tlsext(s,&p,d,n, &al))
|
|
||||||
{
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.scsv openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.scsv 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2010-01-07 23:38:08.000000000 +0100
|
|
||||||
@@ -275,8 +275,9 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
int extdatalen=0;
|
|
||||||
unsigned char *ret = p;
|
|
||||||
|
|
||||||
- /* don't add extensions for SSLv3 */
|
|
||||||
- if (s->client_version == SSL3_VERSION)
|
|
||||||
+ /* don't add extensions for SSLv3 unless doing secure renegotiation */
|
|
||||||
+ if (s->client_version == SSL3_VERSION
|
|
||||||
+ && !s->s3->send_connection_binding)
|
|
||||||
return p;
|
|
||||||
|
|
||||||
ret+=2;
|
|
||||||
@@ -315,8 +316,9 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
ret+=size_str;
|
|
||||||
}
|
|
||||||
|
|
||||||
- /* Add the renegotiation option: TODOEKR switch */
|
|
||||||
- {
|
|
||||||
+ /* Add RI if renegotiating */
|
|
||||||
+ if (s->new_session)
|
|
||||||
+ {
|
|
||||||
int el;
|
|
||||||
|
|
||||||
if(!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0))
|
|
||||||
@@ -504,8 +506,8 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
int extdatalen=0;
|
|
||||||
unsigned char *ret = p;
|
|
||||||
|
|
||||||
- /* don't add extensions for SSLv3 */
|
|
||||||
- if (s->version == SSL3_VERSION)
|
|
||||||
+ /* don't add extensions for SSLv3, unless doing secure renegotiation */
|
|
||||||
+ if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
|
|
||||||
return p;
|
|
||||||
|
|
||||||
ret+=2;
|
|
||||||
@@ -633,24 +635,13 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
|
|
||||||
s->servername_done = 0;
|
|
||||||
s->tlsext_status_type = -1;
|
|
||||||
- s->s3->send_connection_binding = 0;
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
- {
|
|
||||||
- if (s->new_session
|
|
||||||
- && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
- {
|
|
||||||
- /* We should always see one extension: the renegotiate extension */
|
|
||||||
- *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
- SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
- return 1;
|
|
||||||
- }
|
|
||||||
+ goto ri_check;
|
|
||||||
n2s(data,len);
|
|
||||||
|
|
||||||
if (data > (d+n-len))
|
|
||||||
- return 1;
|
|
||||||
+ goto ri_check;
|
|
||||||
|
|
||||||
while (data <= (d+n-4))
|
|
||||||
{
|
|
||||||
@@ -658,7 +649,7 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
n2s(data,size);
|
|
||||||
|
|
||||||
if (data+size > (d+n))
|
|
||||||
- return 1;
|
|
||||||
+ goto ri_check;
|
|
||||||
#if 0
|
|
||||||
fprintf(stderr,"Received extension type %d size %d\n",type,size);
|
|
||||||
#endif
|
|
||||||
@@ -971,17 +962,22 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
/* session ticket processed earlier */
|
|
||||||
data+=size;
|
|
||||||
}
|
|
||||||
-
|
|
||||||
- if (s->new_session && !renegotiate_seen
|
|
||||||
- && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
- {
|
|
||||||
- SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
- *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
|
|
||||||
*p = data;
|
|
||||||
+
|
|
||||||
+ ri_check:
|
|
||||||
+
|
|
||||||
+ /* Need RI if renegotiating */
|
|
||||||
+
|
|
||||||
+ if (!renegotiate_seen && s->new_session &&
|
|
||||||
+ !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ *al = SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT,
|
|
||||||
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -995,21 +991,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
int renegotiate_seen = 0;
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
- {
|
|
||||||
-#if 0
|
|
||||||
- /* Because the client does not see any renegotiation during an
|
|
||||||
- attack, we must enforce this on all server hellos, even the
|
|
||||||
- first */
|
|
||||||
- if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
- {
|
|
||||||
- /* We should always see one extension: the renegotiate extension */
|
|
||||||
- *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
- SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
-#endif
|
|
||||||
- return 1;
|
|
||||||
- }
|
|
||||||
+ goto ri_check;
|
|
||||||
|
|
||||||
n2s(data,len);
|
|
||||||
|
|
||||||
@@ -1019,7 +1001,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
n2s(data,size);
|
|
||||||
|
|
||||||
if (data+size > (d+n))
|
|
||||||
- return 1;
|
|
||||||
+ goto ri_check;
|
|
||||||
|
|
||||||
if (s->tlsext_debug_cb)
|
|
||||||
s->tlsext_debug_cb(s, 1, type, data, size,
|
|
||||||
@@ -1143,16 +1125,6 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
-#if 0
|
|
||||||
- if (!renegotiate_seen
|
|
||||||
- && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
- {
|
|
||||||
- *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
- SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
- return 0;
|
|
||||||
- }
|
|
||||||
-#endif
|
|
||||||
-
|
|
||||||
if (!s->hit && tlsext_servername == 1)
|
|
||||||
{
|
|
||||||
if (s->tlsext_hostname)
|
|
||||||
@@ -1175,6 +1147,26 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
}
|
|
||||||
|
|
||||||
*p = data;
|
|
||||||
+
|
|
||||||
+ ri_check:
|
|
||||||
+
|
|
||||||
+ /* Determine if we need to see RI. Strictly speaking if we want to
|
|
||||||
+ * avoid an attack we should *always* see RI even on initial server
|
|
||||||
+ * hello because the client doesn't see any renegotiation during an
|
|
||||||
+ * attack. However this would mean we could not connect to any server
|
|
||||||
+ * which doesn't support RI so for the immediate future tolerate RI
|
|
||||||
+ * absence on initial connect only.
|
|
||||||
+ */
|
|
||||||
+ if (!renegotiate_seen &&
|
|
||||||
+ (s->new_session || !(s->options & SSL_OP_LEGACY_SERVER_CONNECT))
|
|
||||||
+ && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ *al = SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT,
|
|
||||||
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_reneg.c.scsv openssl-1.0.0-beta4/ssl/t1_reneg.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_reneg.c.scsv 2009-11-09 19:45:42.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_reneg.c 2010-01-07 23:37:39.000000000 +0100
|
|
||||||
@@ -130,10 +130,15 @@ int ssl_add_clienthello_renegotiate_ext(
|
|
||||||
|
|
||||||
memcpy(p, s->s3->previous_client_finished,
|
|
||||||
s->s3->previous_client_finished_len);
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "%s RI extension sent by client\n",
|
|
||||||
+ s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
|
|
||||||
+#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
*len=s->s3->previous_client_finished_len + 1;
|
|
||||||
-
|
|
||||||
+
|
|
||||||
+
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -166,7 +171,7 @@ int ssl_parse_clienthello_renegotiate_ex
|
|
||||||
if(ilen != s->s3->previous_client_finished_len)
|
|
||||||
{
|
|
||||||
SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
|
|
||||||
- *al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ *al=SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -174,9 +179,13 @@ int ssl_parse_clienthello_renegotiate_ex
|
|
||||||
s->s3->previous_client_finished_len))
|
|
||||||
{
|
|
||||||
SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
|
|
||||||
- *al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ *al=SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "%s RI extension received by server\n",
|
|
||||||
+ ilen ? "Non-empty" : "Empty");
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
s->s3->send_connection_binding=1;
|
|
||||||
|
|
||||||
@@ -206,6 +215,10 @@ int ssl_add_serverhello_renegotiate_ext(
|
|
||||||
|
|
||||||
memcpy(p, s->s3->previous_server_finished,
|
|
||||||
s->s3->previous_server_finished_len);
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "%s RI extension sent by server\n",
|
|
||||||
+ s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
|
|
||||||
+#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
*len=s->s3->previous_client_finished_len
|
|
||||||
@@ -249,7 +262,7 @@ int ssl_parse_serverhello_renegotiate_ex
|
|
||||||
if(ilen != expected_len)
|
|
||||||
{
|
|
||||||
SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
|
|
||||||
- *al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ *al=SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -257,7 +270,7 @@ int ssl_parse_serverhello_renegotiate_ex
|
|
||||||
s->s3->previous_client_finished_len))
|
|
||||||
{
|
|
||||||
SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
|
|
||||||
- *al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ *al=SSL_AD_HANDSHAKE_FAILURE;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
d += s->s3->previous_client_finished_len;
|
|
||||||
@@ -269,6 +282,11 @@ int ssl_parse_serverhello_renegotiate_ex
|
|
||||||
*al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
+#ifdef OPENSSL_RI_DEBUG
|
|
||||||
+ fprintf(stderr, "%s RI extension received by client\n",
|
|
||||||
+ ilen ? "Non-empty" : "Empty");
|
|
||||||
+#endif
|
|
||||||
+ s->s3->send_connection_binding=1;
|
|
||||||
|
|
||||||
return 1;
|
|
||||||
}
|
|
@ -1,237 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/apps/s_cb.c.reneg openssl-1.0.0-beta4/apps/s_cb.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_cb.c.reneg 2009-10-15 20:48:47.000000000 +0200
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_cb.c 2009-11-12 15:02:30.000000000 +0100
|
|
||||||
@@ -669,6 +669,10 @@ void MS_CALLBACK tlsext_cb(SSL *s, int c
|
|
||||||
extname = "server ticket";
|
|
||||||
break;
|
|
||||||
|
|
||||||
+ case TLSEXT_TYPE_renegotiate:
|
|
||||||
+ extname = "renegotiate";
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
#ifdef TLSEXT_TYPE_opaque_prf_input
|
|
||||||
case TLSEXT_TYPE_opaque_prf_input:
|
|
||||||
extname = "opaque PRF input";
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/s_client.c.reneg openssl-1.0.0-beta4/apps/s_client.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_client.c.reneg 2009-11-12 14:57:48.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_client.c 2009-11-12 15:01:48.000000000 +0100
|
|
||||||
@@ -343,6 +343,7 @@ static void sc_usage(void)
|
|
||||||
BIO_printf(bio_err," -status - request certificate status from server\n");
|
|
||||||
BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
|
|
||||||
#endif
|
|
||||||
+ BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_TLSEXT
|
|
||||||
@@ -657,6 +658,8 @@ int MAIN(int argc, char **argv)
|
|
||||||
#endif
|
|
||||||
else if (strcmp(*argv,"-serverpref") == 0)
|
|
||||||
off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
|
|
||||||
+ else if (strcmp(*argv,"-legacy_renegotiation") == 0)
|
|
||||||
+ off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
|
|
||||||
else if (strcmp(*argv,"-cipher") == 0)
|
|
||||||
{
|
|
||||||
if (--argc < 1) goto bad;
|
|
||||||
diff -up openssl-1.0.0-beta4/apps/s_server.c.reneg openssl-1.0.0-beta4/apps/s_server.c
|
|
||||||
--- openssl-1.0.0-beta4/apps/s_server.c.reneg 2009-11-12 14:57:48.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/apps/s_server.c 2009-11-12 15:01:48.000000000 +0100
|
|
||||||
@@ -491,6 +491,7 @@ static void sv_usage(void)
|
|
||||||
BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2);
|
|
||||||
BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
|
|
||||||
BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
|
|
||||||
+ BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1013,6 +1014,8 @@ int MAIN(int argc, char *argv[])
|
|
||||||
verify_return_error = 1;
|
|
||||||
else if (strcmp(*argv,"-serverpref") == 0)
|
|
||||||
{ off|=SSL_OP_CIPHER_SERVER_PREFERENCE; }
|
|
||||||
+ else if (strcmp(*argv,"-legacy_renegotiation") == 0)
|
|
||||||
+ off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
|
|
||||||
else if (strcmp(*argv,"-cipher") == 0)
|
|
||||||
{
|
|
||||||
if (--argc < 1) goto bad;
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/tls1.h.reneg openssl-1.0.0-beta4/ssl/tls1.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/tls1.h.reneg 2009-11-12 14:57:47.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/tls1.h 2009-11-12 15:02:30.000000000 +0100
|
|
||||||
@@ -201,6 +201,9 @@ extern "C" {
|
|
||||||
# define TLSEXT_TYPE_opaque_prf_input ?? */
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+/* Temporary extension type */
|
|
||||||
+#define TLSEXT_TYPE_renegotiate 0xff01
|
|
||||||
+
|
|
||||||
/* NameType value from RFC 3546 */
|
|
||||||
#define TLSEXT_NAMETYPE_host_name 0
|
|
||||||
/* status request value from RFC 3546 */
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/t1_lib.c.reneg openssl-1.0.0-beta4/ssl/t1_lib.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/t1_lib.c.reneg 2009-11-08 15:36:32.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/t1_lib.c 2009-11-12 15:02:30.000000000 +0100
|
|
||||||
@@ -315,6 +315,30 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
||||||
ret+=size_str;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ /* Add the renegotiation option: TODOEKR switch */
|
|
||||||
+ {
|
|
||||||
+ int el;
|
|
||||||
+
|
|
||||||
+ if(!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if((limit - p - 4 - el) < 0) return NULL;
|
|
||||||
+
|
|
||||||
+ s2n(TLSEXT_TYPE_renegotiate,ret);
|
|
||||||
+ s2n(el,ret);
|
|
||||||
+
|
|
||||||
+ if(!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ ret += el;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
if (s->tlsext_ecpointformatlist != NULL)
|
|
||||||
{
|
|
||||||
@@ -490,6 +514,31 @@ unsigned char *ssl_add_serverhello_tlsex
|
|
||||||
s2n(TLSEXT_TYPE_server_name,ret);
|
|
||||||
s2n(0,ret);
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ if(s->s3->send_connection_binding)
|
|
||||||
+ {
|
|
||||||
+ int el;
|
|
||||||
+
|
|
||||||
+ if(!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if((limit - p - 4 - el) < 0) return NULL;
|
|
||||||
+
|
|
||||||
+ s2n(TLSEXT_TYPE_renegotiate,ret);
|
|
||||||
+ s2n(el,ret);
|
|
||||||
+
|
|
||||||
+ if(!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el))
|
|
||||||
+ {
|
|
||||||
+ SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
|
||||||
+ return NULL;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ ret += el;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
#ifndef OPENSSL_NO_EC
|
|
||||||
if (s->tlsext_ecpointformatlist != NULL)
|
|
||||||
{
|
|
||||||
@@ -574,11 +623,23 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
unsigned short size;
|
|
||||||
unsigned short len;
|
|
||||||
unsigned char *data = *p;
|
|
||||||
+ int renegotiate_seen = 0;
|
|
||||||
+
|
|
||||||
s->servername_done = 0;
|
|
||||||
s->tlsext_status_type = -1;
|
|
||||||
+ s->s3->send_connection_binding = 0;
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
+ {
|
|
||||||
+ if (s->new_session
|
|
||||||
+ && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ /* We should always see one extension: the renegotiate extension */
|
|
||||||
+ *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
return 1;
|
|
||||||
+ }
|
|
||||||
n2s(data,len);
|
|
||||||
|
|
||||||
if (data > (d+n-len))
|
|
||||||
@@ -790,6 +851,12 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+ else if (type == TLSEXT_TYPE_renegotiate)
|
|
||||||
+ {
|
|
||||||
+ if(!ssl_parse_clienthello_renegotiate_ext(s, data, size, al))
|
|
||||||
+ return 0;
|
|
||||||
+ renegotiate_seen = 1;
|
|
||||||
+ }
|
|
||||||
else if (type == TLSEXT_TYPE_status_request
|
|
||||||
&& s->ctx->tlsext_status_cb)
|
|
||||||
{
|
|
||||||
@@ -894,6 +961,14 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
||||||
/* session ticket processed earlier */
|
|
||||||
data+=size;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ if (s->new_session && !renegotiate_seen
|
|
||||||
+ && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
|
|
||||||
*p = data;
|
|
||||||
return 1;
|
|
||||||
@@ -905,11 +980,22 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
unsigned short size;
|
|
||||||
unsigned short len;
|
|
||||||
unsigned char *data = *p;
|
|
||||||
-
|
|
||||||
int tlsext_servername = 0;
|
|
||||||
+ int renegotiate_seen = 0;
|
|
||||||
|
|
||||||
if (data >= (d+n-2))
|
|
||||||
+ {
|
|
||||||
+ /* Because the client does not see any renegotiation during an
|
|
||||||
+ attack, we must enforce this on all server hellos, even the
|
|
||||||
+ first */
|
|
||||||
+ if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ /* We should always see one extension: the renegotiate extension */
|
|
||||||
+ *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
return 1;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
n2s(data,len);
|
|
||||||
|
|
||||||
@@ -1025,7 +1111,12 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
/* Set flag to expect CertificateStatus message */
|
|
||||||
s->tlsext_status_expected = 1;
|
|
||||||
}
|
|
||||||
-
|
|
||||||
+ else if (type == TLSEXT_TYPE_renegotiate)
|
|
||||||
+ {
|
|
||||||
+ if(!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
|
|
||||||
+ return 0;
|
|
||||||
+ renegotiate_seen = 1;
|
|
||||||
+ }
|
|
||||||
data+=size;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1035,6 +1126,13 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ if (!renegotiate_seen
|
|
||||||
+ && !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
|
|
||||||
+ {
|
|
||||||
+ *al = SSL_AD_ILLEGAL_PARAMETER; /* is this the right alert? */
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if (!s->hit && tlsext_servername == 1)
|
|
||||||
{
|
|
||||||
if (s->tlsext_hostname)
|
|
@ -1,193 +0,0 @@
|
|||||||
diff -up openssl-1.0.0-beta4/ssl/ssl_err.c.tls-comp openssl-1.0.0-beta4/ssl/ssl_err.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl_err.c.tls-comp 2010-01-07 18:45:46.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl_err.c 2010-01-07 22:46:10.000000000 +0100
|
|
||||||
@@ -329,6 +329,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR),"cipher table src error"},
|
|
||||||
{ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT) ,"clienthello tlsext"},
|
|
||||||
{ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),"compressed length too long"},
|
|
||||||
+{ERR_REASON(SSL_R_COMPRESSION_DISABLED) ,"compression disabled"},
|
|
||||||
{ERR_REASON(SSL_R_COMPRESSION_FAILURE) ,"compression failure"},
|
|
||||||
{ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),"compression id not within private range"},
|
|
||||||
{ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),"compression library error"},
|
|
||||||
@@ -357,8 +358,10 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST) ,"https proxy request"},
|
|
||||||
{ERR_REASON(SSL_R_HTTP_REQUEST) ,"http request"},
|
|
||||||
{ERR_REASON(SSL_R_ILLEGAL_PADDING) ,"illegal padding"},
|
|
||||||
+{ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION),"inconsistent compression"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid challenge length"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid command"},
|
|
||||||
+{ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),"invalid compression algorithm"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_PURPOSE) ,"invalid purpose"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE),"invalid status response"},
|
|
||||||
{ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),"invalid ticket keys length"},
|
|
||||||
@@ -421,6 +424,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_NULL_SSL_CTX) ,"null ssl ctx"},
|
|
||||||
{ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED),"null ssl method passed"},
|
|
||||||
{ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),"old session cipher not returned"},
|
|
||||||
+{ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),"old session compression algorithm not returned"},
|
|
||||||
{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),"only tls allowed in fips mode"},
|
|
||||||
{ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG),"opaque PRF input too long"},
|
|
||||||
{ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG),"packet length too long"},
|
|
||||||
@@ -451,6 +455,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
||||||
{ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),"renegotiation encoding err"},
|
|
||||||
{ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH),"renegotiation mismatch"},
|
|
||||||
{ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING),"required cipher missing"},
|
|
||||||
+{ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),"required compresssion algorithm missing"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),"reuse cert length not zero"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO),"reuse cert type not zero"},
|
|
||||||
{ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),"reuse cipher list not zero"},
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/ssl.h.tls-comp openssl-1.0.0-beta4/ssl/ssl.h
|
|
||||||
--- openssl-1.0.0-beta4/ssl/ssl.h.tls-comp 2010-01-07 18:45:46.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/ssl.h 2010-01-07 22:47:07.000000000 +0100
|
|
||||||
@@ -485,7 +485,7 @@ typedef struct ssl_session_st
|
|
||||||
long timeout;
|
|
||||||
long time;
|
|
||||||
|
|
||||||
- int compress_meth; /* Need to lookup the method */
|
|
||||||
+ unsigned int compress_meth; /* Need to lookup the method */
|
|
||||||
|
|
||||||
const SSL_CIPHER *cipher;
|
|
||||||
unsigned long cipher_id; /* when ASN.1 loaded, this
|
|
||||||
@@ -2051,6 +2051,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
|
|
||||||
#define SSL_R_CLIENTHELLO_TLSEXT 226
|
|
||||||
#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
|
|
||||||
+#define SSL_R_COMPRESSION_DISABLED 343
|
|
||||||
#define SSL_R_COMPRESSION_FAILURE 141
|
|
||||||
#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
|
|
||||||
#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
|
|
||||||
@@ -2079,8 +2080,10 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_HTTPS_PROXY_REQUEST 155
|
|
||||||
#define SSL_R_HTTP_REQUEST 156
|
|
||||||
#define SSL_R_ILLEGAL_PADDING 283
|
|
||||||
+#define SSL_R_INCONSISTENT_COMPRESSION 340
|
|
||||||
#define SSL_R_INVALID_CHALLENGE_LENGTH 158
|
|
||||||
#define SSL_R_INVALID_COMMAND 280
|
|
||||||
+#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
|
|
||||||
#define SSL_R_INVALID_PURPOSE 278
|
|
||||||
#define SSL_R_INVALID_STATUS_RESPONSE 328
|
|
||||||
#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
|
|
||||||
@@ -2143,6 +2146,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_NULL_SSL_CTX 195
|
|
||||||
#define SSL_R_NULL_SSL_METHOD_PASSED 196
|
|
||||||
#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
|
|
||||||
+#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
|
|
||||||
#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
|
|
||||||
#define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
|
|
||||||
#define SSL_R_PACKET_LENGTH_TOO_LONG 198
|
|
||||||
@@ -2173,6 +2177,7 @@ void ERR_load_SSL_strings(void);
|
|
||||||
#define SSL_R_RENEGOTIATION_ENCODING_ERR 336
|
|
||||||
#define SSL_R_RENEGOTIATION_MISMATCH 337
|
|
||||||
#define SSL_R_REQUIRED_CIPHER_MISSING 215
|
|
||||||
+#define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
|
|
||||||
#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
|
|
||||||
#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
|
|
||||||
#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_clnt.c.tls-comp openssl-1.0.0-beta4/ssl/s3_clnt.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_clnt.c.tls-comp 2010-01-07 17:53:12.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_clnt.c 2010-01-07 22:47:07.000000000 +0100
|
|
||||||
@@ -895,10 +895,31 @@ int ssl3_get_server_hello(SSL *s)
|
|
||||||
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
|
|
||||||
goto f_err;
|
|
||||||
}
|
|
||||||
+ /* If compression is disabled we'd better not try to resume a session
|
|
||||||
+ * using compression.
|
|
||||||
+ */
|
|
||||||
+ if (s->session->compress_meth != 0)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_INTERNAL_ERROR;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
#else
|
|
||||||
j= *(p++);
|
|
||||||
- if ((j == 0) || (s->options & SSL_OP_NO_COMPRESSION))
|
|
||||||
+ if (s->hit && j != s->session->compress_meth)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
+ if (j == 0)
|
|
||||||
comp=NULL;
|
|
||||||
+ else if (s->options & SSL_OP_NO_COMPRESSION)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_COMPRESSION_DISABLED);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
else
|
|
||||||
comp=ssl3_comp_find(s->ctx->comp_methods,j);
|
|
||||||
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s3_srvr.c.tls-comp openssl-1.0.0-beta4/ssl/s3_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s3_srvr.c.tls-comp 2010-01-07 17:53:12.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s3_srvr.c 2010-01-07 22:46:10.000000000 +0100
|
|
||||||
@@ -1088,7 +1088,50 @@ int ssl3_get_client_hello(SSL *s)
|
|
||||||
* algorithms from the client, starting at q. */
|
|
||||||
s->s3->tmp.new_compression=NULL;
|
|
||||||
#ifndef OPENSSL_NO_COMP
|
|
||||||
- if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods)
|
|
||||||
+ /* This only happens if we have a cache hit */
|
|
||||||
+ if (s->session->compress_meth != 0)
|
|
||||||
+ {
|
|
||||||
+ int m, comp_id = s->session->compress_meth;
|
|
||||||
+ /* Perform sanity checks on resumed compression algorithm */
|
|
||||||
+ /* Can't disable compression */
|
|
||||||
+ if (s->options & SSL_OP_NO_COMPRESSION)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_INTERNAL_ERROR;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
+ /* Look for resumed compression method */
|
|
||||||
+ for (m = 0; m < sk_SSL_COMP_num(s->ctx->comp_methods); m++)
|
|
||||||
+ {
|
|
||||||
+ comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
|
|
||||||
+ if (comp_id == comp->id)
|
|
||||||
+ {
|
|
||||||
+ s->s3->tmp.new_compression=comp;
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ if (s->s3->tmp.new_compression == NULL)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_INTERNAL_ERROR;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_INVALID_COMPRESSION_ALGORITHM);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
+ /* Look for resumed method in compression list */
|
|
||||||
+ for (m = 0; m < i; m++)
|
|
||||||
+ {
|
|
||||||
+ if (q[m] == comp_id)
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ if (m >= i)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_ILLEGAL_PARAMETER;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ else if (s->hit)
|
|
||||||
+ comp = NULL;
|
|
||||||
+ else if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods)
|
|
||||||
{ /* See if we have a match */
|
|
||||||
int m,nn,o,v,done=0;
|
|
||||||
|
|
||||||
@@ -1112,6 +1155,16 @@ int ssl3_get_client_hello(SSL *s)
|
|
||||||
else
|
|
||||||
comp=NULL;
|
|
||||||
}
|
|
||||||
+#else
|
|
||||||
+ /* If compression is disabled we'd better not try to resume a session
|
|
||||||
+ * using compression.
|
|
||||||
+ */
|
|
||||||
+ if (s->session->compress_meth != 0)
|
|
||||||
+ {
|
|
||||||
+ al=SSL_AD_INTERNAL_ERROR;
|
|
||||||
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
|
|
||||||
+ goto f_err;
|
|
||||||
+ }
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Given s->session->ciphers and SSL_get_ciphers, we must
|
|
@ -1,27 +0,0 @@
|
|||||||
Fix handling of future TLS versions.
|
|
||||||
diff -up openssl-1.0.0-beta4/ssl/s23_srvr.c.tlsver openssl-1.0.0-beta4/ssl/s23_srvr.c
|
|
||||||
--- openssl-1.0.0-beta4/ssl/s23_srvr.c.tlsver 2010-01-12 22:20:15.000000000 +0100
|
|
||||||
+++ openssl-1.0.0-beta4/ssl/s23_srvr.c 2010-01-13 22:02:47.000000000 +0100
|
|
||||||
@@ -315,7 +315,7 @@ int ssl23_get_client_hello(SSL *s)
|
|
||||||
(p[1] == SSL3_VERSION_MAJOR) &&
|
|
||||||
(p[5] == SSL3_MT_CLIENT_HELLO) &&
|
|
||||||
((p[3] == 0 && p[4] < 5 /* silly record length? */)
|
|
||||||
- || (p[9] == p[1])))
|
|
||||||
+ || (p[9] >= p[1])))
|
|
||||||
{
|
|
||||||
/*
|
|
||||||
* SSLv3 or tls1 header
|
|
||||||
@@ -339,6 +339,13 @@ int ssl23_get_client_hello(SSL *s)
|
|
||||||
v[1] = TLS1_VERSION_MINOR;
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
+ /* if major version number > 3 set minor to a value
|
|
||||||
+ * which will use the highest version 3 we support.
|
|
||||||
+ * If TLS 2.0 ever appears we will need to revise
|
|
||||||
+ * this....
|
|
||||||
+ */
|
|
||||||
+ else if (p[9] > SSL3_VERSION_MAJOR)
|
|
||||||
+ v[1]=0xff;
|
|
||||||
else
|
|
||||||
v[1]=p[10]; /* minor version according to client_version */
|
|
||||||
if (v[1] >= TLS1_VERSION_MINOR)
|
|
@ -1,16 +1,16 @@
|
|||||||
diff -up openssl-1.0.0-beta3/ssl/ssl.h.cipher-change openssl-1.0.0-beta3/ssl/ssl.h
|
diff -up openssl-1.0.0-beta5/ssl/ssl.h.cipher-change openssl-1.0.0-beta5/ssl/ssl.h
|
||||||
--- openssl-1.0.0-beta3/ssl/ssl.h.cipher-change 2009-08-05 18:22:45.000000000 +0200
|
--- openssl-1.0.0-beta5/ssl/ssl.h.cipher-change 2010-01-20 18:12:07.000000000 +0100
|
||||||
+++ openssl-1.0.0-beta3/ssl/ssl.h 2009-08-05 18:27:32.000000000 +0200
|
+++ openssl-1.0.0-beta5/ssl/ssl.h 2010-01-20 18:13:04.000000000 +0100
|
||||||
@@ -511,7 +511,7 @@ typedef struct ssl_session_st
|
@@ -513,7 +513,7 @@ typedef struct ssl_session_st
|
||||||
|
|
||||||
#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
|
|
||||||
#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
|
#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
|
||||||
|
/* Allow initial connection to servers that don't support RI */
|
||||||
|
#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
|
||||||
-#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
|
-#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
|
||||||
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L /* can break some security expectations */
|
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L /* can break some security expectations */
|
||||||
#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
|
#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
|
||||||
#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
|
#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
|
||||||
#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */
|
#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */
|
||||||
@@ -528,7 +528,7 @@ typedef struct ssl_session_st
|
@@ -530,7 +530,7 @@ typedef struct ssl_session_st
|
||||||
|
|
||||||
/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
|
/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
|
||||||
* This used to be 0x000FFFFFL before 0.9.7. */
|
* This used to be 0x000FFFFFL before 0.9.7. */
|
@ -1,6 +1,6 @@
|
|||||||
diff -up openssl-1.0.0-beta4/Configure.enginesdir openssl-1.0.0-beta4/Configure
|
diff -up openssl-1.0.0-beta5/Configure.enginesdir openssl-1.0.0-beta5/Configure
|
||||||
--- openssl-1.0.0-beta4/Configure.enginesdir 2009-11-12 12:17:59.000000000 +0100
|
--- openssl-1.0.0-beta5/Configure.enginesdir 2010-01-20 18:07:05.000000000 +0100
|
||||||
+++ openssl-1.0.0-beta4/Configure 2009-11-12 12:19:45.000000000 +0100
|
+++ openssl-1.0.0-beta5/Configure 2010-01-20 18:10:48.000000000 +0100
|
||||||
@@ -622,6 +622,7 @@ my $idx_multilib = $idx++;
|
@@ -622,6 +622,7 @@ my $idx_multilib = $idx++;
|
||||||
my $prefix="";
|
my $prefix="";
|
||||||
my $libdir="";
|
my $libdir="";
|
||||||
@ -20,7 +20,7 @@ diff -up openssl-1.0.0-beta4/Configure.enginesdir openssl-1.0.0-beta4/Configure
|
|||||||
elsif (/^--install.prefix=(.*)$/)
|
elsif (/^--install.prefix=(.*)$/)
|
||||||
{
|
{
|
||||||
$install_prefix=$1;
|
$install_prefix=$1;
|
||||||
@@ -1055,7 +1060,7 @@ chop $prefix if $prefix =~ /.\/$/;
|
@@ -1053,7 +1058,7 @@ chop $prefix if $prefix =~ /.\/$/;
|
||||||
|
|
||||||
$openssldir=$prefix . "/ssl" if $openssldir eq "";
|
$openssldir=$prefix . "/ssl" if $openssldir eq "";
|
||||||
$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
|
$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
|
||||||
@ -29,18 +29,18 @@ diff -up openssl-1.0.0-beta4/Configure.enginesdir openssl-1.0.0-beta4/Configure
|
|||||||
|
|
||||||
print "IsMK1MF=$IsMK1MF\n";
|
print "IsMK1MF=$IsMK1MF\n";
|
||||||
|
|
||||||
@@ -1676,7 +1681,7 @@ while (<IN>)
|
@@ -1673,7 +1678,7 @@ while (<IN>)
|
||||||
# $foo is to become "$prefix/lib$multilib/engines";
|
}
|
||||||
# as Makefile.org and engines/Makefile are adapted for
|
elsif (/^#define\s+ENGINESDIR/)
|
||||||
# $multilib suffix.
|
{
|
||||||
- my $foo = "$prefix/lib/engines";
|
- my $foo = "$prefix/$libdir/engines";
|
||||||
+ my $foo = "$enginesdir";
|
+ my $foo = "$enginesdir";
|
||||||
$foo =~ s/\\/\\\\/g;
|
$foo =~ s/\\/\\\\/g;
|
||||||
print OUT "#define ENGINESDIR \"$foo\"\n";
|
print OUT "#define ENGINESDIR \"$foo\"\n";
|
||||||
}
|
}
|
||||||
diff -up openssl-1.0.0-beta4/engines/Makefile.enginesdir openssl-1.0.0-beta4/engines/Makefile
|
diff -up openssl-1.0.0-beta5/engines/Makefile.enginesdir openssl-1.0.0-beta5/engines/Makefile
|
||||||
--- openssl-1.0.0-beta4/engines/Makefile.enginesdir 2009-11-10 02:52:52.000000000 +0100
|
--- openssl-1.0.0-beta5/engines/Makefile.enginesdir 2010-01-16 21:06:09.000000000 +0100
|
||||||
+++ openssl-1.0.0-beta4/engines/Makefile 2009-11-12 12:23:06.000000000 +0100
|
+++ openssl-1.0.0-beta5/engines/Makefile 2010-01-20 18:07:05.000000000 +0100
|
||||||
@@ -124,7 +124,7 @@ install:
|
@@ -124,7 +124,7 @@ install:
|
||||||
sfx=".so"; \
|
sfx=".so"; \
|
||||||
cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
|
cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
|
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
|||||||
diff -up openssl-0.9.8j/README.warning openssl-0.9.8j/README
|
diff -up openssl-1.0.0-beta5/README.warning openssl-1.0.0-beta5/README
|
||||||
--- openssl-0.9.8j/README.warning 2009-01-07 11:50:53.000000000 +0100
|
--- openssl-1.0.0-beta5/README.warning 2010-01-20 16:00:47.000000000 +0100
|
||||||
+++ openssl-0.9.8j/README 2009-01-14 17:43:02.000000000 +0100
|
+++ openssl-1.0.0-beta5/README 2010-01-21 09:06:11.000000000 +0100
|
||||||
@@ -5,6 +5,31 @@
|
@@ -5,6 +5,35 @@
|
||||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||||
All rights reserved.
|
All rights reserved.
|
||||||
|
|
||||||
@ -15,9 +15,15 @@ diff -up openssl-0.9.8j/README.warning openssl-0.9.8j/README
|
|||||||
+
|
+
|
||||||
+ This version also contains a few differences from the upstream code
|
+ This version also contains a few differences from the upstream code
|
||||||
+ some of which are:
|
+ some of which are:
|
||||||
+ * The FIPS integrity verification check is implemented differently
|
+ * There are added changes forward ported from the upstream OpenSSL
|
||||||
+ from the upstream FIPS validated OpenSSL module. It verifies
|
+ 0.9.8 FIPS branch however the FIPS integrity verification check
|
||||||
+ HMAC-SHA256 checksum of the whole libcrypto shared library.
|
+ is implemented differently from the upstream FIPS validated OpenSSL
|
||||||
|
+ module. It verifies HMAC-SHA256 checksum of the whole shared
|
||||||
|
+ libraries. For this reason the changes are ported to files in the
|
||||||
|
+ crypto directory and not in a separate fips subdirectory. Also
|
||||||
|
+ note that the FIPS integrity verification check requires unmodified
|
||||||
|
+ libcrypto and libssl shared library files which means that it will
|
||||||
|
+ fail if these files are modified for example by prelink.
|
||||||
+ * The module respects the kernel FIPS flag /proc/sys/crypto/fips and
|
+ * The module respects the kernel FIPS flag /proc/sys/crypto/fips and
|
||||||
+ tries to initialize the FIPS mode if it is set to 1 aborting if the
|
+ tries to initialize the FIPS mode if it is set to 1 aborting if the
|
||||||
+ FIPS mode could not be initialized. It is also possible to force the
|
+ FIPS mode could not be initialized. It is also possible to force the
|
||||||
@ -27,8 +33,6 @@ diff -up openssl-0.9.8j/README.warning openssl-0.9.8j/README
|
|||||||
+ will not automatically load the built in compression method ZLIB
|
+ will not automatically load the built in compression method ZLIB
|
||||||
+ when initialized. Applications can still explicitely ask for ZLIB
|
+ when initialized. Applications can still explicitely ask for ZLIB
|
||||||
+ compression method.
|
+ compression method.
|
||||||
+ * There is added a support for EAP-FAST through TLS extension. This code
|
|
||||||
+ is backported from OpenSSL upstream development branch.
|
|
||||||
+
|
+
|
||||||
DESCRIPTION
|
DESCRIPTION
|
||||||
-----------
|
-----------
|
@ -1,14 +1,14 @@
|
|||||||
We have to keep the beta status on 3 as some applications (OpenSSH) incorrectly insist
|
We have to keep the beta status on 3 as some applications (OpenSSH) incorrectly insist
|
||||||
on having the same beta status of OpenSSL library as they were built against.
|
on having the same beta status of OpenSSL library as they were built against.
|
||||||
diff -up openssl-1.0.0-beta4/crypto/opensslv.h.version openssl-1.0.0-beta4/crypto/opensslv.h
|
diff -up openssl-1.0.0-beta5/crypto/opensslv.h.version openssl-1.0.0-beta5/crypto/opensslv.h
|
||||||
--- openssl-1.0.0-beta4/crypto/opensslv.h.version 2009-11-12 15:17:28.000000000 +0100
|
--- openssl-1.0.0-beta5/crypto/opensslv.h.version 2010-01-20 18:16:43.000000000 +0100
|
||||||
+++ openssl-1.0.0-beta4/crypto/opensslv.h 2009-11-13 12:39:08.000000000 +0100
|
+++ openssl-1.0.0-beta5/crypto/opensslv.h 2010-01-20 20:20:23.000000000 +0100
|
||||||
@@ -25,7 +25,7 @@
|
@@ -25,7 +25,7 @@
|
||||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||||
* major minor fix final patch/beta)
|
* major minor fix final patch/beta)
|
||||||
*/
|
*/
|
||||||
-#define OPENSSL_VERSION_NUMBER 0x10000004L
|
-#define OPENSSL_VERSION_NUMBER 0x10000005L
|
||||||
+#define OPENSSL_VERSION_NUMBER 0x10000003L
|
+#define OPENSSL_VERSION_NUMBER 0x10000003L
|
||||||
#ifdef OPENSSL_FIPS
|
#ifdef OPENSSL_FIPS
|
||||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0-fips-beta4 10 Nov 2009"
|
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0-fips-beta5 20 Jan 2010"
|
||||||
#else
|
#else
|
56
openssl.spec
56
openssl.spec
@ -11,7 +11,7 @@
|
|||||||
# 1.0.0 soversion = 10
|
# 1.0.0 soversion = 10
|
||||||
%define soversion 10
|
%define soversion 10
|
||||||
|
|
||||||
%define beta beta4
|
%define beta beta5
|
||||||
|
|
||||||
# Number of threads to spawn when testing some threading fixes.
|
# Number of threads to spawn when testing some threading fixes.
|
||||||
%define thread_test_threads %{?threads:%{threads}}%{!?threads:1}
|
%define thread_test_threads %{?threads:%{threads}}%{!?threads:1}
|
||||||
@ -23,7 +23,7 @@
|
|||||||
Summary: A general purpose cryptography library with TLS implementation
|
Summary: A general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 1.0.0
|
Version: 1.0.0
|
||||||
Release: 0.19.%{beta}%{?dist}
|
Release: 0.20.%{beta}%{?dist}
|
||||||
# We remove certain patented algorithms from the openssl source tarball
|
# We remove certain patented algorithms from the openssl source tarball
|
||||||
# with the hobble-openssl script which is included below.
|
# with the hobble-openssl script which is included below.
|
||||||
Source: openssl-%{version}-%{beta}-usa.tar.bz2
|
Source: openssl-%{version}-%{beta}-usa.tar.bz2
|
||||||
@ -38,43 +38,30 @@ Source11: README.FIPS
|
|||||||
Patch0: openssl-1.0.0-beta4-redhat.patch
|
Patch0: openssl-1.0.0-beta4-redhat.patch
|
||||||
Patch1: openssl-1.0.0-beta3-defaults.patch
|
Patch1: openssl-1.0.0-beta3-defaults.patch
|
||||||
Patch3: openssl-1.0.0-beta3-soversion.patch
|
Patch3: openssl-1.0.0-beta3-soversion.patch
|
||||||
Patch4: openssl-1.0.0-beta4-enginesdir.patch
|
Patch4: openssl-1.0.0-beta5-enginesdir.patch
|
||||||
Patch5: openssl-0.9.8a-no-rpath.patch
|
Patch5: openssl-0.9.8a-no-rpath.patch
|
||||||
Patch6: openssl-0.9.8b-test-use-localhost.patch
|
Patch6: openssl-0.9.8b-test-use-localhost.patch
|
||||||
# Bug fixes
|
# Bug fixes
|
||||||
Patch23: openssl-1.0.0-beta4-default-paths.patch
|
Patch23: openssl-1.0.0-beta4-default-paths.patch
|
||||||
Patch24: openssl-1.0.0-beta4-binutils.patch
|
Patch24: openssl-0.9.8j-bad-mime.patch
|
||||||
# Functionality changes
|
# Functionality changes
|
||||||
Patch32: openssl-0.9.8g-ia64.patch
|
Patch32: openssl-0.9.8g-ia64.patch
|
||||||
Patch33: openssl-1.0.0-beta4-ca-dir.patch
|
Patch33: openssl-1.0.0-beta4-ca-dir.patch
|
||||||
Patch34: openssl-0.9.6-x509.patch
|
Patch34: openssl-0.9.6-x509.patch
|
||||||
Patch35: openssl-0.9.8j-version-add-engines.patch
|
Patch35: openssl-0.9.8j-version-add-engines.patch
|
||||||
Patch38: openssl-1.0.0-beta3-cipher-change.patch
|
Patch38: openssl-1.0.0-beta5-cipher-change.patch
|
||||||
Patch39: openssl-1.0.0-beta3-ipv6-apps.patch
|
Patch39: openssl-1.0.0-beta3-ipv6-apps.patch
|
||||||
Patch40: openssl-1.0.0-beta4-fips.patch
|
Patch40: openssl-1.0.0-beta5-fips.patch
|
||||||
Patch41: openssl-1.0.0-beta3-fipscheck.patch
|
Patch41: openssl-1.0.0-beta3-fipscheck.patch
|
||||||
Patch43: openssl-1.0.0-beta3-fipsmode.patch
|
Patch43: openssl-1.0.0-beta3-fipsmode.patch
|
||||||
Patch44: openssl-1.0.0-beta3-fipsrng.patch
|
Patch44: openssl-1.0.0-beta3-fipsrng.patch
|
||||||
Patch45: openssl-0.9.8j-env-nozlib.patch
|
Patch45: openssl-0.9.8j-env-nozlib.patch
|
||||||
Patch47: openssl-0.9.8j-readme-warning.patch
|
Patch47: openssl-1.0.0-beta5-readme-warning.patch
|
||||||
Patch48: openssl-0.9.8j-bad-mime.patch
|
|
||||||
Patch49: openssl-1.0.0-beta4-algo-doc.patch
|
Patch49: openssl-1.0.0-beta4-algo-doc.patch
|
||||||
Patch50: openssl-1.0.0-beta4-dtls1-abi.patch
|
Patch50: openssl-1.0.0-beta4-dtls1-abi.patch
|
||||||
Patch51: openssl-1.0.0-beta4-version.patch
|
Patch51: openssl-1.0.0-beta5-version.patch
|
||||||
|
Patch52: openssl-1.0.0-beta4-aesni.patch
|
||||||
# Backported fixes including security fixes
|
# Backported fixes including security fixes
|
||||||
Patch60: openssl-1.0.0-beta4-reneg.patch
|
|
||||||
# This one is not backported but has to be applied after reneg patch
|
|
||||||
Patch61: openssl-1.0.0-beta4-client-reneg.patch
|
|
||||||
Patch62: openssl-1.0.0-beta4-backports.patch
|
|
||||||
Patch63: openssl-1.0.0-beta4-reneg-err.patch
|
|
||||||
Patch64: openssl-1.0.0-beta4-dtls-ipv6.patch
|
|
||||||
Patch65: openssl-1.0.0-beta4-dtls-reneg.patch
|
|
||||||
Patch66: openssl-1.0.0-beta4-backports2.patch
|
|
||||||
Patch67: openssl-1.0.0-beta4-reneg-scsv.patch
|
|
||||||
Patch68: openssl-1.0.0-beta4-tls-comp.patch
|
|
||||||
Patch69: openssl-1.0.0-beta4-aesni.patch
|
|
||||||
Patch70: openssl-1.0.0-beta4-tlsver.patch
|
|
||||||
Patch71: openssl-1.0.0-beta4-cve-2009-4355.patch
|
|
||||||
|
|
||||||
License: OpenSSL
|
License: OpenSSL
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -135,7 +122,7 @@ from other formats to the formats used by the OpenSSL toolkit.
|
|||||||
%patch6 -p1 -b .use-localhost
|
%patch6 -p1 -b .use-localhost
|
||||||
|
|
||||||
%patch23 -p1 -b .default-paths
|
%patch23 -p1 -b .default-paths
|
||||||
%patch24 -p1 -b .binutils
|
%patch24 -p1 -b .bad-mime
|
||||||
|
|
||||||
%patch32 -p1 -b .ia64
|
%patch32 -p1 -b .ia64
|
||||||
%patch33 -p1 -b .ca-dir
|
%patch33 -p1 -b .ca-dir
|
||||||
@ -149,23 +136,10 @@ from other formats to the formats used by the OpenSSL toolkit.
|
|||||||
%patch44 -p1 -b .fipsrng
|
%patch44 -p1 -b .fipsrng
|
||||||
%patch45 -p1 -b .env-nozlib
|
%patch45 -p1 -b .env-nozlib
|
||||||
%patch47 -p1 -b .warning
|
%patch47 -p1 -b .warning
|
||||||
%patch48 -p1 -b .bad-mime
|
|
||||||
%patch49 -p1 -b .algo-doc
|
%patch49 -p1 -b .algo-doc
|
||||||
%patch50 -p1 -b .dtls1-abi
|
%patch50 -p1 -b .dtls1-abi
|
||||||
%patch51 -p1 -b .version
|
%patch51 -p1 -b .version
|
||||||
|
%patch52 -p1 -b .aesni
|
||||||
%patch60 -p1 -b .reneg
|
|
||||||
%patch61 -p1 -b .client-reneg
|
|
||||||
%patch62 -p1 -b .backports
|
|
||||||
%patch63 -p1 -b .reneg-err
|
|
||||||
%patch64 -p1 -b .dtls-ipv6
|
|
||||||
%patch65 -p1 -b .dtls-reneg
|
|
||||||
%patch66 -p1 -b .backports2
|
|
||||||
%patch67 -p1 -b .scsv
|
|
||||||
%patch68 -p1 -b .tls-comp
|
|
||||||
%patch69 -p1 -b .aesni
|
|
||||||
%patch70 -p1 -b .tlsver
|
|
||||||
%patch71 -p1 -b .compleak
|
|
||||||
|
|
||||||
# Modify the various perl scripts to reference perl in the right location.
|
# Modify the various perl scripts to reference perl in the right location.
|
||||||
perl util/perlpath.pl `dirname %{__perl}`
|
perl util/perlpath.pl `dirname %{__perl}`
|
||||||
@ -264,12 +238,9 @@ make -C test apps tests
|
|||||||
install -d $RPM_BUILD_ROOT{%{_bindir},%{_includedir},%{_libdir},%{_mandir},%{_libdir}/openssl}
|
install -d $RPM_BUILD_ROOT{%{_bindir},%{_includedir},%{_libdir},%{_mandir},%{_libdir}/openssl}
|
||||||
make INSTALL_PREFIX=$RPM_BUILD_ROOT install
|
make INSTALL_PREFIX=$RPM_BUILD_ROOT install
|
||||||
make INSTALL_PREFIX=$RPM_BUILD_ROOT install_docs
|
make INSTALL_PREFIX=$RPM_BUILD_ROOT install_docs
|
||||||
# OpenSSL install doesn't use correct _libdir on 64 bit archs
|
mv $RPM_BUILD_ROOT%{_libdir}/engines $RPM_BUILD_ROOT%{_libdir}/openssl
|
||||||
[ "%{_libdir}" != /usr/lib ] && mv $RPM_BUILD_ROOT/usr/lib/lib*.so.%{soversion} $RPM_BUILD_ROOT%{_libdir}/
|
|
||||||
mv $RPM_BUILD_ROOT/usr/lib/engines $RPM_BUILD_ROOT%{_libdir}/openssl
|
|
||||||
mv $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/man/* $RPM_BUILD_ROOT%{_mandir}/
|
mv $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/man/* $RPM_BUILD_ROOT%{_mandir}/
|
||||||
rmdir $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/man
|
rmdir $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/man
|
||||||
mv $RPM_BUILD_ROOT/usr/lib/* $RPM_BUILD_ROOT%{_libdir}/ || :
|
|
||||||
rename so.%{soversion} so.%{version} $RPM_BUILD_ROOT%{_libdir}/*.so.%{soversion}
|
rename so.%{soversion} so.%{version} $RPM_BUILD_ROOT%{_libdir}/*.so.%{soversion}
|
||||||
for lib in $RPM_BUILD_ROOT%{_libdir}/*.so.%{version} ; do
|
for lib in $RPM_BUILD_ROOT%{_libdir}/*.so.%{version} ; do
|
||||||
chmod 755 ${lib}
|
chmod 755 ${lib}
|
||||||
@ -414,6 +385,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
|||||||
%postun -p /sbin/ldconfig
|
%postun -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jan 20 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.20.beta5
|
||||||
|
- new upstream release
|
||||||
|
|
||||||
* Thu Jan 14 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.19.beta4
|
* Thu Jan 14 2010 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.19.beta4
|
||||||
- fix CVE-2009-4355 - leak in applications incorrectly calling
|
- fix CVE-2009-4355 - leak in applications incorrectly calling
|
||||||
CRYPTO_free_all_ex_data() before application exit (#546707)
|
CRYPTO_free_all_ex_data() before application exit (#546707)
|
||||||
|
Loading…
Reference in New Issue
Block a user