From c35453897494d2b488961f7a446b4df8e24c6f31 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Sun, 15 Jun 2014 22:21:10 +0200 Subject: Update OpenSSL to 1.0.1h --- main/openssl/include/openssl/bio.h | 3 +++ main/openssl/include/openssl/opensslv.h | 6 +++--- main/openssl/include/openssl/pkcs7.h | 1 + main/openssl/include/openssl/ssl.h | 36 ++++++++++++++++++++++++++------- main/openssl/include/openssl/ssl3.h | 10 +++++---- main/openssl/include/openssl/tls1.h | 1 + 6 files changed, 43 insertions(+), 14 deletions(-) (limited to 'main/openssl/include') diff --git a/main/openssl/include/openssl/bio.h b/main/openssl/include/openssl/bio.h index 05699ab2..d05fa22a 100644 --- a/main/openssl/include/openssl/bio.h +++ b/main/openssl/include/openssl/bio.h @@ -266,6 +266,9 @@ void BIO_clear_flags(BIO *b, int flags); #define BIO_RR_CONNECT 0x02 /* Returned from the accept BIO when an accept would have blocked */ #define BIO_RR_ACCEPT 0x03 +/* Returned from the SSL bio when the channel id retrieval code cannot find the + * private key. */ +#define BIO_RR_SSL_CHANNEL_ID_LOOKUP 0x04 /* These are passed by the BIO callback */ #define BIO_CB_FREE 0x01 diff --git a/main/openssl/include/openssl/opensslv.h b/main/openssl/include/openssl/opensslv.h index ebe71807..c3b6acec 100644 --- a/main/openssl/include/openssl/opensslv.h +++ b/main/openssl/include/openssl/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x1000107fL +#define OPENSSL_VERSION_NUMBER 0x1000108fL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1g-fips 7 Apr 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h-fips 5 Jun 2014" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1g 7 Apr 2014" +#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h 5 Jun 2014" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/main/openssl/include/openssl/pkcs7.h b/main/openssl/include/openssl/pkcs7.h index e4d44319..04f60379 100644 --- a/main/openssl/include/openssl/pkcs7.h +++ b/main/openssl/include/openssl/pkcs7.h @@ -453,6 +453,7 @@ void ERR_load_PKCS7_strings(void); #define PKCS7_R_ERROR_SETTING_CIPHER 121 #define PKCS7_R_INVALID_MIME_TYPE 131 #define PKCS7_R_INVALID_NULL_POINTER 143 +#define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155 #define PKCS7_R_MIME_NO_CONTENT_TYPE 132 #define PKCS7_R_MIME_PARSE_ERROR 133 #define PKCS7_R_MIME_SIG_PARSE_ERROR 134 diff --git a/main/openssl/include/openssl/ssl.h b/main/openssl/include/openssl/ssl.h index 54b0eb6c..06bb90f8 100644 --- a/main/openssl/include/openssl/ssl.h +++ b/main/openssl/include/openssl/ssl.h @@ -544,6 +544,13 @@ struct ssl_session_st #ifndef OPENSSL_NO_SRP char *srp_username; #endif + + /* original_handshake_hash contains the handshake hash (either + * SHA-1+MD5 or SHA-2, depending on TLS version) for the original, full + * handshake that created a session. This is used by Channel IDs during + * resumption. */ + unsigned char original_handshake_hash[EVP_MAX_MD_SIZE]; + unsigned int original_handshake_hash_len; }; #endif @@ -553,7 +560,7 @@ struct ssl_session_st /* Allow initial connection to servers that don't support RI */ #define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L -#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L +#define SSL_OP_TLSEXT_PADDING 0x00000010L #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L #define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L @@ -562,6 +569,8 @@ struct ssl_session_st /* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */ #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0 +/* Refers to ancient SSLREF and SSLv2, retained for compatibility */ +#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0 /* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS is vestigial. Previously it disabled the * insertion of empty records in CBC mode, but the empty records were commonly @@ -648,12 +657,14 @@ struct ssl_session_st * TLS only.) "Released" buffers are put onto a free-list in the context * or just freed (depending on the context's setting for freelist_max_len). */ #define SSL_MODE_RELEASE_BUFFERS 0x00000010L + /* Send the current time in the Random fields of the ClientHello and * ServerHello records for compatibility with hypothetical implementations * that require it. */ #define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L #define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L + /* When set, clients may send application data before receipt of CCS * and Finished. This mode enables full-handshakes to 'complete' in * one RTT. */ @@ -866,6 +877,9 @@ struct ssl_ctx_st /* get client cert callback */ int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey); + /* get channel id callback */ + void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey); + /* cookie generate callback */ int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len); @@ -1028,6 +1042,10 @@ struct ssl_ctx_st /* If true, a client will advertise the Channel ID extension and a * server will echo it. */ char tlsext_channel_id_enabled; + /* tlsext_channel_id_enabled_new is a hack to support both old and new + * ChannelID signatures. It indicates that a client should advertise the + * new ChannelID extension number. */ + char tlsext_channel_id_enabled_new; /* The client's Channel ID private key. */ EVP_PKEY *tlsext_channel_id_private; #endif @@ -1086,6 +1104,8 @@ void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,int type, void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val); void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey); +void SSL_CTX_set_channel_id_cb(SSL_CTX *ctx, void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey)); +void (*SSL_CTX_get_channel_id_cb(SSL_CTX *ctx))(SSL *ssl, EVP_PKEY **pkey); #ifndef OPENSSL_NO_ENGINE int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e); #endif @@ -1162,12 +1182,14 @@ const char *SSL_get_psk_identity(const SSL *s); #define SSL_WRITING 2 #define SSL_READING 3 #define SSL_X509_LOOKUP 4 +#define SSL_CHANNEL_ID_LOOKUP 5 /* These will only be used when doing non-blocking IO */ #define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) #define SSL_want_read(s) (SSL_want(s) == SSL_READING) #define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) #define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) +#define SSL_want_channel_id_lookup(s) (SSL_want(s) == SSL_CHANNEL_ID_LOOKUP) #define SSL_MAC_FLAG_READ_MAC_STREAM 1 #define SSL_MAC_FLAG_WRITE_MAC_STREAM 2 @@ -1602,6 +1624,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_ERROR_ZERO_RETURN 6 #define SSL_ERROR_WANT_CONNECT 7 #define SSL_ERROR_WANT_ACCEPT 8 +#define SSL_ERROR_WANT_CHANNEL_ID_LOOKUP 9 #define SSL_CTRL_NEED_TMP_RSA 1 #define SSL_CTRL_SET_TMP_RSA 2 @@ -1739,10 +1762,11 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_set_tmp_ecdh(ssl,ecdh) \ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) -/* SSL_enable_tls_channel_id configures a TLS server to accept TLS client - * IDs from clients. Returns 1 on success. */ -#define SSL_enable_tls_channel_id(ctx) \ - SSL_ctrl(ctx,SSL_CTRL_CHANNEL_ID,0,NULL) +/* SSL_enable_tls_channel_id either configures a TLS server to accept TLS client + * IDs from clients, or configure a client to send TLS client IDs to server. + * Returns 1 on success. */ +#define SSL_enable_tls_channel_id(s) \ + SSL_ctrl(s,SSL_CTRL_CHANNEL_ID,0,NULL) /* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to * compatible servers. private_key must be a P-256 EVP_PKEY*. Returns 1 on * success. */ @@ -1792,7 +1816,6 @@ int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits); char * SSL_CIPHER_get_version(const SSL_CIPHER *c); const char * SSL_CIPHER_get_name(const SSL_CIPHER *c); unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c); -const char* SSL_CIPHER_authentication_method(const SSL_CIPHER* cipher); int SSL_get_fd(const SSL *s); int SSL_get_rfd(const SSL *s); @@ -2707,7 +2730,6 @@ void ERR_load_SSL_strings(void); #define SSL_R_WRONG_VERSION_NUMBER 267 #define SSL_R_X509_LIB 268 #define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269 -#define SSL_R_UNEXPECTED_CCS 388 #ifdef __cplusplus } diff --git a/main/openssl/include/openssl/ssl3.h b/main/openssl/include/openssl/ssl3.h index f205f73d..83d59bff 100644 --- a/main/openssl/include/openssl/ssl3.h +++ b/main/openssl/include/openssl/ssl3.h @@ -388,9 +388,6 @@ typedef struct ssl3_buffer_st #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 #define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 #define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020 -/* SSL3_FLAGS_CCS_OK indicates that a ChangeCipherSpec record is acceptable at - * this point in the handshake. If this flag is not set then received CCS - * records will cause a fatal error for the connection. */ #define SSL3_FLAGS_CCS_OK 0x0080 /* SSL3_FLAGS_SGC_RESTART_DONE is set when we @@ -558,6 +555,11 @@ typedef struct ssl3_state_st * for Channel IDs and that tlsext_channel_id will be valid after the * handshake. */ char tlsext_channel_id_valid; + /* tlsext_channel_id_new means that the updated Channel ID extension + * was negotiated. This is a temporary hack in the code to support both + * forms of Channel ID extension while we transition to the new format, + * which fixed a security issue. */ + char tlsext_channel_id_new; /* For a server: * If |tlsext_channel_id_valid| is true, then this contains the * verified Channel ID from the client: a P256 point, (x,y), where @@ -678,11 +680,11 @@ typedef struct ssl3_state_st #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) -#define SSL3_ST_SR_POST_CLIENT_CERT (0x1BF|SSL_ST_ACCEPT) #ifndef OPENSSL_NO_NEXTPROTONEG #define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) #define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) #endif +#define SSL3_ST_SR_POST_CLIENT_CERT (0x1BF|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANNEL_ID_A (0x220|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANNEL_ID_B (0x221|SSL_ST_ACCEPT) #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) diff --git a/main/openssl/include/openssl/tls1.h b/main/openssl/include/openssl/tls1.h index ec8948d5..66520893 100644 --- a/main/openssl/include/openssl/tls1.h +++ b/main/openssl/include/openssl/tls1.h @@ -259,6 +259,7 @@ extern "C" { /* This is not an IANA defined extension number */ #define TLSEXT_TYPE_channel_id 30031 +#define TLSEXT_TYPE_channel_id_new 30032 /* NameType value from RFC 3546 */ #define TLSEXT_NAMETYPE_host_name 0 -- cgit v1.2.3