From 0c5af0c28f23f75f93e253aeccb00c5ad20c116e Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Wed, 23 Apr 2014 12:31:35 +0200 Subject: Update OpenSSL to 1.0.1g --- main/openssl/ssl/d1_both.c | 26 ++++++++++++++++++-------- main/openssl/ssl/kssl.h | 9 +++++++++ main/openssl/ssl/s23_clnt.c | 7 ++----- main/openssl/ssl/s3_clnt.c | 4 +--- main/openssl/ssl/s3_srvr.c | 4 ++-- main/openssl/ssl/ssl.h | 2 +- main/openssl/ssl/t1_enc.c | 3 ++- main/openssl/ssl/t1_lib.c | 25 +++++++++++++++++-------- main/openssl/ssl/tls1.h | 10 ++++++---- 9 files changed, 58 insertions(+), 32 deletions(-) (limited to 'main/openssl/ssl') diff --git a/main/openssl/ssl/d1_both.c b/main/openssl/ssl/d1_both.c index 7a5596a6..2e8cf681 100644 --- a/main/openssl/ssl/d1_both.c +++ b/main/openssl/ssl/d1_both.c @@ -1459,26 +1459,36 @@ dtls1_process_heartbeat(SSL *s) unsigned int payload; unsigned int padding = 16; /* Use minimum padding */ - /* Read type and payload length first */ - hbtype = *p++; - n2s(p, payload); - pl = p; - if (s->msg_callback) s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT, &s->s3->rrec.data[0], s->s3->rrec.length, s, s->msg_callback_arg); + /* Read type and payload length first */ + if (1 + 2 + 16 > s->s3->rrec.length) + return 0; /* silently discard */ + hbtype = *p++; + n2s(p, payload); + if (1 + 2 + payload + 16 > s->s3->rrec.length) + return 0; /* silently discard per RFC 6520 sec. 4 */ + pl = p; + if (hbtype == TLS1_HB_REQUEST) { unsigned char *buffer, *bp; + unsigned int write_length = 1 /* heartbeat type */ + + 2 /* heartbeat length */ + + payload + padding; int r; + if (write_length > SSL3_RT_MAX_PLAIN_LENGTH) + return 0; + /* Allocate memory for the response, size is 1 byte * message type, plus 2 bytes payload length, plus * payload, plus padding */ - buffer = OPENSSL_malloc(1 + 2 + payload + padding); + buffer = OPENSSL_malloc(write_length); bp = buffer; /* Enter response type, length and copy payload */ @@ -1489,11 +1499,11 @@ dtls1_process_heartbeat(SSL *s) /* Random padding */ RAND_pseudo_bytes(bp, padding); - r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding); + r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length); if (r >= 0 && s->msg_callback) s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT, - buffer, 3 + payload + padding, + buffer, write_length, s, s->msg_callback_arg); OPENSSL_free(buffer); diff --git a/main/openssl/ssl/kssl.h b/main/openssl/ssl/kssl.h index 8242fd5e..e4df8430 100644 --- a/main/openssl/ssl/kssl.h +++ b/main/openssl/ssl/kssl.h @@ -70,6 +70,15 @@ #include #include #include +#ifdef OPENSSL_SYS_WIN32 +/* These can sometimes get redefined indirectly by krb5 header files + * after they get undefed in ossl_typ.h + */ +#undef X509_NAME +#undef X509_EXTENSIONS +#undef OCSP_REQUEST +#undef OCSP_RESPONSE +#endif #ifdef __cplusplus extern "C" { diff --git a/main/openssl/ssl/s23_clnt.c b/main/openssl/ssl/s23_clnt.c index fefcd167..2bc92141 100644 --- a/main/openssl/ssl/s23_clnt.c +++ b/main/openssl/ssl/s23_clnt.c @@ -283,7 +283,7 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len) send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0; if (send_time) { - unsigned long Time = time(NULL); + unsigned long Time = (unsigned long)time(NULL); unsigned char *p = result; l2n(Time, p); return RAND_pseudo_bytes(p, len-4); @@ -487,10 +487,7 @@ static int ssl23_client_hello(SSL *s) { /* create Client Hello in SSL 3.0/TLS 1.0 format */ - /* do the record header (5 bytes) and handshake message - * header (4 bytes) last. Note: the code to add the - * padding extension in t1_lib.c depends on the size of - * this prefix. */ + /* do the record header (5 bytes) and handshake message header (4 bytes) last */ d = p = &(buf[9]); *(p++) = version_major; diff --git a/main/openssl/ssl/s3_clnt.c b/main/openssl/ssl/s3_clnt.c index efbd666b..f71470a3 100644 --- a/main/openssl/ssl/s3_clnt.c +++ b/main/openssl/ssl/s3_clnt.c @@ -756,9 +756,7 @@ int ssl3_client_hello(SSL *s) if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0) goto err; - /* Do the message type and length last. - * Note: the code to add the padding extension in t1_lib.c - * depends on the size of this prefix. */ + /* Do the message type and length last */ d=p= &(buf[4]); /* version indicates the negotiated version: for example from diff --git a/main/openssl/ssl/s3_srvr.c b/main/openssl/ssl/s3_srvr.c index 19158850..8692f149 100644 --- a/main/openssl/ssl/s3_srvr.c +++ b/main/openssl/ssl/s3_srvr.c @@ -1854,7 +1854,7 @@ int ssl3_send_server_key_exchange(SSL *s) SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); goto f_err; } - for (i=0; r[i] != NULL && i<4; i++) + for (i=0; i < 4 && r[i] != NULL; i++) { nr[i]=BN_num_bytes(r[i]); #ifndef OPENSSL_NO_SRP @@ -1890,7 +1890,7 @@ int ssl3_send_server_key_exchange(SSL *s) d=(unsigned char *)s->init_buf->data; p= &(d[4]); - for (i=0; r[i] != NULL && i<4; i++) + for (i=0; i < 4 && r[i] != NULL; i++) { #ifndef OPENSSL_NO_SRP if ((i == 2) && (type & SSL_kSRP)) diff --git a/main/openssl/ssl/ssl.h b/main/openssl/ssl/ssl.h index 4c38f6ed..40c4d9cf 100644 --- a/main/openssl/ssl/ssl.h +++ b/main/openssl/ssl/ssl.h @@ -928,7 +928,7 @@ struct ssl_ctx_st */ unsigned int max_send_fragment; -#ifndef OPENSSL_ENGINE +#ifndef OPENSSL_NO_ENGINE /* Engine to pass requests for client certs to */ ENGINE *client_cert_engine; diff --git a/main/openssl/ssl/t1_enc.c b/main/openssl/ssl/t1_enc.c index 07cb62bd..2ed2e076 100644 --- a/main/openssl/ssl/t1_enc.c +++ b/main/openssl/ssl/t1_enc.c @@ -986,7 +986,8 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) } else { - EVP_MD_CTX_copy(&hmac,hash); + if (!EVP_MD_CTX_copy(&hmac,hash)) + return -1; mac_ctx = &hmac; } diff --git a/main/openssl/ssl/t1_lib.c b/main/openssl/ssl/t1_lib.c index eba732f1..369e09f4 100644 --- a/main/openssl/ssl/t1_lib.c +++ b/main/openssl/ssl/t1_lib.c @@ -684,8 +684,13 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha } #endif +#ifdef TLSEXT_TYPE_padding /* Add padding to workaround bugs in F5 terminators. - * See https://tools.ietf.org/html/draft-agl-tls-padding-02 */ + * See https://tools.ietf.org/html/draft-agl-tls-padding-03 + * + * NB: because this code works out the length of all existing + * extensions it MUST always appear last. + */ { int hlen = ret - (unsigned char *)s->init_buf->data; /* The code in s23_clnt.c to build ClientHello messages includes the @@ -707,7 +712,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha ret += hlen; } } - +#endif if ((extdatalen = ret-p-2)== 0) return p; @@ -1412,7 +1417,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in tls1_process_sigalgs(s, data, dsize); } else if (type == TLSEXT_TYPE_status_request && - s->version != DTLS1_VERSION && s->ctx->tlsext_status_cb) + s->version != DTLS1_VERSION) { if (size < 5) @@ -2744,16 +2749,20 @@ tls1_process_heartbeat(SSL *s) unsigned int payload; unsigned int padding = 16; /* Use minimum padding */ - /* Read type and payload length first */ - hbtype = *p++; - n2s(p, payload); - pl = p; - if (s->msg_callback) s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT, &s->s3->rrec.data[0], s->s3->rrec.length, s, s->msg_callback_arg); + /* Read type and payload length first */ + if (1 + 2 + 16 > s->s3->rrec.length) + return 0; /* silently discard */ + hbtype = *p++; + n2s(p, payload); + if (1 + 2 + payload + 16 > s->s3->rrec.length) + return 0; /* silently discard per RFC 6520 sec. 4 */ + pl = p; + if (hbtype == TLS1_HB_REQUEST) { unsigned char *buffer, *bp; diff --git a/main/openssl/ssl/tls1.h b/main/openssl/ssl/tls1.h index 6f031a44..6283c6a7 100644 --- a/main/openssl/ssl/tls1.h +++ b/main/openssl/ssl/tls1.h @@ -230,6 +230,12 @@ extern "C" { /* ExtensionType value from RFC5620 */ #define TLSEXT_TYPE_heartbeat 15 +/* ExtensionType value for TLS padding extension. + * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml + * http://tools.ietf.org/html/draft-agl-tls-padding-03 + */ +#define TLSEXT_TYPE_padding 21 + /* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */ #define TLSEXT_TYPE_application_layer_protocol_negotiation 16 @@ -254,10 +260,6 @@ extern "C" { /* This is not an IANA defined extension number */ #define TLSEXT_TYPE_channel_id 30031 -/* See https://tools.ietf.org/html/draft-agl-tls-padding-02 - * Number not yet IANA assigned. */ -#define TLSEXT_TYPE_padding 35655 - /* NameType value from RFC 3546 */ #define TLSEXT_NAMETYPE_host_name 0 /* status request value from RFC 3546 */ -- cgit v1.2.3