[openssl.org #1780] OSCP_REQUEST name collision between ossl_typ.h and Wincrypt.h using Windows Platform SDK 6.0a in openssl-0.9.8h and openssl-0.9.8i
The solution would seem to be to change the name of OSCP_REQUEST to OSSL_OSCP_REQUEST. Similarly for OSCP_RESPONSE. A workaround is to #include Wincrypt.h and then #undef OSCP_REQUEST/RESPONSE before including openssl.h. It's possible to install the Windows Platform SDK 6.0a for Visual Studio 8.1 (aka VS 2005 SP1) but it's simplest to duplicate using Visual Studio 9 (aka VS 2008) which incorporates the new platform SDK. Thanks, Bill __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1782] Re: Bug in Configure script?
Attached is a fix. One liner. Philip Prindeville wrote: I'm looking at ./Configure where it does: chop $prefix if $prefix =~ /\/$/; and then later on: s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/; And then in crypto/Makefile, we have: install: @[ -n $(INSTALLTOP) ] # should be set by top Makefile... which means that if you invoke Configure with --prefix / ... this will fail. Should it be: chop $prefix if $prefix =~ /.\/$/; instead to make sure that $prefix must be at least 2 chars long??? Otherwise, how do you correctly install with INSTALLTOP=/ ? Or do I need to have --prefix=/. instead? Thanks, -Philip --- openssl-0.9.8i/Configure.old2008-11-09 13:34:02.0 -0800 +++ openssl-0.9.8i/Configure2008-11-09 13:46:27.0 -0800 @@ -976,7 +976,7 @@ or $perl=perl; chop $openssldir if $openssldir =~ /\/$/; -chop $prefix if $prefix =~ /\/$/; +chop $prefix if $prefix =~ /.\/$/; $openssldir=$prefix . /ssl if $openssldir eq ; $openssldir=$prefix . / . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
[PATCH] DTLS application data in handshake
The current DTLS implementation always generates an SSL_R_UNEXPECTED_RECORD error if application data is received while handshaking. This is ok for the first handshake, but not necessary for renegotiations. Furthermore it's likely that the connection fails just because of unordered UDP packets. The DTLS specification does not mention this issue, but there is no reason not to accept belated application data while renegotiating, as long as the key material has not changed yet. With this patch the implementation will leave the handshake routine, return the application data and generate the error SSL_ERROR_WANT_READ, so that the application reads again to continue handshaking. --- d1_pkt.c~ 2008-09-14 19:57:03.0 +0200 +++ d1_pkt.c2008-11-11 09:40:52.0 +0100 @@ -795,13 +827,27 @@ dest = s-d1-alert_fragment; dest_len = s-d1-alert_fragment_len; } -/* else it's a CCS message, or it's wrong */ +/* else it's a CCS message, or application data or wrong */ else if (rr-type != SSL3_RT_CHANGE_CIPHER_SPEC) { - /* Not certain if this is the right error handling */ - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr (SSL_F_DTLS1_READ_BYTES,SSL_R_UNEXPECTED_RECORD); - goto f_err; + /* Application data while renegotiating +* is allowed. Try again reading. +*/ + if (rr-type == SSL3_RT_APPLICATION_DATA) + { + s-s3- in_read_app_data=2; + BIO *bio; + bio=SSL_get_rbio(s); + s- rwstate=SSL_READING; + BIO_clear_retry_flags(bio); + BIO_set_retry_read(bio); + return(-1); + } + +/* Not certain if this is the right error handling */ +al=SSL_AD_UNEXPECTED_MESSAGE; +SSLerr (SSL_F_DTLS1_READ_BYTES,SSL_R_UNEXPECTED_RECORD); +goto f_err; } __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1574] Session Ticket in OpenSSL 0.9.9 and EAP-FAST
[EMAIL PROTECTED] - Wed Oct 22 13:56:16 2008]: On Wed, Oct 22, 2008 at 01:19:53PM +0200, Stephen Henson via RT wrote: I've had an initial look at this patch. Is there some reason you need to be able to generate generic extensions rather than just being able to override the session ticket extension? Not really. This just remains from the initial patch that was done before the session ticket support was added to OpenSSL. In practice, SSL_set_hello_extension() is only used to replace the SessionTicket extension (ext_type=35) and any mechanism that allows this to be done would be fine. OK, we'd need the generic extension part of the patch modified to only override the session ticket extension. A companion callback to supply the details of the ticket extension would be appropriate instead of using the debugging interface. The indentation in that patch is also inconsistent with the rest of OpenSSL. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1783] TLS extensions patch for EAP-FAST support
Attached is a patch file for openssl-0.9.8i that adds support for some features required in order to suport EAP-FAST. The patch is from Jouni Malinen and is required for EAP-FAST support in wpa_supplicant and hostapd. Also required by a number of other open-source and commercial projects. The patch applies cleanly to openssl-0.9.8i and has been tested by me. Please add to the next version. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au Phone +61 7 5598-7474 Fax +61 7 5598-7070 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. This patch adds support for TLS SessionTicket extension (RFC 5077) for the parts used by EAP-FAST (RFC 4851). This is based on the patch from Alexey Kobozev [EMAIL PROTECTED] (sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). OpenSSL 0.9.8i does not enable TLS extension support by default, so it will need to be enabled by adding enable-tlsext to config script command line. diff -upr openssl-0.9.8i.orig/ssl/s3_clnt.c openssl-0.9.8i/ssl/s3_clnt.c --- openssl-0.9.8i.orig/ssl/s3_clnt.c 2008-06-16 19:56:41.0 +0300 +++ openssl-0.9.8i/ssl/s3_clnt.c 2008-09-28 16:50:18.0 +0300 @@ -759,6 +759,20 @@ int ssl3_get_server_hello(SSL *s) goto f_err; } +#ifndef OPENSSL_NO_TLSEXT + /* check if we want to resume the session based on external pre-shared secret */ + if (s-version = TLS1_VERSION s-tls_session_secret_cb) + { + SSL_CIPHER *pref_cipher=NULL; + s-session-master_key_length=sizeof(s-session-master_key); + if (s-tls_session_secret_cb(s, s-session-master_key, s-session-master_key_length, + NULL, pref_cipher, s-tls_session_secret_cb_arg)) + { + s-session-cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j); + } + } +#endif /* OPENSSL_NO_TLSEXT */ + if (j != 0 j == s-session-session_id_length memcmp(p,s-session-session_id,j) == 0) { @@ -2701,11 +2715,8 @@ static int ssl3_check_finished(SSL *s) { int ok; long n; - /* If we have no ticket or session ID is non-zero length (a match of - * a non-zero session length would never reach here) it cannot be a - * resumed session. - */ - if (!s-session-tlsext_tick || s-session-session_id_length) + /* If we have no ticket it cannot be a resumed session. */ + if (!s-session-tlsext_tick) return 1; /* this function is called when we really expect a Certificate * message, so permit appropriate message length */ diff -upr openssl-0.9.8i.orig/ssl/s3_srvr.c openssl-0.9.8i/ssl/s3_srvr.c --- openssl-0.9.8i.orig/ssl/s3_srvr.c 2008-09-14 21:16:09.0 +0300 +++ openssl-0.9.8i/ssl/s3_srvr.c 2008-09-28 16:50:18.0 +0300 @@ -959,6 +959,59 @@ int ssl3_get_client_hello(SSL *s) SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); goto err; } + + /* Check if we want to use external pre-shared secret for this + * handshake for not reused session only. We need to generate + * server_random before calling tls_session_secret_cb in order to allow + * SessionTicket processing to use it in key derivation. */ + { + unsigned long Time; + unsigned char *pos; + Time=(unsigned long)time(NULL); /* Time */ + pos=s-s3-server_random; + l2n(Time,pos); + if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) = 0) + { + al=SSL_AD_INTERNAL_ERROR; + goto f_err; + } + } + + if (!s-hit s-version = TLS1_VERSION s-tls_session_secret_cb) + { + SSL_CIPHER *pref_cipher=NULL; + + s-session-master_key_length=sizeof(s-session-master_key); + if(s-tls_session_secret_cb(s, s-session-master_key, s-session-master_key_length, + ciphers, pref_cipher, s-tls_session_secret_cb_arg)) + { + s-hit=1; + s-session-ciphers=ciphers; + s-session-verify_result=X509_V_OK; + + ciphers=NULL; + + /* check if some cipher was preferred by call back */ + pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s-session-ciphers, SSL_get_ciphers(s)); + if (pref_cipher == NULL) +{ +al=SSL_AD_HANDSHAKE_FAILURE; +SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); +goto f_err; +} + + s-session-cipher=pref_cipher; + + if (s-cipher_list) +sk_SSL_CIPHER_free(s-cipher_list); + + if (s-cipher_list_by_id) +sk_SSL_CIPHER_free(s-cipher_list_by_id); + + s-cipher_list = sk_SSL_CIPHER_dup(s-session-ciphers); + s-cipher_list_by_id = sk_SSL_CIPHER_dup(s-session-ciphers); + } + } #endif /* Worst case, we will use the NULL compression, but if we have other * options, we will now look for them. We have i-1 compression @@ -1097,16 +1150,22 @@ int ssl3_send_server_hello(SSL *s) unsigned char
Re: [openssl.org #1725] OpenSSL-0.9.8h: Bug in Certificate Request generation
i'd say upgrade to 0.9.8i. if not possible, you can try the attached patch. use at your own risk :) diff -Naur openssl-0.9.8h-old/crypto/x509/x509_att.c openssl-0.9.8h-new/crypto/x509/x509_att.c --- openssl-0.9.8h-old/crypto/x509/x509_att.c 2008-04-02 04:11:51.0 -0700 +++ openssl-0.9.8h-new/crypto/x509/x509_att.c 2008-11-11 19:55:05.0 -0800 @@ -303,7 +303,7 @@ } if(!(attr-value.set = sk_ASN1_TYPE_new_null())) goto err; if(!(ttmp = ASN1_TYPE_new())) goto err; - if (len == -1) +if ((len == -1) !(attrtype MBSTRING_FLAG)) { if (!ASN1_TYPE_set1(ttmp, attrtype, data)) goto err; _ Get 5 GB of storage with Windows Live Hotmail. http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_5gb_112008 diff Description: Binary data