CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src Committed By: christos Date: Thu May 15 12:53:52 UTC 2014 Modified Files: src/crypto/external/bsd/openssl/dist/ssl: s3_pkt.c Log Message: Avoid NULL dereference. (FreeBSD SA14:10) To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.14 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.15 --- src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.14 Sun Apr 13 09:14:15 2014 +++ src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c Thu May 15 08:53:52 2014 @@ -658,6 +658,10 @@ static int do_ssl3_write(SSL *s, int typ if (i = 0) return(i); /* if it went, fall through and send more stuff */ + /* we may have released our buffer, so get it again */ + if (wb-buf == NULL) + if (!ssl3_setup_write_buffer(s)) +return -1; } if (len == 0 !create_empty_fragment)
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: christos
Date: Fri Jul 27 21:22:55 UTC 2012
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: t1_lib.c
Log Message:
remove extra parens that make clang bitchy.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.6 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.7
--- src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.6 Thu Jul 26 15:58:40 2012
+++ src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c Fri Jul 27 17:22:55 2012
@@ -1527,7 +1527,7 @@ int ssl_parse_serverhello_tlsext(SSL *s,
unsigned char selected_len;
/* We must have requested it. */
- if ((s-ctx-next_proto_select_cb == NULL))
+ if (s-ctx-next_proto_select_cb == NULL)
{
*al = TLS1_AD_UNSUPPORTED_EXTENSION;
return 0;
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: drochner
Date: Fri May 11 18:07:34 UTC 2012
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: d1_enc.c t1_enc.c
Log Message:
pull in upstream rev.22547:
Sanity check record length before skipping explicit IV in TLS 1.2, 1.1
and DTLS to fix DoS attack.
(CVE-2012-2333)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.3 -r1.2 \
src/crypto/external/bsd/openssl/dist/ssl/d1_enc.c
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/d1_enc.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/d1_enc.c:1.1.1.3 src/crypto/external/bsd/openssl/dist/ssl/d1_enc.c:1.2
--- src/crypto/external/bsd/openssl/dist/ssl/d1_enc.c:1.1.1.3 Sun Jun 5 15:00:31 2011
+++ src/crypto/external/bsd/openssl/dist/ssl/d1_enc.c Fri May 11 18:07:33 2012
@@ -260,7 +260,7 @@ int dtls1_enc(SSL *s, int send)
}
/* TLS 1.0 does not bound the number of padding bytes by the block size.
* All of them must have value 'padding_length'. */
- if (i (int)rec-length)
+ if (i + bs (int)rec-length)
{
/* Incorrect padding. SSLerr() and ssl3_alert are done
* by caller: we don't want to reveal whether this is
Index: src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c:1.3 src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c:1.4
--- src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c:1.3 Sun Jun 5 23:09:49 2011
+++ src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c Fri May 11 18:07:34 2012
@@ -823,6 +823,8 @@ int tls1_enc(SSL *s, int send)
if (s-version = TLS1_1_VERSION
EVP_CIPHER_CTX_mode(ds) == EVP_CIPH_CBC_MODE)
{
+if (bs (int)rec-length)
+ return -1;
rec-data += bs;/* skip the explicit IV */
rec-input += bs;
rec-length -= bs;
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: drochner
Date: Wed Jan 18 20:08:50 UTC 2012
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: d1_pkt.c
Log Message:
pull in rev.22050 from upstream CVS, following secadv_20120118.txt:
Fix for DTLS DoS issue introduced by fix for CVE-2011-4108 (CVE-2012-0050)
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c:1.2 src/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c:1.3
--- src/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c:1.2 Thu Jan 5 17:32:02 2012
+++ src/crypto/external/bsd/openssl/dist/ssl/d1_pkt.c Wed Jan 18 20:08:49 2012
@@ -376,6 +376,7 @@ dtls1_process_record(SSL *s)
unsigned int mac_size;
unsigned char md[EVP_MAX_MD_SIZE];
int decryption_failed_or_bad_record_mac = 0;
+ unsigned char *mac = NULL;
rr= (s-s3-rrec);
@@ -450,19 +451,15 @@ printf(\n);
#endif
}
/* check the MAC for rr-input (it's in mac_size bytes at the tail) */
- if (rr-length mac_size)
+ if (rr-length = mac_size)
{
-#if 0 /* OK only for stream ciphers */
- al=SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_LENGTH_TOO_SHORT);
- goto f_err;
-#else
- decryption_failed_or_bad_record_mac = 1;
-#endif
+ rr-length -= mac_size;
+ mac = rr-data[rr-length];
}
- rr-length-=mac_size;
+ else
+ rr-length = 0;
i=s-method-ssl3_enc-mac(s,md,0);
- if (i 0 || memcmp(md,(rr-data[rr-length]),mac_size) != 0)
+ if (i 0 || mac == NULL || memcmp(md, mac, mac_size) != 0)
{
decryption_failed_or_bad_record_mac = 1;
}
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: drochner
Date: Thu Jul 7 18:11:19 UTC 2011
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: s3_lib.c s3_pkt.c s3_srvr.c
ssl_locl.h
Log Message:
remove SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION -- openssl uses
another mechanism now, and these remainders break renogotiation with
(at least) tor and postgres
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c:1.5 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c:1.6
--- src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c:1.5 Sun Jun 5 23:09:48 2011
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c Thu Jul 7 18:11:18 2011
@@ -3727,9 +3727,6 @@
if (s-s3-flags SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
return(0);
- if (!(s-s3-flags SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
- return(0);
-
s-s3-renegotiate=1;
return(1);
}
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.8 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.9
--- src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.8 Sun Jun 5 23:09:48 2011
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c Thu Jul 7 18:11:19 2011
@@ -1108,7 +1108,6 @@
if (SSL_is_init_finished(s)
!(s-s3-flags SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
- (s-s3-flags SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)
!s-s3-renegotiate)
{
ssl3_renegotiate(s);
@@ -1278,8 +1277,7 @@
if ((s-s3-handshake_fragment_len = 4) !s-in_handshake)
{
if (((s-stateSSL_ST_MASK) == SSL_ST_OK)
- !(s-s3-flags SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
- (s-s3-flags SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+ !(s-s3-flags SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
{
#if 0 /* worked only because C operator preferences are not as expected (and
* because this is not really needed for clients except for detecting
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.7 src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.8
--- src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.7 Sun Jun 5 23:09:49 2011
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c Thu Jul 7 18:11:19 2011
@@ -877,14 +877,6 @@
#endif
STACK_OF(SSL_CIPHER) *ciphers=NULL;
- if (s-new_session
- !(s-s3-flagsSSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
- {
- al=SSL_AD_HANDSHAKE_FAILURE;
- SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
- goto f_err;
- }
-
/* We do this so that we will respond with our native type.
* If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
* This down switching should be handled by a different method.
Index: src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h
diff -u src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h:1.3 src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h:1.4
--- src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h:1.3 Sun Jun 5 23:09:49 2011
+++ src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h Thu Jul 7 18:11:19 2011
@@ -459,8 +459,6 @@
#define NAMED_CURVE_TYPE 3
#endif /* OPENSSL_NO_EC */
-#define SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x0010
-
typedef struct cert_pkey_st
{
X509 *x509;
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: spz
Date: Thu Feb 10 06:04:54 UTC 2011
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: t1_lib.c
Log Message:
fix for CVE-2011-0014 (OCSP stapling vulnerability in OpenSSL)
patch taken from http://www.openssl.org/news/secadv_20110208.txt
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.3 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.4
--- src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.3 Tue Dec 7 10:03:29 2010
+++ src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c Thu Feb 10 06:04:54 2011
@@ -916,6 +916,7 @@
}
n2s(data, idsize);
dsize -= 2 + idsize;
+ size -= 2 + idsize;
if (dsize 0)
{
*al = SSL_AD_DECODE_ERROR;
@@ -954,9 +955,14 @@
}
/* Read in request_extensions */
+if (size 2)
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
n2s(data,dsize);
size -= 2;
-if (dsize size)
+if (dsize != size)
{
*al = SSL_AD_DECODE_ERROR;
return 0;
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: drochner
Date: Tue Dec 7 09:10:22 UTC 2010
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: s3_clnt.c s3_srvr.c
Log Message:
openssl security patch of the day:
Fix a flaw in the OpenSSL SSL/TLS server code where an old bug
workaround allows malicous clients to modify the stored session cache
ciphersuite. In some cases the ciphersuite can be downgraded to a weaker one
on subsequent connections. See
http://www.openssl.org/news/secadv_20101202.txt
(CVE-2010-4180)
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c:1.2 src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c:1.3
--- src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c:1.2 Tue Aug 10 11:01:00 2010
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c Tue Dec 7 09:10:21 2010
@@ -870,8 +870,11 @@
s-session-cipher_id = s-session-cipher-id;
if (s-hit (s-session-cipher_id != c-id))
{
+/* Workaround is now obsolete */
+#if 0
if (!(s-options
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
+#endif
{
al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.5 src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.6
--- src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.5 Fri Apr 9 04:34:13 2010
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c Tue Dec 7 09:10:21 2010
@@ -975,6 +975,10 @@
break;
}
}
+/* Disabled because it can be used in a ciphersuite downgrade
+ * attack: CVE-2010-4180.
+ */
+#if 0
if (j == 0 (s-options SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) (sk_SSL_CIPHER_num(ciphers) == 1))
{
/* Special case as client bug workaround: the previously used cipher may
@@ -989,6 +993,7 @@
j = 1;
}
}
+#endif
if (j == 0)
{
/* we need to have the cipher in the cipher
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: drochner
Date: Tue Dec 7 10:03:29 UTC 2010
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: t1_lib.c
Log Message:
fix bug introduced by last security patch, from upstream CVS:
Don't assume a decode error if session tlsext_ecpointformatlist is
not NULL: it can be legitimately set elsewhere.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.2 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.3
--- src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.2 Wed Nov 17 12:09:34 2010
+++ src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c Tue Dec 7 10:03:29 2010
@@ -778,8 +778,8 @@
{
if(s-session-tlsext_ecpointformatlist)
{
- *al = TLS1_AD_DECODE_ERROR;
- return 0;
+ OPENSSL_free(s-session-tlsext_ecpointformatlist);
+ s-session-tlsext_ecpointformatlist = NULL;
}
s-session-tlsext_ecpointformatlist_length = 0;
if ((s-session-tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: drochner
Date: Wed Nov 17 12:09:34 UTC 2010
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: t1_lib.c
Log Message:
apply patch from http://www.openssl.org/news/secadv_20101116.txt
to fix a race condition which can be exploited in a buffer
overrun attack (CVE-2010-3864)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2 -r1.2 \
src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.1.1.2 src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.2
--- src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c:1.1.1.2 Sat Dec 26 23:34:36 2009
+++ src/crypto/external/bsd/openssl/dist/ssl/t1_lib.c Wed Nov 17 12:09:34 2010
@@ -713,14 +713,23 @@
switch (servname_type)
{
case TLSEXT_NAMETYPE_host_name:
- if (s-session-tlsext_hostname == NULL)
+ if (!s-hit)
{
- if (len TLSEXT_MAXLEN_host_name ||
- ((s-session-tlsext_hostname = OPENSSL_malloc(len+1)) == NULL))
+ if(s-session-tlsext_hostname)
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+ if (len TLSEXT_MAXLEN_host_name)
{
*al = TLS1_AD_UNRECOGNIZED_NAME;
return 0;
}
+ if ((s-session-tlsext_hostname = OPENSSL_malloc(len+1)) == NULL)
+ {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
memcpy(s-session-tlsext_hostname, sdata, len);
s-session-tlsext_hostname[len]='\0';
if (strlen(s-session-tlsext_hostname) != len) {
@@ -733,7 +742,8 @@
}
else
- s-servername_done = strlen(s-session-tlsext_hostname) == len
+ s-servername_done = s-session-tlsext_hostname
+ strlen(s-session-tlsext_hostname) == len
strncmp(s-session-tlsext_hostname, (char *)sdata, len) == 0;
break;
@@ -764,15 +774,22 @@
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
- s-session-tlsext_ecpointformatlist_length = 0;
- if (s-session-tlsext_ecpointformatlist != NULL) OPENSSL_free(s-session-tlsext_ecpointformatlist);
- if ((s-session-tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
+ if (!s-hit)
{
-*al = TLS1_AD_INTERNAL_ERROR;
-return 0;
+if(s-session-tlsext_ecpointformatlist)
+ {
+ *al = TLS1_AD_DECODE_ERROR;
+ return 0;
+ }
+s-session-tlsext_ecpointformatlist_length = 0;
+if ((s-session-tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
+ {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+s-session-tlsext_ecpointformatlist_length = ecpointformatlist_length;
+memcpy(s-session-tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
}
- s-session-tlsext_ecpointformatlist_length = ecpointformatlist_length;
- memcpy(s-session-tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
#if 0
fprintf(stderr,ssl_parse_clienthello_tlsext s-session-tlsext_ecpointformatlist (length=%i) , s-session-tlsext_ecpointformatlist_length);
sdata = s-session-tlsext_ecpointformatlist;
@@ -793,15 +810,22 @@
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
- s-session-tlsext_ellipticcurvelist_length = 0;
- if (s-session-tlsext_ellipticcurvelist != NULL) OPENSSL_free(s-session-tlsext_ellipticcurvelist);
- if ((s-session-tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL)
+ if (!s-hit)
{
-*al = TLS1_AD_INTERNAL_ERROR;
-return 0;
+if(s-session-tlsext_ellipticcurvelist)
+ {
+ *al = TLS1_AD_DECODE_ERROR;
+ return 0;
+ }
+s-session-tlsext_ellipticcurvelist_length = 0;
+if ((s-session-tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL)
+ {
+ *al = TLS1_AD_INTERNAL_ERROR;
+ return 0;
+ }
+s-session-tlsext_ellipticcurvelist_length = ellipticcurvelist_length;
+memcpy(s-session-tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);
}
- s-session-tlsext_ellipticcurvelist_length = ellipticcurvelist_length;
- memcpy(s-session-tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);
#if 0
fprintf(stderr,ssl_parse_clienthello_tlsext s-session-tlsext_ellipticcurvelist (length=%i) , s-session-tlsext_ellipticcurvelist_length);
sdata = s-session-tlsext_ellipticcurvelist;
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src Committed By: drochner Date: Tue Aug 10 11:01:01 UTC 2010 Modified Files: src/crypto/external/bsd/openssl/dist/ssl: s3_clnt.c Log Message: fix a double free() in error case, see the thread openssl-1.0.0a and glibc detected sthg ;) in openssl-dev. I was getting a SEGV with the example posted there. To generate a diff of this commit: cvs rdiff -u -r1.1.1.2 -r1.2 \ src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c:1.1.1.2 src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c:1.2 --- src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c:1.1.1.2 Sat Dec 26 23:34:23 2009 +++ src/crypto/external/bsd/openssl/dist/ssl/s3_clnt.c Tue Aug 10 11:01:00 2010 @@ -1489,6 +1489,7 @@ s-session-sess_cert-peer_ecdh_tmp=ecdh; ecdh=NULL; BN_CTX_free(bn_ctx); + bn_ctx = NULL; EC_POINT_free(srvr_ecpoint); srvr_ecpoint = NULL; }
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: bouyer
Date: Fri Apr 9 04:34:13 UTC 2010
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: s3_enc.c s3_srvr.c t1_enc.c
Log Message:
Fix crash in openssl (I suspect caused by malformed packets):
handshake_dgst[] may be used without being allocated, causing NULL
pointer dereference.
Fix by checking that handshake_dgst is not NULL before use.
Reported to openssl as ticket openssl.org #2214.
Fix tested on netbsd-5 by Luke Mewburn with apache, and by me with
freeradius (fixing segmentation fault in both cases).
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c
cvs rdiff -u -r1.1.1.2 -r1.2 \
src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c:1.1.1.1 src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c:1.2
--- src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c:1.1.1.1 Sun Jul 19 23:05:47 2009
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_enc.c Fri Apr 9 04:34:13 2010
@@ -578,7 +578,7 @@
{
BIO_write (s-s3-handshake_buffer,(void *)buf,len);
}
- else
+ else if (s-s3-handshake_dgst != NULL)
{
int i;
for (i=0;i SSL_MAX_DIGEST;i++)
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.4 src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.5
--- src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.4 Sun Jan 10 16:39:10 2010
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c Fri Apr 9 04:34:13 2010
@@ -537,20 +537,22 @@
if (s-s3-handshake_buffer)
if (!ssl3_digest_cached_records(s))
return -1;
-for (dgst_num=0; dgst_numSSL_MAX_DIGEST;dgst_num++)
- if (s-s3-handshake_dgst[dgst_num])
- {
- int dgst_size;
-
- s-method-ssl3_enc-cert_verify_mac(s,EVP_MD_CTX_type(s-s3-handshake_dgst[dgst_num]),(s-s3-tmp.cert_verify_md[offset]));
- dgst_size=EVP_MD_CTX_size(s-s3-handshake_dgst[dgst_num]);
- if (dgst_size 0)
+if (s-s3-handshake_dgst != NULL) {
+ for (dgst_num=0; dgst_numSSL_MAX_DIGEST;dgst_num++)
+ if (s-s3-handshake_dgst[dgst_num])
{
- ret = -1;
- goto end;
- }
- offset+=dgst_size;
- }
+ int dgst_size;
+
+ s-method-ssl3_enc-cert_verify_mac(s,EVP_MD_CTX_type(s-s3-handshake_dgst[dgst_num]),(s-s3-tmp.cert_verify_md[offset]));
+ dgst_size=EVP_MD_CTX_size(s-s3-handshake_dgst[dgst_num]);
+ if (dgst_size 0)
+{
+ret = -1;
+goto end;
+}
+ offset+=dgst_size;
+ }
+ }
}
break;
Index: src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c:1.1.1.2 src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c:1.2
--- src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c:1.1.1.2 Sat Dec 26 23:34:36 2009
+++ src/crypto/external/bsd/openssl/dist/ssl/t1_enc.c Fri Apr 9 04:34:13 2010
@@ -788,14 +788,16 @@
if (!ssl3_digest_cached_records(s))
return 0;
- for (i=0;iSSL_MAX_DIGEST;i++)
- {
- if (s-s3-handshake_dgst[i]EVP_MD_CTX_type(s-s3-handshake_dgst[i])==md_nid)
- {
- d=s-s3-handshake_dgst[i];
- break;
+ if (s-s3-handshake_dgst) {
+ for (i=0;iSSL_MAX_DIGEST;i++)
+ {
+ if (s-s3-handshake_dgst[i]EVP_MD_CTX_type(s-s3-handshake_dgst[i])==md_nid)
+{
+d=s-s3-handshake_dgst[i];
+break;
+}
}
- }
+ }
if (!d) {
SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC,SSL_R_NO_REQUIRED_DIGEST);
return 0;
@@ -833,7 +835,7 @@
if (mask s-s3-tmp.new_cipher-algorithm2)
{
int hashsize = EVP_MD_size(md);
- if (hashsize 0 || hashsize (int)(sizeof buf - (size_t)(q-buf)))
+ if (hashsize 0 || hashsize (int)(sizeof buf - (size_t)(q-buf)) || s-s3-handshake_dgst == NULL)
{
/* internal error: 'buf' is too small for this cipersuite! */
err = 1;
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: bouyer
Date: Sun Mar 28 11:32:29 UTC 2010
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: s3_pkt.c
Log Message:
Apply patchset 19476 from openssl repository, fixing CVE-2010-0740.
from http://www.openssl.org/news/secadv_20100324.txt:
In TLS connections, certain incorrectly formatted records can cause an OpenSSL
client or server to crash due to a read attempt at NULL.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.6 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.7
--- src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.6 Sun Jan 10 16:39:10 2010
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c Sun Mar 28 11:32:29 2010
@@ -337,9 +337,9 @@
if (version != s-version)
{
SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-/* Send back error using their
- * version number :-) */
-s-version=version;
+if ((s-version 0xFF00) == (version 0xFF00))
+ /* Send back error using their minor version number :-) */
+ s-version = (unsigned short)version;
al=SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
CVS commit: src/crypto/external/bsd/openssl/dist/ssl
Module Name:src
Committed By: tonnerre
Date: Sun Jan 10 16:39:10 UTC 2010
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: s3_lib.c s3_pkt.c s3_srvr.c
ssl_locl.h
Log Message:
Instead of unconditionally disabling SSL3 renegociation, add the flag
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION which can be set by the
software which needs unsafe renegociation. Patch from OpenSSL CVS.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c \
src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c
cvs rdiff -u -r1.1.1.2 -r1.2 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c:1.3 src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c:1.4
--- src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c:1.3 Sun Dec 27 00:48:56 2009
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_lib.c Sun Jan 10 16:39:10 2010
@@ -3298,6 +3298,9 @@
if (s-s3-flags SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
return(0);
+ if (!(s-s3-flags SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+ return(0);
+
s-s3-renegotiate=1;
return(1);
}
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.3 src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.4
--- src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c:1.3 Sun Dec 27 00:48:56 2009
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_srvr.c Sun Jan 10 16:39:10 2010
@@ -776,6 +776,14 @@
#endif
STACK_OF(SSL_CIPHER) *ciphers=NULL;
+ if (s-new_session
+ !(s-s3-flagsSSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
+
/* We do this so that we will respond with our native type.
* If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
* This down switching should be handled by a different method.
Index: src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.5 src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.6
--- src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c:1.5 Sun Dec 27 00:48:56 2009
+++ src/crypto/external/bsd/openssl/dist/ssl/s3_pkt.c Sun Jan 10 16:39:10 2010
@@ -1105,6 +1105,7 @@
if (SSL_is_init_finished(s)
!(s-s3-flags SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
+ (s-s3-flags SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)
!s-s3-renegotiate)
{
ssl3_renegotiate(s);
@@ -1270,7 +1271,8 @@
if ((s-s3-handshake_fragment_len = 4) !s-in_handshake)
{
if (((s-stateSSL_ST_MASK) == SSL_ST_OK)
- !(s-s3-flags SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
+ !(s-s3-flags SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
+ (s-s3-flags SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
{
#if 0 /* worked only because C operator preferences are not as expected (and
* because this is not really needed for clients except for detecting
Index: src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h
diff -u src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h:1.1.1.2 src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h:1.2
--- src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h:1.1.1.2 Sat Dec 26 23:34:32 2009
+++ src/crypto/external/bsd/openssl/dist/ssl/ssl_locl.h Sun Jan 10 16:39:10 2010
@@ -453,6 +453,8 @@
#define NAMED_CURVE_TYPE 3
#endif /* OPENSSL_NO_EC */
+#define SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x0010
+
typedef struct cert_pkey_st
{
X509 *x509;
