Module Name: src Committed By: snj Date: Tue Jan 12 09:08:45 UTC 2010
Modified Files: src/crypto/dist/openssl/ssl [netbsd-5-0]: s3_lib.c s3_pkt.c s3_srvr.c ssl_locl.h Log Message: Apply patch (requested by tonnerre in ticket #1237): Disable OpenSSL renegotiation, thus avoiding CVE-2009-3555. To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.14.8.1 src/crypto/dist/openssl/ssl/s3_lib.c cvs rdiff -u -r1.9.8.1 -r1.9.8.2 src/crypto/dist/openssl/ssl/s3_pkt.c cvs rdiff -u -r1.15.4.1 -r1.15.4.1.2.1 src/crypto/dist/openssl/ssl/s3_srvr.c cvs rdiff -u -r1.13 -r1.13.8.1 src/crypto/dist/openssl/ssl/ssl_locl.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/dist/openssl/ssl/s3_lib.c diff -u src/crypto/dist/openssl/ssl/s3_lib.c:1.14 src/crypto/dist/openssl/ssl/s3_lib.c:1.14.8.1 --- src/crypto/dist/openssl/ssl/s3_lib.c:1.14 Tue Jun 10 19:45:00 2008 +++ src/crypto/dist/openssl/ssl/s3_lib.c Tue Jan 12 09:08:44 2010 @@ -3289,6 +3289,9 @@ if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) return(0); + if (!(s->s3->flags & SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) + return(0); + s->s3->renegotiate=1; return(1); } Index: src/crypto/dist/openssl/ssl/s3_pkt.c diff -u src/crypto/dist/openssl/ssl/s3_pkt.c:1.9.8.1 src/crypto/dist/openssl/ssl/s3_pkt.c:1.9.8.2 --- src/crypto/dist/openssl/ssl/s3_pkt.c:1.9.8.1 Sun Jul 5 00:31:20 2009 +++ src/crypto/dist/openssl/ssl/s3_pkt.c Tue Jan 12 09:08:45 2010 @@ -1041,6 +1041,7 @@ if (SSL_is_init_finished(s) && !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && + (s->s3->flags & SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) && !s->s3->renegotiate) { ssl3_renegotiate(s); @@ -1173,7 +1174,8 @@ if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) { if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && + (s->s3->flags & SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { #if 0 /* worked only because C operator preferences are not as expected (and * because this is not really needed for clients except for detecting Index: src/crypto/dist/openssl/ssl/s3_srvr.c diff -u src/crypto/dist/openssl/ssl/s3_srvr.c:1.15.4.1 src/crypto/dist/openssl/ssl/s3_srvr.c:1.15.4.1.2.1 --- src/crypto/dist/openssl/ssl/s3_srvr.c:1.15.4.1 Tue Jan 20 21:28:09 2009 +++ src/crypto/dist/openssl/ssl/s3_srvr.c Tue Jan 12 09:08:45 2010 @@ -763,6 +763,14 @@ #endif STACK_OF(SSL_CIPHER) *ciphers=NULL; + if (s->new_session + && !(s->s3->flags&SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); + goto f_err; + } + /* We do this so that we will respond with our native type. * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, * This down switching should be handled by a different method. Index: src/crypto/dist/openssl/ssl/ssl_locl.h diff -u src/crypto/dist/openssl/ssl/ssl_locl.h:1.13 src/crypto/dist/openssl/ssl/ssl_locl.h:1.13.8.1 --- src/crypto/dist/openssl/ssl/ssl_locl.h:1.13 Tue Jun 10 19:45:00 2008 +++ src/crypto/dist/openssl/ssl/ssl_locl.h Tue Jan 12 09:08:45 2010 @@ -450,6 +450,8 @@ #define NAMED_CURVE_TYPE 3 #endif /* OPENSSL_NO_EC */ +#define SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x0010 + typedef struct cert_pkey_st { X509 *x509;