X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fs3_srvr.c;h=68a8c812e037116ec2a3e80bd76d3c98d28193ff;hb=af9752e5faff5dd3c82fc2d02d1e7ad457ccb84a;hp=f8c7e373cd88682bdbaae3a7eefb655d10bced97;hpb=d3cc5e610d1719a35cda52c9152134b490a8c944;p=oweals%2Fopenssl.git diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index f8c7e373cd..68a8c812e0 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -226,13 +226,11 @@ int ssl3_accept(SSL *s) /* init things to blank */ s->in_handshake++; - if (!SSL_in_init(s) || SSL_in_before(s)) - SSL_clear(s); - - if (s->cert == NULL) { - SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_NO_CERTIFICATE_SET); - return (-1); + if (!SSL_in_init(s) || SSL_in_before(s)) { + if(!SSL_clear(s)) + return -1; } + #ifndef OPENSSL_NO_HEARTBEATS /* * If we're awaiting a HeartbeatResponse, pretend we already got and @@ -884,7 +882,10 @@ int ssl3_send_hello_request(SSL *s) { if (s->state == SSL3_ST_SW_HELLO_REQ_A) { - ssl_set_handshake_header(s, SSL3_MT_HELLO_REQUEST, 0); + if(!ssl_set_handshake_header(s, SSL3_MT_HELLO_REQUEST, 0)) { + SSLerr(SSL_F_SSL3_SEND_HELLO_REQUEST, ERR_R_INTERNAL_ERROR); + return -1; + } s->state = SSL3_ST_SW_HELLO_REQ_B; } @@ -1500,7 +1501,10 @@ int ssl3_send_server_hello(SSL *s) #endif /* do the header */ l = (p - d); - ssl_set_handshake_header(s, SSL3_MT_SERVER_HELLO, l); + if(!ssl_set_handshake_header(s, SSL3_MT_SERVER_HELLO, l)) { + SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR); + return -1; + } s->state = SSL3_ST_SW_SRVR_HELLO_B; } @@ -1512,7 +1516,10 @@ int ssl3_send_server_done(SSL *s) { if (s->state == SSL3_ST_SW_SRVR_DONE_A) { - ssl_set_handshake_header(s, SSL3_MT_SERVER_DONE, 0); + if(!ssl_set_handshake_header(s, SSL3_MT_SERVER_DONE, 0)) { + SSLerr(SSL_F_SSL3_SEND_SERVER_DONE, ERR_R_INTERNAL_ERROR); + return -1; + } s->state = SSL3_ST_SW_SRVR_DONE_B; } @@ -1959,7 +1966,11 @@ int ssl3_send_server_key_exchange(SSL *s) } } - ssl_set_handshake_header(s, SSL3_MT_SERVER_KEY_EXCHANGE, n); + if(!ssl_set_handshake_header(s, SSL3_MT_SERVER_KEY_EXCHANGE, n)) { + al = SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + goto f_err; + } } s->state = SSL3_ST_SW_KEY_EXCH_B; @@ -2037,7 +2048,10 @@ int ssl3_send_certificate_request(SSL *s) p = ssl_handshake_start(s) + off; s2n(nl, p); - ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_REQUEST, n); + if(!ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_REQUEST, n)) { + SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR); + return -1; + } s->state = SSL3_ST_SW_CERT_REQ_B; } @@ -2154,10 +2168,7 @@ int ssl3_get_client_key_exchange(SSL *s) * fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1 */ - /* - * should be RAND_bytes, but we cannot work around a failure. - */ - if (RAND_pseudo_bytes(rand_premaster_secret, + if (RAND_bytes(rand_premaster_secret, sizeof(rand_premaster_secret)) <= 0) goto err; decrypt_len = @@ -2227,6 +2238,11 @@ int ssl3_get_client_key_exchange(SSL *s) sizeof (rand_premaster_secret)); OPENSSL_cleanse(p, sizeof(rand_premaster_secret)); + if(s->session->master_key_length < 0) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + goto f_err; + } } else #endif #ifndef OPENSSL_NO_DH @@ -2319,6 +2335,11 @@ int ssl3_get_client_key_exchange(SSL *s) session->master_key, p, i); OPENSSL_cleanse(p, i); + if(s->session->master_key_length < 0) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + goto f_err; + } if (dh_clnt) return 2; } else @@ -2484,6 +2505,11 @@ int ssl3_get_client_key_exchange(SSL *s) s-> session->master_key, pms, outl); + if(s->session->master_key_length < 0) { + al = SSL_INTERNAL_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + goto f_err; + } if (kssl_ctx->client_princ) { size_t len = strlen(kssl_ctx->client_princ); @@ -2632,6 +2658,11 @@ int ssl3_get_client_key_exchange(SSL *s) p, i); OPENSSL_cleanse(p, i); + if(s->session->master_key_length < 0) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + goto f_err; + } return (ret); } else #endif @@ -2716,6 +2747,11 @@ int ssl3_get_client_key_exchange(SSL *s) session->master_key, psk_or_pre_ms, pre_ms_len); + if(s->session->master_key_length < 0) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + goto psk_err; + } psk_err = 0; psk_err: OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms)); @@ -2817,6 +2853,11 @@ int ssl3_get_client_key_exchange(SSL *s) s-> session->master_key, premaster_secret, 32); + if(s->session->master_key_length < 0) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + goto f_err; + } /* Check if pubkey from client certificate was used */ if (EVP_PKEY_CTX_ctrl (pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0) @@ -2845,8 +2886,7 @@ int ssl3_get_client_key_exchange(SSL *s) #ifndef OPENSSL_NO_EC EVP_PKEY_free(clnt_pub_pkey); EC_POINT_free(clnt_ecpoint); - if (srvr_ecdh != NULL) - EC_KEY_free(srvr_ecdh); + EC_KEY_free(srvr_ecdh); BN_CTX_free(bn_ctx); #endif return (-1); @@ -3387,10 +3427,11 @@ int ssl3_send_newsession_ticket(SSL *s) /* Now write out lengths: p points to end of data written */ /* Total length */ len = p - ssl_handshake_start(s); - ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET, len); /* Skip ticket lifetime hint */ p = ssl_handshake_start(s) + 4; s2n(len - 6, p); + if(!ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET, len)) + goto err; s->state = SSL3_ST_SW_SESSION_TICKET_B; OPENSSL_free(senc); }