X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Ft1_lib.c;h=9be7347b56392a6c5d3f16e2aa40f9ecc5e554e6;hb=132536f96e1baba466baa7323c0d74bd7948dd5b;hp=8fb26a4c8d2eac0326e14e61eb9a6b19034e37df;hpb=50e735f9e5d220cdad7db690188b82a69ddcb39e;p=oweals%2Fopenssl.git diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 8fb26a4c8d..9be7347b56 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -596,6 +596,8 @@ static int nid_cb(const char *elem, int len, void *arg) size_t i; int nid; char etmp[20]; + if (elem == NULL) + return 0; if (narg->nidcnt == MAX_CURVELIST) return 0; if (len > (int)(sizeof(etmp) - 1)) @@ -904,17 +906,11 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md) tlsext_sigalg_ecdsa(md) static const unsigned char tls12_sigalgs[] = { -# ifndef OPENSSL_NO_SHA512 tlsext_sigalg(TLSEXT_hash_sha512) tlsext_sigalg(TLSEXT_hash_sha384) -# endif -# ifndef OPENSSL_NO_SHA256 tlsext_sigalg(TLSEXT_hash_sha256) tlsext_sigalg(TLSEXT_hash_sha224) -# endif -# ifndef OPENSSL_NO_SHA tlsext_sigalg(TLSEXT_hash_sha1) -# endif }; # ifndef OPENSSL_NO_ECDSA @@ -1339,22 +1335,6 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, s2n(salglen, etmp); ret += salglen; } -# ifdef TLSEXT_TYPE_opaque_prf_input - if (s->s3->client_opaque_prf_input != NULL) { - size_t col = s->s3->client_opaque_prf_input_len; - - if ((long)(limit - ret - 6 - col) < 0) - return NULL; - if (col > 0xFFFD) /* can't happen */ - return NULL; - - s2n(TLSEXT_TYPE_opaque_prf_input, ret); - s2n(col + 2, ret); - s2n(col, ret); - memcpy(ret, s->s3->client_opaque_prf_input, col); - ret += col; - } -# endif if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) { int i; @@ -1605,22 +1585,6 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, s2n(TLSEXT_TYPE_status_request, ret); s2n(0, ret); } -# ifdef TLSEXT_TYPE_opaque_prf_input - if (s->s3->server_opaque_prf_input != NULL) { - size_t sol = s->s3->server_opaque_prf_input_len; - - if ((long)(limit - ret - 6 - sol) < 0) - return NULL; - if (sol > 0xFFFD) /* can't happen */ - return NULL; - - s2n(TLSEXT_TYPE_opaque_prf_input, ret); - s2n(sol + 2, ret); - s2n(sol, ret); - memcpy(ret, s->s3->server_opaque_prf_input, sol); - ret += sol; - } -# endif # ifndef OPENSSL_NO_SRTP if (SSL_IS_DTLS(s) && s->srtp_profile) { @@ -2158,37 +2122,6 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, # endif } # endif /* OPENSSL_NO_EC */ -# ifdef TLSEXT_TYPE_opaque_prf_input - else if (type == TLSEXT_TYPE_opaque_prf_input) { - unsigned char *sdata = data; - - if (size < 2) { - *al = SSL_AD_DECODE_ERROR; - return 0; - } - n2s(sdata, s->s3->client_opaque_prf_input_len); - if (s->s3->client_opaque_prf_input_len != size - 2) { - *al = SSL_AD_DECODE_ERROR; - return 0; - } - - if (s->s3->client_opaque_prf_input != NULL) { - /* shouldn't really happen */ - OPENSSL_free(s->s3->client_opaque_prf_input); - } - - /* dummy byte just to get non-NULL */ - if (s->s3->client_opaque_prf_input_len == 0) - s->s3->client_opaque_prf_input = OPENSSL_malloc(1); - else - s->s3->client_opaque_prf_input = - BUF_memdup(sdata, s->s3->client_opaque_prf_input_len); - if (s->s3->client_opaque_prf_input == NULL) { - *al = TLS1_AD_INTERNAL_ERROR; - return 0; - } - } -# endif else if (type == TLSEXT_TYPE_session_ticket) { if (s->tls_session_ticket_ext_cb && !s->tls_session_ticket_ext_cb(s, data, size, @@ -2544,38 +2477,6 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, } s->tlsext_ticket_expected = 1; } -# ifdef TLSEXT_TYPE_opaque_prf_input - else if (type == TLSEXT_TYPE_opaque_prf_input) { - unsigned char *sdata = data; - - if (size < 2) { - *al = SSL_AD_DECODE_ERROR; - return 0; - } - n2s(sdata, s->s3->server_opaque_prf_input_len); - if (s->s3->server_opaque_prf_input_len != size - 2) { - *al = SSL_AD_DECODE_ERROR; - return 0; - } - - if (s->s3->server_opaque_prf_input != NULL) { - /* shouldn't really happen */ - OPENSSL_free(s->s3->server_opaque_prf_input); - } - if (s->s3->server_opaque_prf_input_len == 0) { - /* dummy byte just to get non-NULL */ - s->s3->server_opaque_prf_input = OPENSSL_malloc(1); - } else { - s->s3->server_opaque_prf_input = - BUF_memdup(sdata, s->s3->server_opaque_prf_input_len); - } - - if (s->s3->server_opaque_prf_input == NULL) { - *al = TLS1_AD_INTERNAL_ERROR; - return 0; - } - } -# endif else if (type == TLSEXT_TYPE_status_request) { /* * MUST be empty and only sent if we've requested a status @@ -2749,51 +2650,6 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, int ssl_prepare_clienthello_tlsext(SSL *s) { -# ifdef TLSEXT_TYPE_opaque_prf_input - { - int r = 1; - - if (s->ctx->tlsext_opaque_prf_input_callback != 0) { - r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0, - s-> - ctx->tlsext_opaque_prf_input_callback_arg); - if (!r) - return -1; - } - - if (s->tlsext_opaque_prf_input != NULL) { - if (s->s3->client_opaque_prf_input != NULL) { - /* shouldn't really happen */ - OPENSSL_free(s->s3->client_opaque_prf_input); - } - - if (s->tlsext_opaque_prf_input_len == 0) { - /* dummy byte just to get non-NULL */ - s->s3->client_opaque_prf_input = OPENSSL_malloc(1); - } else { - s->s3->client_opaque_prf_input = - BUF_memdup(s->tlsext_opaque_prf_input, - s->tlsext_opaque_prf_input_len); - } - if (s->s3->client_opaque_prf_input == NULL) { - SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT, - ERR_R_MALLOC_FAILURE); - return -1; - } - s->s3->client_opaque_prf_input_len = - s->tlsext_opaque_prf_input_len; - } - - if (r == 2) - /* - * at callback's request, insist on receiving an appropriate - * server opaque PRF input - */ - s->s3->server_opaque_prf_input_len = - s->tlsext_opaque_prf_input_len; - } -# endif - return 1; } @@ -2829,73 +2685,6 @@ static int ssl_check_clienthello_tlsext_early(SSL *s) s-> initial_ctx->tlsext_servername_arg); -# ifdef TLSEXT_TYPE_opaque_prf_input - { - /* - * This sort of belongs into ssl_prepare_serverhello_tlsext(), but we - * might be sending an alert in response to the client hello, so this - * has to happen here in ssl_check_clienthello_tlsext_early(). - */ - - int r = 1; - - if (s->ctx->tlsext_opaque_prf_input_callback != 0) { - r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0, - s-> - ctx->tlsext_opaque_prf_input_callback_arg); - if (!r) { - ret = SSL_TLSEXT_ERR_ALERT_FATAL; - al = SSL_AD_INTERNAL_ERROR; - goto err; - } - } - - if (s->s3->server_opaque_prf_input != NULL) { - /* shouldn't really happen */ - OPENSSL_free(s->s3->server_opaque_prf_input); - } - s->s3->server_opaque_prf_input = NULL; - - if (s->tlsext_opaque_prf_input != NULL) { - if (s->s3->client_opaque_prf_input != NULL && - s->s3->client_opaque_prf_input_len == - s->tlsext_opaque_prf_input_len) { - /* - * can only use this extension if we have a server opaque PRF - * input of the same length as the client opaque PRF input! - */ - - if (s->tlsext_opaque_prf_input_len == 0) { - /* dummy byte just to get non-NULL */ - s->s3->server_opaque_prf_input = OPENSSL_malloc(1); - } else { - s->s3->server_opaque_prf_input = - BUF_memdup(s->tlsext_opaque_prf_input, - s->tlsext_opaque_prf_input_len); - } - if (s->s3->server_opaque_prf_input == NULL) { - ret = SSL_TLSEXT_ERR_ALERT_FATAL; - al = SSL_AD_INTERNAL_ERROR; - goto err; - } - s->s3->server_opaque_prf_input_len = - s->tlsext_opaque_prf_input_len; - } - } - - if (r == 2 && s->s3->server_opaque_prf_input == NULL) { - /* - * The callback wants to enforce use of the extension, but we - * can't do that with the client opaque PRF input; abort the - * handshake. - */ - ret = SSL_TLSEXT_ERR_ALERT_FATAL; - al = SSL_AD_HANDSHAKE_FAILURE; - } - } - - err: -# endif switch (ret) { case SSL_TLSEXT_ERR_ALERT_FATAL: ssl3_send_alert(s, SSL3_AL_FATAL, al); @@ -3061,32 +2850,6 @@ int ssl_check_serverhello_tlsext(SSL *s) s-> initial_ctx->tlsext_servername_arg); -# ifdef TLSEXT_TYPE_opaque_prf_input - if (s->s3->server_opaque_prf_input_len > 0) { - /* - * This case may indicate that we, as a client, want to insist on - * using opaque PRF inputs. So first verify that we really have a - * value from the server too. - */ - - if (s->s3->server_opaque_prf_input == NULL) { - ret = SSL_TLSEXT_ERR_ALERT_FATAL; - al = SSL_AD_HANDSHAKE_FAILURE; - } - - /* - * Anytime the server *has* sent an opaque PRF input, we need to - * check that we have a client opaque PRF input of the same size. - */ - if (s->s3->client_opaque_prf_input == NULL || - s->s3->client_opaque_prf_input_len != - s->s3->server_opaque_prf_input_len) { - ret = SSL_TLSEXT_ERR_ALERT_FATAL; - al = SSL_AD_ILLEGAL_PARAMETER; - } - } -# endif - /* * If we've requested certificate status and we wont get one tell the * callback @@ -3316,7 +3079,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, if (memcmp(etick, tctx->tlsext_tick_key_name, 16)) return 2; HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16, - tlsext_tick_md(), NULL); + EVP_sha256(), NULL); EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, tctx->tlsext_tick_aes_key, etick + 16); } @@ -3460,25 +3223,11 @@ static const tls12_hash_info tls12_md_info[] = { # else {NID_md5, 64, EVP_md5}, # endif -# ifdef OPENSSL_NO_SHA - {NID_sha1, 80, 0}, -# else {NID_sha1, 80, EVP_sha1}, -# endif -# ifdef OPENSSL_NO_SHA256 - {NID_sha224, 112, 0}, - {NID_sha256, 128, 0}, -# else {NID_sha224, 112, EVP_sha224}, {NID_sha256, 128, EVP_sha256}, -# endif -# ifdef OPENSSL_NO_SHA512 - {NID_sha384, 192, 0}, - {NID_sha512, 256, 0} -# else {NID_sha384, 192, EVP_sha384}, {NID_sha512, 256, EVP_sha512} -# endif }; static const tls12_hash_info *tls12_get_hash_info(unsigned char hash_alg) @@ -4001,6 +3750,8 @@ static int sig_cb(const char *elem, int len, void *arg) size_t i; char etmp[20], *p; int sig_alg, hash_alg; + if (elem == NULL) + return 0; if (sarg->sigalgcnt == MAX_SIGALGLEN) return 0; if (len > (int)(sizeof(etmp) - 1))