Fix kerberos ciphersuite bugs introduced with PR:1336.

author Dr. Stephen Henson <steve@openssl.org>

Fri, 9 Mar 2007 14:06:34 +0000 (14:06 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Fri, 9 Mar 2007 14:06:34 +0000 (14:06 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Fri, 9 Mar 2007 14:06:34 +0000 (14:06 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Fri, 9 Mar 2007 14:06:34 +0000 (14:06 +0000)
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c

index 278be82294cde73236c1d9c8c4262a2b2088e4d5..d98c7f998f1459a16b19dbcdcf720803d1e17a5d 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -821,7 +821,9 @@ int ssl3_get_server_certificate(SSL *s)
  
         if (!ok) return((int)n);
  
-       if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
+       if ((s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) ||
+               ((s->s3->tmp.new_cipher->algorithms & SSL_aKRB5) && 
+               (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)))
                 {
                 s->s3->tmp.reuse_message=1;
                 return(1);
@@ -2292,18 +2294,18 @@ int ssl3_check_cert_and_algorithm(SSL *s)
  
         sc=s->session->sess_cert;
  
-       if (sc == NULL)
-               {
-               SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
-               goto err;
-               }
-
         algs=s->s3->tmp.new_cipher->algorithms;
  
         /* we don't have a certificate */
         if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5))
                 return(1);
  
+       if (sc == NULL)
+               {
+               SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
+               goto err;
+               }
+
  #ifndef OPENSSL_NO_RSA
         rsa=s->session->sess_cert->peer_rsa_tmp;
  #endif
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c

index 9414cf09fb6405d52ccba280b2116716e31c28dc..39668f499ad6d0988d0eaa94a9395f34c0f46c73 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1997,7 +1997,7 @@ int ssl3_get_client_key_exchange(SSL *s)
                                 SSL_R_DATA_LENGTH_TOO_LONG);
                         goto err;
                         }
-               if (!((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
+               if (!((pms[0] == (s->client_version>>8)) && (pms[1] == (s->client_version & 0xff))))
                     {
                     /* The premaster secret must contain the same version number as the
                      * ClientHello to detect version rollback attacks (strangely, the
@@ -2007,8 +2007,7 @@ int ssl3_get_client_key_exchange(SSL *s)
                      * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. 
                      * (Perhaps we should have a separate BUG value for the Kerberos cipher)
                      */
-                   if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
-                          (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
+                   if (!(s->options & SSL_OP_TLS_ROLLBACK_BUG))
                         {
                         SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
                                SSL_AD_DECODE_ERROR);
author	Dr. Stephen Henson <steve@openssl.org>
	Fri, 9 Mar 2007 14:06:34 +0000 (14:06 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 9 Mar 2007 14:06:34 +0000 (14:06 +0000)
ssl/s3_clnt.c		patch \| blob \| history
ssl/s3_srvr.c		patch \| blob \| history