Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
大约 1 年 前同步成功

通知 9
Star 18
Fork 1
T
Third Party Openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 d45ba43d 编写于 作者: M Matt Caswell
浏览文件
操作

Updates following review comments 

Miscellaneous updates following review comments on the version negotiation
rewrite patches.
Reviewed-by: NKurt Roeckx <kurt@openssl.org>
上级 a27e81ee
隐藏空白更改
内联 并排
Showing with 345 addition and 325 deletion
include/openssl/ssl.h
浏览文件 @ d45ba43d
......@@ -1931,14 +1931,6 @@ void ERR_load_SSL_strings(void);
# define SSL_F_DTLS1_SEND_SERVER_HELLO 266
# define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267
# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268
# define SSL_F_SSL23_ACCEPT 115
# define SSL_F_SSL23_CLIENT_HELLO 116
# define SSL_F_SSL23_CONNECT 117
# define SSL_F_SSL23_GET_CLIENT_HELLO 118
# define SSL_F_SSL23_GET_SERVER_HELLO 119
# define SSL_F_SSL23_PEEK 237
# define SSL_F_SSL23_READ 120
# define SSL_F_SSL23_WRITE 121
# define SSL_F_SSL3_ACCEPT 128
# define SSL_F_SSL3_ADD_CERT_TO_BUF 296
# define SSL_F_SSL3_CALLBACK_CTRL 233
......@@ -2076,6 +2068,7 @@ void ERR_load_SSL_strings(void);
# define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
# define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
# define SSL_F_SSL_SET_TRUST 228
# define SSL_F_SSL_SET_VERSION 347
# define SSL_F_SSL_SET_WFD 196
# define SSL_F_SSL_SHUTDOWN 224
# define SSL_F_SSL_SRP_CTX_INIT 313
......@@ -2292,7 +2285,6 @@ void ERR_load_SSL_strings(void);
# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
# define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
# define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
......
ssl/install-ssl.com
浏览文件 @ d45ba43d
......@@ -70,7 +70,7 @@ $ if f$parse("wrk_sslinclude:") .eqs. "" then -
$ if f$parse("wrk_sslxlib:") .eqs. "" then -
create /directory /log wrk_sslxlib:
$!
$ exheader := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, srtp.h
$ exheader := ssl.h, ssl2.h, ssl3.h, tls1.h, dtls1.h, srtp.h
$ libs := ssl_libssl
$!
$ xexe_dir := [-.'archd'.exe.ssl]
......
ssl/record/rec_layer_s3.c
浏览文件 @ d45ba43d
......@@ -1124,7 +1124,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
goto f_err;
}
if(s->version == TLS_ANY_VERSION
if(s->method->version == TLS_ANY_VERSION
&& (s->server || rr->type != SSL3_RT_ALERT)) {
/*
* If we've got this far and still haven't decided on what version
......@@ -1493,11 +1493,18 @@ void ssl3_record_sequence_update(unsigned char *seq)
}
}
/*
* Returns true if the current rrec was sent in SSLv2 backwards compatible
* format and false otherwise.
*/
int RECORD_LAYER_is_sslv2_record(RECORD_LAYER *rl)
{
return SSL3_RECORD_is_sslv2_record(&rl->rrec);
}
/*
* Returns the length in bytes of the current rrec
*/
int RECORD_LAYER_get_rrec_length(RECORD_LAYER *rl)
{
return SSL3_RECORD_get_length(&rl->rrec);
......
ssl/record/ssl3_record.c
浏览文件 @ d45ba43d
......@@ -220,16 +220,13 @@ int ssl3_get_record(SSL *s)
/*
* Check whether this is a regular record or an SSLv2 style record. The
* latter is only used in an initial ClientHello for old clients.
* latter is only used in an initial ClientHello for old clients. We
* check s->read_hash and s->enc_read_ctx to ensure this does not apply
* during renegotiation
*/
if (s->first_packet && s->server && !s->read_hash && !s->enc_read_ctx
&& (p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) {
/* SSLv2 style record */
if (s->msg_callback)
s->msg_callback(0, SSL2_VERSION, 0, p + 2,
RECORD_LAYER_get_packet_length(&s->rlayer) - 2,
s, s->msg_callback_arg);
rr->type = SSL3_RT_HANDSHAKE;
rr->rec_version = SSL2_VERSION;
......@@ -262,19 +259,16 @@ int ssl3_get_record(SSL *s)
n2s(p, rr->length);
/* Lets check version */
if (!s->first_packet) {
if (version != s->version
&& s->method->version != TLS_ANY_VERSION) {
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);
if ((s->version & 0xFF00) == (version & 0xFF00)
&& !s->enc_write_ctx && !s->write_hash)
/*
* Send back error using their minor version number :-)
*/
s->version = (unsigned short)version;
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
if (!s->first_packet && version != s->version) {
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);
if ((s->version & 0xFF00) == (version & 0xFF00)
&& !s->enc_write_ctx && !s->write_hash)
/*
* Send back error using their minor version number :-)
*/
s->version = (unsigned short)version;
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
if ((version >> 8) != SSL3_VERSION_MAJOR) {
......@@ -309,15 +303,6 @@ int ssl3_get_record(SSL *s)
n = ssl3_read_n(s, i, i, 1);
if (n <= 0)
return (n); /* error or non-blocking io */
/*
* now n == rr->length, and
* s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length
* or
* s->packet_length == SSL2_RT_HEADER_LENGTH + rr->length
* (if SSLv2 packet)
*/
} else {
n = 0;
}
/* set state for later operations */
......
ssl/s3_both.c
浏览文件 @ d45ba43d
......@@ -363,7 +363,8 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
p = (unsigned char *)s->init_buf->data;
if (s->state == st1) { /* s->init_num < 4 */
if (s->state == st1) {
/* s->init_num < SSL3_HM_HEADER_LENGTH */
int skip_message;
do {
......@@ -393,12 +394,11 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
if (s->msg_callback)
s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
p, 4, s, s->msg_callback_arg);
p, SSL3_HM_HEADER_LENGTH, s,
s->msg_callback_arg);
}
}
while (skip_message);
/* s->init_num == 4 */
} while (skip_message);
/* s->init_num == SSL3_HM_HEADER_LENGTH */
if ((mt >= 0) && (*p != mt)) {
al = SSL_AD_UNEXPECTED_MESSAGE;
......@@ -441,7 +441,8 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE);
goto f_err;
}
if (l && !BUF_MEM_grow_clean(s->init_buf, (int)l + 4)) {
if (l && !BUF_MEM_grow_clean(s->init_buf,
(int)l + SSL3_HM_HEADER_LENGTH)) {
SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB);
goto err;
}
......@@ -480,12 +481,6 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
/* Feed this message into MAC computation. */
if(RECORD_LAYER_is_sslv2_record(&s->rlayer)) {
ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num);
/*
* In previous versions we would have rewritten the SSLv2 record into
* something that looked like a SSLv3+ record and passed that to the
* callback. As we're not doing the rewriting anymore it's not clear
* what we should do here.
*/
if (s->msg_callback)
s->msg_callback(0, SSL2_VERSION, 0, s->init_buf->data,
(size_t)s->init_num, s, s->msg_callback_arg);
......
ssl/s3_clnt.c
浏览文件 @ d45ba43d
......@@ -163,10 +163,15 @@
# include <openssl/engine.h>
#endif
static int ssl_set_version(SSL *s);
static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b);
#ifndef OPENSSL_NO_TLSEXT
static int ssl3_check_finished(SSL *s);
#endif
static int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
unsigned char *p,
int (*put_cb) (const SSL_CIPHER *,
unsigned char *));
#ifndef OPENSSL_NO_SSL3_METHOD
static const SSL_METHOD *ssl3_get_client_method(int ver)
......@@ -242,7 +247,8 @@ int ssl3_connect(SSL *s)
goto end;
}
if (!ssl_security(s, SSL_SECOP_VERSION, 0, s->version, NULL)) {
if (s->version != TLS_ANY_VERSION &&
!ssl_security(s, SSL_SECOP_VERSION, 0, s->version, NULL)) {
SSLerr(SSL_F_SSL3_CONNECT, SSL_R_VERSION_TOO_LOW);
return -1;
}
......@@ -669,6 +675,105 @@ int ssl3_connect(SSL *s)
return (ret);
}
/*
* Work out what version we should be using for the initial ClientHello if
* the version is currently set to (D)TLS_ANY_VERSION.
* Returns 1 on success
* Returns 0 on error
*/
static int ssl_set_version(SSL *s)
{
unsigned long mask, options = s->options;
if (s->method->version == TLS_ANY_VERSION) {
/*
* SSL_OP_NO_X disables all protocols above X *if* there are
* some protocols below X enabled. This is required in order
* to maintain "version capability" vector contiguous. So
* that if application wants to disable TLS1.0 in favour of
* TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
* answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3.
*/
mask = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1
#if !defined(OPENSSL_NO_SSL3)
| SSL_OP_NO_SSLv3
#endif
;
#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
if (options & SSL_OP_NO_TLSv1_2) {
if ((options & mask) != mask) {
s->version = TLS1_1_VERSION;
} else {
SSLerr(SSL_F_SSL_SET_VERSION, SSL_R_NO_PROTOCOLS_AVAILABLE);
return 0;
}
} else {
s->version = TLS1_2_VERSION;
}
#else
if ((options & mask) == mask) {
SSLerr(SSL_F_SSL_SET_VERSION, SSL_R_NO_PROTOCOLS_AVAILABLE);
return 0;
}
s->version = TLS1_1_VERSION;
#endif
mask &= ~SSL_OP_NO_TLSv1_1;
if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
s->version = TLS1_VERSION;
mask &= ~SSL_OP_NO_TLSv1;
#if !defined(OPENSSL_NO_SSL3)
if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
s->version = SSL3_VERSION;
#endif
if (s->version != TLS1_2_VERSION && tls1_suiteb(s)) {
SSLerr(SSL_F_SSL_SET_VERSION,
SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
return 0;
}
if (s->version == SSL3_VERSION && FIPS_mode()) {
SSLerr(SSL_F_SSL_SET_VERSION, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
return 0;
}
} else if (s->method->version == DTLS_ANY_VERSION) {
/* Determine which DTLS version to use */
/* If DTLS 1.2 disabled correct the version number */
if (options & SSL_OP_NO_DTLSv1_2) {
if (tls1_suiteb(s)) {
SSLerr(SSL_F_SSL_SET_VERSION,
SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
return 0;
}
/*
* Disabling all versions is silly: return an error.
*/
if (options & SSL_OP_NO_DTLSv1) {
SSLerr(SSL_F_SSL_SET_VERSION, SSL_R_WRONG_SSL_VERSION);
return 0;
}
/*
* Update method so we don't use any DTLS 1.2 features.
*/
s->method = DTLSv1_client_method();
s->version = DTLS1_VERSION;
} else {
/*
* We only support one version: update method
*/
if (options & SSL_OP_NO_DTLSv1)
s->method = DTLSv1_2_client_method();
s->version = DTLS1_2_VERSION;
}
}
s->client_version = s->version;
return 1;
}
int ssl3_client_hello(SSL *s)
{
unsigned char *buf;
......@@ -680,75 +785,14 @@ int ssl3_client_hello(SSL *s)
int j;
SSL_COMP *comp;
#endif
unsigned long mask, options = s->options;
buf = (unsigned char *)s->init_buf->data;
if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
SSL_SESSION *sess = s->session;
if (s->method->version == TLS_ANY_VERSION ) {
/*
* SSL_OP_NO_X disables all protocols above X *if* there are
* some protocols below X enabled. This is required in order
* to maintain "version capability" vector contiguous. So
* that if application wants to disable TLS1.0 in favour of
* TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
* answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3.
*/
mask = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1
#if !defined(OPENSSL_NO_SSL3)
| SSL_OP_NO_SSLv3
#endif
;
#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
s->version = TLS1_2_VERSION;
if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
s->version = TLS1_1_VERSION;
#else
s->version = TLS1_1_VERSION;
#endif
mask &= ~SSL_OP_NO_TLSv1_1;
if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
s->version = TLS1_VERSION;
mask &= ~SSL_OP_NO_TLSv1;
#if !defined(OPENSSL_NO_SSL3)
if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
s->version = SSL3_VERSION;
mask &= ~SSL_OP_NO_SSLv3;
#endif
s->client_version = s->version;
} else if (s->method->version == DTLS_ANY_VERSION) {
/* Determine which DTLS version to use */
/* If DTLS 1.2 disabled correct the version number */
if (options & SSL_OP_NO_DTLSv1_2) {
if (tls1_suiteb(s)) {
SSLerr(SSL_F_SSL3_CLIENT_HELLO,
SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
goto err;
}
/*
* Disabling all versions is silly: return an error.
*/
if (options & SSL_OP_NO_DTLSv1) {
SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_WRONG_SSL_VERSION);
goto err;
}
/*
* Update method so we don't use any DTLS 1.2 features.
*/
s->method = DTLSv1_client_method();
s->version = DTLS1_VERSION;
} else {
/*
* We only support one version: update method
*/
if (options & SSL_OP_NO_DTLSv1)
s->method = DTLSv1_2_client_method();
s->version = DTLS1_2_VERSION;
}
s->client_version = s->version;
}
/* Work out what SSL/TLS/DTLS version to use */
if (ssl_set_version(s) == 0)
goto err;
if ((sess == NULL) || (sess->ssl_version != s->version) ||
#ifdef OPENSSL_NO_TLSEXT
......@@ -981,7 +1025,8 @@ int ssl3_get_server_hello(SSL *s)
if (FIPS_mode()) {
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
goto err;
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
s->method = SSLv3_client_method();
} else
......@@ -996,13 +1041,15 @@ int ssl3_get_server_hello(SSL *s)
s->method = TLSv1_2_client_method();
} else {
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
goto err;
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
s->session->ssl_version = s->version = s->method->version;
if (!ssl_security(s, SSL_SECOP_VERSION, 0, s->version, NULL)) {
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_VERSION_TOO_LOW);
goto err;
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
} else if (s->method->version == DTLS_ANY_VERSION) {
/* Work out correct protocol version to use */
......@@ -3512,3 +3559,65 @@ int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
i = s->ctx->client_cert_cb(s, px509, ppkey);
return i;
}
int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
unsigned char *p,
int (*put_cb) (const SSL_CIPHER *,
unsigned char *))
{
int i, j = 0;
SSL_CIPHER *c;
unsigned char *q;
int empty_reneg_info_scsv = !s->renegotiate;
/* Set disabled masks for this session */
ssl_set_client_disabled(s);
if (sk == NULL)
return (0);
q = p;
if (put_cb == NULL)
put_cb = s->method->put_cipher_by_char;
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
c = sk_SSL_CIPHER_value(sk, i);
/* Skip disabled ciphers */
if (ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED))
continue;
#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
if (c->id == SSL3_CK_SCSV) {
if (!empty_reneg_info_scsv)
continue;
else
empty_reneg_info_scsv = 0;
}
#endif
j = put_cb(c, p);
p += j;
}
/*
* If p == q, no ciphers; caller indicates an error. Otherwise, add
* applicable SCSVs.
*/
if (p != q) {
if (empty_reneg_info_scsv) {
static SSL_CIPHER scsv = {
0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
j = put_cb(&scsv, p);
p += j;
#ifdef OPENSSL_RI_DEBUG
fprintf(stderr,
"TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
#endif
}
if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
static SSL_CIPHER scsv = {
0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
j = put_cb(&scsv, p);
p += j;
}
}
return (p - q);
}
ssl/s3_srvr.c
浏览文件 @ d45ba43d
......@@ -164,6 +164,9 @@
#include <openssl/bn.h>
#include <openssl/md5.h>
static STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
int num, STACK_OF(SSL_CIPHER) **skp, int sslv2format);
#ifndef OPENSSL_NO_SSL3_METHOD
static const SSL_METHOD *ssl3_get_server_method(int ver);
......@@ -901,7 +904,7 @@ int ssl3_get_client_hello(SSL *s)
unsigned char *p, *d;
SSL_CIPHER *c;
#ifndef OPENSSL_NO_COMP
unsigned char *q;
unsigned char *q = NULL;
SSL_COMP *comp = NULL;
#endif
STACK_OF(SSL_CIPHER) *ciphers = NULL;
......@@ -960,9 +963,8 @@ int ssl3_get_client_hello(SSL *s)
* layer in order to have determined that this is a SSLv2 record
* in the first place
*/
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
goto f_err;
goto err;
}
if ((p[1] == 0x00) && (p[2] == 0x02)) {
......@@ -1002,11 +1004,7 @@ int ssl3_get_client_hello(SSL *s)
&& (((s->client_version >> 8) & 0xff) == SSL3_VERSION_MAJOR)) {
protverr = 0;
}
} else {
/*
* We already know that this is an SSL3_VERSION_MAJOR protocol,
* so we're just testing the minor versions here
*/
} else if (((s->client_version >> 8) & 0xff) == SSL3_VERSION_MAJOR) {
switch(s->client_version) {
default:
case TLS1_2_VERSION:
......@@ -3556,3 +3554,119 @@ int ssl3_get_next_proto(SSL *s)
# endif
#endif
#define SSLV2_CIPHER_LEN 3
STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
int num,
STACK_OF(SSL_CIPHER) **skp,
int sslv2format)
{
const SSL_CIPHER *c;
STACK_OF(SSL_CIPHER) *sk;
int i, n;
if (s->s3)
s->s3->send_connection_binding = 0;
if(sslv2format) {
n = SSLV2_CIPHER_LEN;
} else {
n = ssl_put_cipher_by_char(s, NULL, NULL);
}
if (n == 0 || (num % n) != 0) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
return (NULL);
}
if ((skp == NULL) || (*skp == NULL)) {
sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
if(sk == NULL) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
return NULL;
}
} else {
sk = *skp;
sk_SSL_CIPHER_zero(sk);
}
OPENSSL_free(s->cert->ciphers_raw);
s->cert->ciphers_raw = BUF_memdup(p, num);
if (s->cert->ciphers_raw == NULL) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
goto err;
}
s->cert->ciphers_rawlen = (size_t)num;
for (i = 0; i < num; i += n) {
/* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
if (s->s3 && (n != 3 || !p[0]) &&
(p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
(p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
/* SCSV fatal if renegotiating */
if (s->renegotiate) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
goto err;
}
s->s3->send_connection_binding = 1;
p += n;
#ifdef OPENSSL_RI_DEBUG
fprintf(stderr, "SCSV received by server\n");
#endif
continue;
}
/* Check for TLS_FALLBACK_SCSV */
if ((n != 3 || !p[0]) &&
(p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
(p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) {
/*
* The SCSV indicates that the client previously tried a higher
* version. Fail if the current version is an unexpected
* downgrade.
*/
if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
SSL_R_INAPPROPRIATE_FALLBACK);
if (s->s3)
ssl3_send_alert(s, SSL3_AL_FATAL,
SSL_AD_INAPPROPRIATE_FALLBACK);
goto err;
}
p += n;
continue;
}
if(sslv2format) {
/*
* We only support SSLv2 format ciphers in SSLv3+ using a
* SSLv2 backward compatible ClientHello. In this case the first
* byte is always 0 for SSLv3 compatible ciphers. Anything else
* is an SSLv2 cipher and we ignore it
*/
if(p[0] == 0)
c = ssl_get_cipher_by_char(s, &p[1]);
else
c = NULL;
} else {
c = ssl_get_cipher_by_char(s, p);
}
p += n;
if (c != NULL) {
if (!sk_SSL_CIPHER_push(sk, c)) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
goto err;
}
}
}
if (skp != NULL)
*skp = sk;
return (sk);
err:
if ((skp == NULL) || (*skp == NULL))
sk_SSL_CIPHER_free(sk);
return (NULL);
}
ssl/ssl_err.c
浏览文件 @ d45ba43d
......@@ -111,14 +111,6 @@ static ERR_STRING_DATA SSL_str_functs[] = {
{ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE),
"dtls1_send_server_key_exchange"},
{ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "dtls1_write_app_data_bytes"},
{ERR_FUNC(SSL_F_SSL23_ACCEPT), "ssl23_accept"},
{ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO), "SSL23_CLIENT_HELLO"},
{ERR_FUNC(SSL_F_SSL23_CONNECT), "ssl23_connect"},
{ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO), "SSL23_GET_CLIENT_HELLO"},
{ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO), "SSL23_GET_SERVER_HELLO"},
{ERR_FUNC(SSL_F_SSL23_PEEK), "ssl23_peek"},
{ERR_FUNC(SSL_F_SSL23_READ), "ssl23_read"},
{ERR_FUNC(SSL_F_SSL23_WRITE), "ssl23_write"},
{ERR_FUNC(SSL_F_SSL3_ACCEPT), "ssl3_accept"},
{ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
{ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"},
......@@ -297,6 +289,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
{ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT), "SSL_set_session_id_context"},
{ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT), "SSL_set_session_ticket_ext"},
{ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
{ERR_FUNC(SSL_F_SSL_SET_VERSION), "SSL_SET_VERSION"},
{ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
{ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
{ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
......@@ -564,8 +557,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
"srtp protection profile list too long"},
{ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
"srtp unknown protection profile"},
{ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),
"ssl23 doing session id reuse"},
{ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),
"ssl3 ext invalid ecpointformat"},
{ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),
......
ssl/ssl_lib.c
浏览文件 @ d45ba43d
......@@ -1394,184 +1394,6 @@ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
return (buf);
}
int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
unsigned char *p,
int (*put_cb) (const SSL_CIPHER *,
unsigned char *))
{
int i, j = 0;
SSL_CIPHER *c;
unsigned char *q;
int empty_reneg_info_scsv = !s->renegotiate;
/* Set disabled masks for this session */
ssl_set_client_disabled(s);
if (sk == NULL)
return (0);
q = p;
if (put_cb == NULL)
put_cb = s->method->put_cipher_by_char;
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
c = sk_SSL_CIPHER_value(sk, i);
/* Skip disabled ciphers */
if (ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED))
continue;
#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
if (c->id == SSL3_CK_SCSV) {
if (!empty_reneg_info_scsv)
continue;
else
empty_reneg_info_scsv = 0;
}
#endif
j = put_cb(c, p);
p += j;
}
/*
* If p == q, no ciphers; caller indicates an error. Otherwise, add
* applicable SCSVs.
*/
if (p != q) {
if (empty_reneg_info_scsv) {
static SSL_CIPHER scsv = {
0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
j = put_cb(&scsv, p);
p += j;
#ifdef OPENSSL_RI_DEBUG
fprintf(stderr,
"TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
#endif
}
if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
static SSL_CIPHER scsv = {
0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
j = put_cb(&scsv, p);
p += j;
}
}
return (p - q);
}
#define SSLV2_CIPHER_LEN 3
STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
int num,
STACK_OF(SSL_CIPHER) **skp,
int sslv2format)
{
const SSL_CIPHER *c;
STACK_OF(SSL_CIPHER) *sk;
int i, n;
if (s->s3)
s->s3->send_connection_binding = 0;
if(sslv2format) {
n = SSLV2_CIPHER_LEN;
} else {
n = ssl_put_cipher_by_char(s, NULL, NULL);
}
if (n == 0 || (num % n) != 0) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
return (NULL);
}
if ((skp == NULL) || (*skp == NULL)) {
sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
if(sk == NULL) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
return NULL;
}
} else {
sk = *skp;
sk_SSL_CIPHER_zero(sk);
}
OPENSSL_free(s->cert->ciphers_raw);
s->cert->ciphers_raw = BUF_memdup(p, num);
if (s->cert->ciphers_raw == NULL) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
goto err;
}
s->cert->ciphers_rawlen = (size_t)num;
for (i = 0; i < num; i += n) {
/* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
if (s->s3 && (n != 3 || !p[0]) &&
(p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
(p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
/* SCSV fatal if renegotiating */
if (s->renegotiate) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
goto err;
}
s->s3->send_connection_binding = 1;
p += n;
#ifdef OPENSSL_RI_DEBUG
fprintf(stderr, "SCSV received by server\n");
#endif
continue;
}
/* Check for TLS_FALLBACK_SCSV */
if ((n != 3 || !p[0]) &&
(p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
(p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) {
/*
* The SCSV indicates that the client previously tried a higher
* version. Fail if the current version is an unexpected
* downgrade.
*/
if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
SSL_R_INAPPROPRIATE_FALLBACK);
if (s->s3)
ssl3_send_alert(s, SSL3_AL_FATAL,
SSL_AD_INAPPROPRIATE_FALLBACK);
goto err;
}
p += n;
continue;
}
if(sslv2format) {
/*
* We only support SSLv2 format ciphers in SSLv3+ using a
* SSLv2 backward compatible ClientHello. In this case the first
* byte is always 0 for SSLv3 compatible ciphers. Anything else
* is an SSLv2 cipher and we ignore it
*/
if(p[0] == 0)
c = ssl_get_cipher_by_char(s, &p[1]);
else
c = NULL;
} else {
c = ssl_get_cipher_by_char(s, p);
}
p += n;
if (c != NULL) {
if (!sk_SSL_CIPHER_push(sk, c)) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
goto err;
}
}
}
if (skp != NULL)
*skp = sk;
return (sk);
err:
if ((skp == NULL) || (*skp == NULL))
sk_SSL_CIPHER_free(sk);
return (NULL);
}
#ifndef OPENSSL_NO_TLSEXT
/** return a servername extension value if provided in Client Hello, or NULL.
* So far, only host_name types are defined (RFC 3546).
......
ssl/ssl_locl.h
浏览文件 @ d45ba43d
......@@ -1882,14 +1882,6 @@ __owur int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
__owur int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
const SSL_CIPHER *const *bp);
__owur STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
int num,
STACK_OF(SSL_CIPHER) **skp,
int sslv2format);
__owur int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
unsigned char *p,
int (*put_cb) (const SSL_CIPHER *,
unsigned char *));
__owur STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
STACK_OF(SSL_CIPHER) **pref,
STACK_OF(SSL_CIPHER) **sorted,
......
ssl/t1_clnt.c
浏览文件 @ d45ba43d
......@@ -67,13 +67,17 @@ static const SSL_METHOD *tls1_get_client_method(int ver);
static const SSL_METHOD *tls1_get_client_method(int ver)
{
if (ver == TLS_ANY_VERSION)
return TLS_server_method();
return TLS_client_method();
if (ver == TLS1_2_VERSION)
return TLSv1_2_client_method();
if (ver == TLS1_1_VERSION)
return TLSv1_1_client_method();
if (ver == TLS1_VERSION)
return TLSv1_client_method();
#ifndef OPENSSL_NO_SSL3
if (ver == SSL3_VERSION)
return (SSLv3_client_method());
#endif
return NULL;
}
......
ssl/t1_meth.c
浏览文件 @ d45ba43d
......@@ -70,6 +70,11 @@ static const SSL_METHOD *tls1_get_method(int ver)
return TLSv1_1_method();
if (ver == TLS1_VERSION)
return TLSv1_method();
#ifndef OPENSSL_NO_SSL3
if (ver == SSL3_VERSION)
return (SSLv3_method());
else
#endif
return NULL;
}
......
ssl/t1_srvr.c
浏览文件 @ d45ba43d
......@@ -75,6 +75,10 @@ static const SSL_METHOD *tls1_get_server_method(int ver)
return TLSv1_1_server_method();
if (ver == TLS1_VERSION)
return TLSv1_server_method();
#ifndef OPENSSL_NO_SSL3
if (ver == SSL3_VERSION)
return (SSLv3_server_method());
#endif
return NULL;
}
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册