diff options
Diffstat (limited to 'deps/openssl/openssl/ssl')
| -rw-r--r-- | deps/openssl/openssl/ssl/record/rec_layer_d1.c | 64 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/record/rec_layer_s3.c | 2 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/record/ssl3_record.c | 14 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/ssl_ciph.c | 5 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/ssl_conf.c | 5 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/ssl_init.c | 13 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/ssl_lib.c | 41 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/ssl_locl.h | 9 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/ssl_mcnf.c | 142 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/ssl_sess.c | 8 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/ssl_txt.c | 16 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/statem/README | 1 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/statem/statem.c | 4 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/statem/statem_clnt.c | 17 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/statem/statem_dtls.c | 3 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/statem/statem_lib.c | 25 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/statem/statem_srvr.c | 45 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/t1_lib.c | 50 | ||||
| -rw-r--r-- | deps/openssl/openssl/ssl/t1_trce.c | 17 |
19 files changed, 280 insertions, 201 deletions
diff --git a/deps/openssl/openssl/ssl/record/rec_layer_d1.c b/deps/openssl/openssl/ssl/record/rec_layer_d1.c index b3ff5f1fbf..6111a2e191 100644 --- a/deps/openssl/openssl/ssl/record/rec_layer_d1.c +++ b/deps/openssl/openssl/ssl/record/rec_layer_d1.c @@ -423,6 +423,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, /* get new packet if necessary */ if ((SSL3_RECORD_get_length(rr) == 0) || (s->rlayer.rstate == SSL_ST_READ_BODY)) { + RECORD_LAYER_set_numrpipes(&s->rlayer, 0); ret = dtls1_get_record(s); if (ret <= 0) { ret = dtls1_read_failed(s, ret); @@ -432,6 +433,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, else goto start; } + RECORD_LAYER_set_numrpipes(&s->rlayer, 1); } /* @@ -442,6 +444,19 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, && SSL3_RECORD_get_length(rr) != 0) s->rlayer.alert_count = 0; + if (SSL3_RECORD_get_type(rr) != SSL3_RT_HANDSHAKE + && SSL3_RECORD_get_type(rr) != SSL3_RT_CHANGE_CIPHER_SPEC + && !SSL_in_init(s) + && (s->d1->next_timeout.tv_sec != 0 + || s->d1->next_timeout.tv_usec != 0)) { + /* + * The timer is still running but we've received something that isn't + * handshake data - so the peer must have finished processing our + * last handshake flight. Stop the timer. + */ + dtls1_stop_timer(s); + } + /* we now have a packet which can be read and processed */ if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec, @@ -458,6 +473,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, return -1; } SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); goto start; } @@ -467,8 +483,9 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, */ if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); s->rwstate = SSL_NOTHING; - return (0); + return 0; } if (type == SSL3_RECORD_get_type(rr) @@ -493,8 +510,16 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, if (recvd_type != NULL) *recvd_type = SSL3_RECORD_get_type(rr); - if (len <= 0) - return (len); + if (len <= 0) { + /* + * Mark a zero length record as read. This ensures multiple calls to + * SSL_read() with a zero length buffer will eventually cause + * SSL_pending() to report data as being available. + */ + if (SSL3_RECORD_get_length(rr) == 0) + SSL3_RECORD_set_read(rr); + return len; + } if ((unsigned int)len > SSL3_RECORD_get_length(rr)) n = SSL3_RECORD_get_length(rr); @@ -502,12 +527,16 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, n = (unsigned int)len; memcpy(buf, &(SSL3_RECORD_get_data(rr)[SSL3_RECORD_get_off(rr)]), n); - if (!peek) { + if (peek) { + if (SSL3_RECORD_get_length(rr) == 0) + SSL3_RECORD_set_read(rr); + } else { SSL3_RECORD_sub_length(rr, n); SSL3_RECORD_add_off(rr, n); if (SSL3_RECORD_get_length(rr) == 0) { s->rlayer.rstate = SSL_ST_READ_HEADER; SSL3_RECORD_set_off(rr, 0); + SSL3_RECORD_set_read(rr); } } #ifndef OPENSSL_NO_SCTP @@ -558,6 +587,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, } /* Exit and notify application to read again */ SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); s->rwstate = SSL_READING; BIO_clear_retry_flags(SSL_get_rbio(s)); BIO_set_retry_read(SSL_get_rbio(s)); @@ -602,6 +632,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, #endif s->rlayer.rstate = SSL_ST_READ_HEADER; SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); goto start; } @@ -611,6 +642,8 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, SSL3_RECORD_add_off(rr, 1); SSL3_RECORD_add_length(rr, -1); } + if (SSL3_RECORD_get_length(rr) == 0) + SSL3_RECORD_set_read(rr); *dest_len = dest_maxlen; } } @@ -681,6 +714,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, } } else { SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION); } /* @@ -705,6 +739,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, || (s->options & SSL_OP_NO_RENEGOTIATION) != 0)) { s->rlayer.d->handshake_fragment_len = 0; SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION); goto start; } @@ -732,6 +767,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, if (alert_level == SSL3_AL_WARNING) { s->s3->warn_alert = alert_descr; + SSL3_RECORD_set_read(rr); s->rlayer.alert_count++; if (s->rlayer.alert_count == MAX_WARN_ALERT_COUNT) { @@ -796,6 +832,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, BIO_snprintf(tmp, sizeof(tmp), "%d", alert_descr); ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; + SSL3_RECORD_set_read(rr); SSL_CTX_remove_session(s->session_ctx, s->session); return (0); } else { @@ -811,7 +848,8 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, * shutdown */ s->rwstate = SSL_NOTHING; SSL3_RECORD_set_length(rr, 0); - return (0); + SSL3_RECORD_set_read(rr); + return 0; } if (SSL3_RECORD_get_type(rr) == SSL3_RT_CHANGE_CIPHER_SPEC) { @@ -820,6 +858,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, * are still missing, so just drop it. */ SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); goto start; } @@ -834,6 +873,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, dtls1_get_message_header(rr->data, &msg_hdr); if (SSL3_RECORD_get_epoch(rr) != s->rlayer.d->r_epoch) { SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); goto start; } @@ -847,6 +887,19 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, dtls1_retransmit_buffered_messages(s); SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); + if (!(s->mode & SSL_MODE_AUTO_RETRY)) { + if (SSL3_BUFFER_get_left(&s->rlayer.rbuf) == 0) { + /* no read-ahead left? */ + BIO *bio; + + s->rwstate = SSL_READING; + bio = SSL_get_rbio(s); + BIO_clear_retry_flags(bio); + BIO_set_retry_read(bio); + return -1; + } + } goto start; } @@ -889,6 +942,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, /* TLS just ignores unknown message types */ if (s->version == TLS1_VERSION) { SSL3_RECORD_set_length(rr, 0); + SSL3_RECORD_set_read(rr); goto start; } al = SSL_AD_UNEXPECTED_MESSAGE; diff --git a/deps/openssl/openssl/ssl/record/rec_layer_s3.c b/deps/openssl/openssl/ssl/record/rec_layer_s3.c index 20225d2db7..1ffc1205d9 100644 --- a/deps/openssl/openssl/ssl/record/rec_layer_s3.c +++ b/deps/openssl/openssl/ssl/record/rec_layer_s3.c @@ -368,7 +368,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) * promptly send beyond the end of the users buffer ... so we trap and * report the error in a way the user will notice */ - if (((unsigned int)len < s->rlayer.wnum) + if (((unsigned int)len < s->rlayer.wnum) || ((wb->left != 0) && ((unsigned int)len < (s->rlayer.wnum + s->rlayer.wpend_tot)))) { SSLerr(SSL_F_SSL3_WRITE_BYTES, SSL_R_BAD_LENGTH); return -1; diff --git a/deps/openssl/openssl/ssl/record/ssl3_record.c b/deps/openssl/openssl/ssl/record/ssl3_record.c index c7a54feb12..c80add37f9 100644 --- a/deps/openssl/openssl/ssl/record/ssl3_record.c +++ b/deps/openssl/openssl/ssl/record/ssl3_record.c @@ -1531,6 +1531,7 @@ int dtls1_get_record(SSL *s) p += 6; n2s(p, rr->length); + rr->read = 0; /* * Lets check the version. We tolerate alerts that don't have the exact @@ -1540,6 +1541,7 @@ int dtls1_get_record(SSL *s) if (version != s->version) { /* unexpected version, silently discard */ rr->length = 0; + rr->read = 1; RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } @@ -1548,6 +1550,7 @@ int dtls1_get_record(SSL *s) if ((version & 0xff00) != (s->version & 0xff00)) { /* wrong version, silently discard record */ rr->length = 0; + rr->read = 1; RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } @@ -1555,10 +1558,10 @@ int dtls1_get_record(SSL *s) if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) { /* record too long, silently discard it */ rr->length = 0; + rr->read = 1; RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } - /* now s->rlayer.rstate == SSL_ST_READ_BODY */ } @@ -1572,6 +1575,7 @@ int dtls1_get_record(SSL *s) /* this packet contained a partial record, dump it */ if (n != i) { rr->length = 0; + rr->read = 1; RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } @@ -1588,6 +1592,7 @@ int dtls1_get_record(SSL *s) bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch); if (bitmap == NULL) { rr->length = 0; + rr->read = 1; RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */ goto again; /* get another record */ } @@ -1602,6 +1607,7 @@ int dtls1_get_record(SSL *s) */ if (!dtls1_record_replay_check(s, bitmap)) { rr->length = 0; + rr->read = 1; RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */ goto again; /* get another record */ } @@ -1610,8 +1616,10 @@ int dtls1_get_record(SSL *s) #endif /* just read a 0 length packet */ - if (rr->length == 0) + if (rr->length == 0) { + rr->read = 1; goto again; + } /* * If this record is from the next epoch (either HM or ALERT), and a @@ -1626,12 +1634,14 @@ int dtls1_get_record(SSL *s) return -1; } rr->length = 0; + rr->read = 1; RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } if (!dtls1_process_record(s, bitmap)) { rr->length = 0; + rr->read = 1; RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */ goto again; /* get another record */ } diff --git a/deps/openssl/openssl/ssl/ssl_ciph.c b/deps/openssl/openssl/ssl/ssl_ciph.c index 7a393cbe80..b8da982105 100644 --- a/deps/openssl/openssl/ssl/ssl_ciph.c +++ b/deps/openssl/openssl/ssl/ssl_ciph.c @@ -101,10 +101,7 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = { {SSL_CHACHA20POLY1305, NID_chacha20_poly1305}, }; -static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = { - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, - NULL, NULL -}; +static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]; #define SSL_COMP_NULL_IDX 0 #define SSL_COMP_ZLIB_IDX 1 diff --git a/deps/openssl/openssl/ssl/ssl_conf.c b/deps/openssl/openssl/ssl/ssl_conf.c index 7f894885dc..9d9309ac15 100644 --- a/deps/openssl/openssl/ssl/ssl_conf.c +++ b/deps/openssl/openssl/ssl/ssl_conf.c @@ -222,8 +222,9 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) int nid; /* Ignore values supported by 1.0.2 for the automatic selection */ - if ((cctx->flags & SSL_CONF_FLAG_FILE) && - strcasecmp(value, "+automatic") == 0) + if ((cctx->flags & SSL_CONF_FLAG_FILE) + && (strcasecmp(value, "+automatic") == 0 + || strcasecmp(value, "automatic") == 0)) return 1; if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) && strcmp(value, "auto") == 0) diff --git a/deps/openssl/openssl/ssl/ssl_init.c b/deps/openssl/openssl/ssl/ssl_init.c index 3e62d48111..dc16e39bf3 100644 --- a/deps/openssl/openssl/ssl/ssl_init.c +++ b/deps/openssl/openssl/ssl/ssl_init.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,6 +12,7 @@ #include "internal/err.h" #include <openssl/crypto.h> #include <openssl/evp.h> +#include <openssl/conf.h> #include <assert.h> #include "ssl_locl.h" #include "internal/thread_once.h" @@ -126,8 +127,8 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_ssl_strings) "ERR_load_SSL_strings()\n"); # endif ERR_load_SSL_strings(); -#endif ssl_strings_inited = 1; +#endif return 1; } @@ -191,11 +192,13 @@ int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS * settings) return 0; } - if (!RUN_ONCE(&ssl_base, ossl_init_ssl_base)) + if (!OPENSSL_init_crypto(opts + | OPENSSL_INIT_ADD_ALL_CIPHERS + | OPENSSL_INIT_ADD_ALL_DIGESTS, + settings)) return 0; - if (!OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS - | OPENSSL_INIT_ADD_ALL_DIGESTS, settings)) + if (!RUN_ONCE(&ssl_base, ossl_init_ssl_base)) return 0; if ((opts & OPENSSL_INIT_NO_LOAD_SSL_STRINGS) diff --git a/deps/openssl/openssl/ssl/ssl_lib.c b/deps/openssl/openssl/ssl/ssl_lib.c index 8a190d23e8..2002c1712f 100644 --- a/deps/openssl/openssl/ssl/ssl_lib.c +++ b/deps/openssl/openssl/ssl/ssl_lib.c @@ -2213,28 +2213,37 @@ int SSL_set_cipher_list(SSL *s, const char *str) return 1; } -char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len) +char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size) { char *p; - STACK_OF(SSL_CIPHER) *sk; + STACK_OF(SSL_CIPHER) *clntsk, *srvrsk; const SSL_CIPHER *c; int i; - if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2)) - return (NULL); + if (!s->server + || s->session == NULL + || s->session->ciphers == NULL + || size < 2) + return NULL; p = buf; - sk = s->session->ciphers; + clntsk = s->session->ciphers; + srvrsk = SSL_get_ciphers(s); + if (clntsk == NULL || srvrsk == NULL) + return NULL; - if (sk_SSL_CIPHER_num(sk) == 0) + if (sk_SSL_CIPHER_num(clntsk) == 0 || sk_SSL_CIPHER_num(srvrsk) == 0) return NULL; - for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { + for (i = 0; i < sk_SSL_CIPHER_num(clntsk); i++) { int n; - c = sk_SSL_CIPHER_value(sk, i); + c = sk_SSL_CIPHER_value(clntsk, i); + if (sk_SSL_CIPHER_find(srvrsk, c) < 0) + continue; + n = strlen(c->name); - if (n + 1 > len) { + if (n + 1 > size) { if (p != buf) --p; *p = '\0'; @@ -2243,7 +2252,7 @@ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len) memcpy(p, c->name, n + 1); p += n; *(p++) = ':'; - len -= n + 1; + size -= n + 1; } p[-1] = '\0'; return (buf); @@ -3035,12 +3044,13 @@ void ssl_update_cache(SSL *s, int mode) /* * If sid_ctx_length is 0 there is no specific application context * associated with this session, so when we try to resume it and - * SSL_VERIFY_PEER is requested, we have no indication that this is - * actually a session for the proper application context, and the - * *handshake* will fail, not just the resumption attempt. - * Do not cache these sessions that are not resumable. + * SSL_VERIFY_PEER is requested to verify the client identity, we have no + * indication that this is actually a session for the proper application + * context, and the *handshake* will fail, not just the resumption attempt. + * Do not cache (on the server) these sessions that are not resumable + * (clients can set SSL_VERIFY_PEER without needing a sid_ctx set). */ - if (s->session->sid_ctx_length == 0 + if (s->server && s->session->sid_ctx_length == 0 && (s->verify_mode & SSL_VERIFY_PEER) != 0) return; @@ -3519,7 +3529,6 @@ void ssl_free_wbio_buffer(SSL *s) return; s->wbio = BIO_pop(s->wbio); - assert(s->wbio != NULL); BIO_free(s->bbio); s->bbio = NULL; } diff --git a/deps/openssl/openssl/ssl/ssl_locl.h b/deps/openssl/openssl/ssl/ssl_locl.h index d86bd7e8e2..3c7c1a8e64 100644 --- a/deps/openssl/openssl/ssl/ssl_locl.h +++ b/deps/openssl/openssl/ssl/ssl_locl.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -164,6 +164,8 @@ (c)[1]=(unsigned char)(((l)>> 8)&0xff), \ (c)[2]=(unsigned char)(((l) )&0xff)),(c)+=3) +# define SSL_MAX_2_BYTE_LEN (0xffff) + /* * DTLS version numbers are strange because they're inverted. Except for * DTLS1_BAD_VER, which should be considered "lower" than the rest. @@ -347,6 +349,9 @@ /* we have used 0000003f - 26 bits left to go */ +# define SSL_IS_FIRST_HANDSHAKE(S) ((s)->s3->tmp.finish_md_len == 0 \ + || (s)->s3->tmp.peer_finish_md_len == 0) + /* Check if an SSL structure is using DTLS */ # define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS) /* See if we need explicit IV */ @@ -537,7 +542,7 @@ struct ssl_session_st { const SSL_CIPHER *cipher; unsigned long cipher_id; /* when ASN.1 loaded, this needs to be used to * load the 'cipher' structure */ - STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */ + STACK_OF(SSL_CIPHER) *ciphers; /* ciphers offered by the client */ CRYPTO_EX_DATA ex_data; /* application specific data */ /* * These are used to make removal of session-ids more efficient and to diff --git a/deps/openssl/openssl/ssl/ssl_mcnf.c b/deps/openssl/openssl/ssl/ssl_mcnf.c index c2d9dba64a..24742660e4 100644 --- a/deps/openssl/openssl/ssl/ssl_mcnf.c +++ b/deps/openssl/openssl/ssl/ssl_mcnf.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,148 +11,35 @@ #include <openssl/conf.h> #include <openssl/ssl.h> #include "ssl_locl.h" +#include "internal/sslconf.h" /* SSL library configuration module. */ -struct ssl_conf_name { - /* Name of this set of commands */ - char *name; - /* List of commands */ - struct ssl_conf_cmd *cmds; - /* Number of commands */ - size_t cmd_count; -}; - -struct ssl_conf_cmd { - /* Command */ - char *cmd; - /* Argument */ - char *arg; -}; - -static struct ssl_conf_name *ssl_names; -static size_t ssl_names_count; - -static void ssl_module_free(CONF_IMODULE *md) -{ - size_t i, j; - if (ssl_names == NULL) - return; - for (i = 0; i < ssl_names_count; i++) { - struct ssl_conf_name *tname = ssl_names + i; - OPENSSL_free(tname->name); - for (j = 0; j < tname->cmd_count; j++) { - OPENSSL_free(tname->cmds[j].cmd); - OPENSSL_free(tname->cmds[j].arg); - } - OPENSSL_free(tname->cmds); - } - OPENSSL_free(ssl_names); - ssl_names = NULL; - ssl_names_count = 0; -} - -static int ssl_module_init(CONF_IMODULE *md, const CONF *cnf) -{ - size_t i, j, cnt; - int rv = 0; - const char *ssl_conf_section; - STACK_OF(CONF_VALUE) *cmd_lists; - ssl_conf_section = CONF_imodule_get_value(md); - cmd_lists = NCONF_get_section(cnf, ssl_conf_section); - if (sk_CONF_VALUE_num(cmd_lists) <= 0) { - if (cmd_lists == NULL) - SSLerr(SSL_F_SSL_MODULE_INIT, SSL_R_SSL_SECTION_NOT_FOUND); - else - SSLerr(SSL_F_SSL_MODULE_INIT, SSL_R_SSL_SECTION_EMPTY); - ERR_add_error_data(2, "section=", ssl_conf_section); - goto err; - } - cnt = sk_CONF_VALUE_num(cmd_lists); - ssl_names = OPENSSL_zalloc(sizeof(*ssl_names) * cnt); - ssl_names_count = cnt; - for (i = 0; i < ssl_names_count; i++) { - struct ssl_conf_name *ssl_name = ssl_names + i; - CONF_VALUE *sect = sk_CONF_VALUE_value(cmd_lists, i); - STACK_OF(CONF_VALUE) *cmds = NCONF_get_section(cnf, sect->value); - if (sk_CONF_VALUE_num(cmds) <= 0) { - if (cmds == NULL) - SSLerr(SSL_F_SSL_MODULE_INIT, - SSL_R_SSL_COMMAND_SECTION_NOT_FOUND); - else - SSLerr(SSL_F_SSL_MODULE_INIT, SSL_R_SSL_COMMAND_SECTION_EMPTY); - ERR_add_error_data(4, "name=", sect->name, ", value=", sect->value); - goto err; - } - ssl_name->name = BUF_strdup(sect->name); - if (ssl_name->name == NULL) - goto err; - cnt = sk_CONF_VALUE_num(cmds); - ssl_name->cmds = OPENSSL_zalloc(cnt * sizeof(struct ssl_conf_cmd)); - if (ssl_name->cmds == NULL) - goto err; - ssl_name->cmd_count = cnt; - for (j = 0; j < cnt; j++) { - const char *name; - CONF_VALUE *cmd_conf = sk_CONF_VALUE_value(cmds, j); - struct ssl_conf_cmd *cmd = ssl_name->cmds + j; - /* Skip any initial dot in name */ - name = strchr(cmd_conf->name, '.'); - if (name != NULL) - name++; - else - name = cmd_conf->name; - cmd->cmd = BUF_strdup(name); - cmd->arg = BUF_strdup(cmd_conf->value); - if (cmd->cmd == NULL || cmd->arg == NULL) - goto err; - } - - } - rv = 1; - err: - if (rv == 0) - ssl_module_free(md); - return rv; -} - void SSL_add_ssl_module(void) { - CONF_module_add("ssl_conf", ssl_module_init, ssl_module_free); -} - -static const struct ssl_conf_name *ssl_name_find(const char *name) -{ - size_t i; - const struct ssl_conf_name *nm; - if (name == NULL) - return NULL; - for (i = 0, nm = ssl_names; i < ssl_names_count; i++, nm++) { - if (strcmp(nm->name, name) == 0) - return nm; - } - return NULL; + /* Just load all of the crypto builtin modules. This includes the SSL one */ + OPENSSL_load_builtin_modules(); } static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name) { SSL_CONF_CTX *cctx = NULL; - size_t i; + size_t i, idx, cmd_count; int rv = 0; unsigned int flags; const SSL_METHOD *meth; - const struct ssl_conf_name *nm; - struct ssl_conf_cmd *cmd; + const SSL_CONF_CMD *cmds; + if (s == NULL && ctx == NULL) { SSLerr(SSL_F_SSL_DO_CONFIG, ERR_R_PASSED_NULL_PARAMETER); goto err; } - nm = ssl_name_find(name); - if (nm == NULL) { + if (!conf_ssl_name_find(name, &idx)) { SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_INVALID_CONFIGURATION_NAME); ERR_add_error_data(2, "name=", name); goto err; } + cmds = conf_ssl_get(idx, &name, &cmd_count); cctx = SSL_CONF_CTX_new(); if (cctx == NULL) goto err; @@ -170,15 +57,18 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name) if (meth->ssl_connect != ssl_undefined_function) flags |= SSL_CONF_FLAG_CLIENT; SSL_CONF_CTX_set_flags(cctx, flags); - for (i = 0, cmd = nm->cmds; i < nm->cmd_count; i++, cmd++) { - rv = SSL_CONF_cmd(cctx, cmd->cmd, cmd->arg); + for (i = 0; i < cmd_count; i++) { + char *cmdstr, *arg; + + conf_ssl_get_cmd(cmds, i, &cmdstr, &arg); + rv = SSL_CONF_cmd(cctx, cmdstr, arg); if (rv <= 0) { if (rv == -2) SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_UNKNOWN_COMMAND); else SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_BAD_VALUE); - ERR_add_error_data(6, "section=", name, ", cmd=", cmd->cmd, - ", arg=", cmd->arg); + ERR_add_error_data(6, "section=", name, ", cmd=", cmdstr, + ", arg=", arg); goto err; } } diff --git a/deps/openssl/openssl/ssl/ssl_sess.c b/deps/openssl/openssl/ssl/ssl_sess.c index 0dea8b5224..926b55c7ba 100644 --- a/deps/openssl/openssl/ssl/ssl_sess.c +++ b/deps/openssl/openssl/ssl/ssl_sess.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -734,11 +734,11 @@ static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck) if (lck) CRYPTO_THREAD_unlock(ctx->lock); - if (ret) - SSL_SESSION_free(r); - if (ctx->remove_session_cb != NULL) ctx->remove_session_cb(ctx, c); + + if (ret) + SSL_SESSION_free(r); } else ret = 0; return (ret); diff --git a/deps/openssl/openssl/ssl/ssl_txt.c b/deps/openssl/openssl/ssl/ssl_txt.c index dbbf9d9e8d..f149a3ad09 100644 --- a/deps/openssl/openssl/ssl/ssl_txt.c +++ b/deps/openssl/openssl/ssl/ssl_txt.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -70,18 +70,18 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x) if (x->cipher == NULL) { if (((x->cipher_id) & 0xff000000) == 0x02000000) { - if (BIO_printf - (bp, " Cipher : %06lX\n", x->cipher_id & 0xffffff) <= 0) + if (BIO_printf(bp, " Cipher : %06lX\n", + x->cipher_id & 0xffffff) <= 0) goto err; } else { - if (BIO_printf - (bp, " Cipher : %04lX\n", x->cipher_id & 0xffff) <= 0) + if (BIO_printf(bp, " Cipher : %04lX\n", + x->cipher_id & 0xffff) <= 0) goto err; } } else { - if (BIO_printf - (bp, " Cipher : %s\n", - ((x->cipher == NULL) ? "unknown" : x->cipher->name)) <= 0) + if (BIO_printf(bp, " Cipher : %s\n", + ((x->cipher->name == NULL) ? "unknown" + : x->cipher->name)) <= 0) goto err; } if (BIO_puts(bp, " Session-ID: ") <= 0) diff --git a/deps/openssl/openssl/ssl/statem/README b/deps/openssl/openssl/ssl/statem/README index 4467bd1e58..145c69db8d 100644 --- a/deps/openssl/openssl/ssl/statem/README +++ b/deps/openssl/openssl/ssl/statem/README @@ -60,3 +60,4 @@ Conceptually the state machine component is designed as follows: | Non core functions common | | Non core functions common to | | to both servers and clients | | both DTLS servers and clients | |_____________________________| |_______________________________| + diff --git a/deps/openssl/openssl/ssl/statem/statem.c b/deps/openssl/openssl/ssl/statem/statem.c index b91ec0a360..69bb40f00e 100644 --- a/deps/openssl/openssl/ssl/statem/statem.c +++ b/deps/openssl/openssl/ssl/statem/statem.c @@ -556,10 +556,8 @@ static SUB_STATE_RETURN read_state_machine(SSL *s) * Validate that we are allowed to move to the new state and move * to that state if so */ - if (!transition(s, mt)) { - ossl_statem_set_error(s); + if (!transition(s, mt)) return SUB_STATE_ERROR; - } if (s->s3->tmp.message_size > max_message_size(s)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER); diff --git a/deps/openssl/openssl/ssl/statem/statem_clnt.c b/deps/openssl/openssl/ssl/statem/statem_clnt.c index 6fa3f1db67..ed993553c5 100644 --- a/deps/openssl/openssl/ssl/statem/statem_clnt.c +++ b/deps/openssl/openssl/ssl/statem/statem_clnt.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -265,6 +265,21 @@ int ossl_statem_client_read_transition(SSL *s, int mt) err: /* No valid transition found */ + if (SSL_IS_DTLS(s) && mt == SSL3_MT_CHANGE_CIPHER_SPEC) { + BIO *rbio; + + /* + * CCS messages don't have a message sequence number so this is probably + * because of an out-of-order CCS. We'll just drop it. + */ + s->init_num = 0; + s->rwstate = SSL_READING; + rbio = SSL_get_rbio(s); + BIO_clear_retry_flags(rbio); + BIO_set_retry_read(rbio); + return 0; + } + ossl_statem_set_error(s); ssl3_send_alert(s, SSL3_AL_FATAL, SSL3_AD_UNEXPECTED_MESSAGE); SSLerr(SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION, SSL_R_UNEXPECTED_MESSAGE); return 0; diff --git a/deps/openssl/openssl/ssl/statem/statem_dtls.c b/deps/openssl/openssl/ssl/statem/statem_dtls.c index 6b80620ee9..5b34425445 100644 --- a/deps/openssl/openssl/ssl/statem/statem_dtls.c +++ b/deps/openssl/openssl/ssl/statem/statem_dtls.c @@ -493,7 +493,8 @@ static int dtls1_retrieve_buffered_fragment(SSL *s, int *ok) al = dtls1_preprocess_fragment(s, &frag->msg_header); - if (al == 0) { /* no alert */ + /* al will be 0 if no alert */ + if (al == 0 && frag->msg_header.frag_len > 0) { unsigned char *p = (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH; memcpy(&p[frag->msg_header.frag_off], frag->fragment, diff --git a/deps/openssl/openssl/ssl/statem/statem_lib.c b/deps/openssl/openssl/ssl/statem/statem_lib.c index 36d410bdf7..eba4c6fb40 100644 --- a/deps/openssl/openssl/ssl/statem/statem_lib.c +++ b/deps/openssl/openssl/ssl/statem/statem_lib.c @@ -299,6 +299,15 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst) s->ctx->stats.sess_accept_good++; s->handshake_func = ossl_statem_accept; + + if (SSL_IS_DTLS(s) && !s->hit) { + /* + * We are finishing after the client. We start the timer going + * in case there are any retransmits of our final flight + * required. + */ + dtls1_start_timer(s); + } } else { ssl_update_cache(s, SSL_SESS_CACHE_CLIENT); if (s->hit) @@ -306,6 +315,15 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst) s->handshake_func = ossl_statem_connect; s->ctx->stats.sess_connect_good++; + + if (SSL_IS_DTLS(s) && s->hit) { + /* + * We are finishing after the server. We start the timer going + * in case there are any retransmits of our final flight + * required. + */ + dtls1_start_timer(s); + } } if (s->info_callback != NULL) @@ -1073,6 +1091,13 @@ int ssl_set_client_hello_version(SSL *s) { int ver_min, ver_max, ret; + /* + * In a renegotiation we always send the same client_version that we sent + * last time, regardless of which version we eventually negotiated. + */ + if (!SSL_IS_FIRST_HANDSHAKE(s)) + return 0; + ret = ssl_get_client_min_max_version(s, &ver_min, &ver_max); if (ret != 0) diff --git a/deps/openssl/openssl/ssl/statem/statem_srvr.c b/deps/openssl/openssl/ssl/statem/statem_srvr.c index c7cd9eb662..f81fa5e199 100644 --- a/deps/openssl/openssl/ssl/statem/statem_srvr.c +++ b/deps/openssl/openssl/ssl/statem/statem_srvr.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -213,6 +213,21 @@ int ossl_statem_server_read_transition(SSL *s, int mt) } /* No valid transition found */ + if (SSL_IS_DTLS(s) && mt == SSL3_MT_CHANGE_CIPHER_SPEC) { + BIO *rbio; + + /* + * CCS messages don't have a message sequence number so this is probably + * because of an out-of-order CCS. We'll just drop it. + */ + s->init_num = 0; + s->rwstate = SSL_READING; + rbio = SSL_get_rbio(s); + BIO_clear_retry_flags(rbio); + BIO_set_retry_read(rbio); + return 0; + } + ossl_statem_set_error(s); ssl3_send_alert(s, SSL3_AL_FATAL, SSL3_AD_UNEXPECTED_MESSAGE); SSLerr(SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION, SSL_R_UNEXPECTED_MESSAGE); return 0; @@ -1698,6 +1713,12 @@ int tls_construct_server_key_exchange(SSL *s) } dh = EVP_PKEY_get0_DH(s->s3->tmp.pkey); + if (dh == NULL) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, + ERR_R_INTERNAL_ERROR); + goto err; + } EVP_PKEY_free(pkdh); pkdh = NULL; @@ -1985,6 +2006,11 @@ int tls_construct_certificate_request(SSL *s) const unsigned char *psigs; unsigned char *etmp = p; nl = tls12_get_psigalgs(s, 1, &psigs); + if (nl > SSL_MAX_2_BYTE_LEN) { + SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, + SSL_R_LENGTH_TOO_LONG); + goto err; + } /* Skip over length for now */ p += 2; nl = tls12_copy_sigalgs(s, p, psigs, nl); @@ -2004,6 +2030,11 @@ int tls_construct_certificate_request(SSL *s) for (i = 0; i < sk_X509_NAME_num(sk); i++) { name = sk_X509_NAME_value(sk, i); j = i2d_X509_NAME(name, NULL); + if (j > SSL_MAX_2_BYTE_LEN) { + SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, + SSL_R_LENGTH_TOO_LONG); + goto err; + } if (!BUF_MEM_grow_clean(buf, SSL_HM_HEADER_LENGTH(s) + n + j + 2)) { SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, ERR_R_BUF_LIB); goto err; @@ -2013,6 +2044,11 @@ int tls_construct_certificate_request(SSL *s) i2d_X509_NAME(name, &p); n += 2 + j; nl += 2 + j; + if (nl > SSL_MAX_2_BYTE_LEN) { + SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, + SSL_R_LENGTH_TOO_LONG); + goto err; + } } } /* else no CA names */ @@ -2303,13 +2339,12 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt, int *al) SSLerr(SSL_F_TLS_PROCESS_CKE_DHE, SSL_R_BN_LIB); goto err; } + cdh = EVP_PKEY_get0_DH(ckey); pub_key = BN_bin2bn(data, i, NULL); - - if (pub_key == NULL || !DH_set0_key(cdh, pub_key, NULL)) { + if (pub_key == NULL || cdh == NULL || !DH_set0_key(cdh, pub_key, NULL)) { SSLerr(SSL_F_TLS_PROCESS_CKE_DHE, ERR_R_INTERNAL_ERROR); - if (pub_key != NULL) - BN_free(pub_key); + BN_free(pub_key); goto err; } diff --git a/deps/openssl/openssl/ssl/t1_lib.c b/deps/openssl/openssl/ssl/t1_lib.c index 7a5721a1e2..95711fb6df 100644 --- a/deps/openssl/openssl/ssl/t1_lib.c +++ b/deps/openssl/openssl/ssl/t1_lib.c @@ -408,7 +408,7 @@ int tls1_set_curves(unsigned char **pext, size_t *pextlen, return 1; } -# define MAX_CURVELIST 28 +# define MAX_CURVELIST OSSL_NELEM(nid_list) typedef struct { size_t nidcnt; @@ -490,13 +490,16 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, return 1; } +# define DONT_CHECK_OWN_GROUPS 0 +# define CHECK_OWN_GROUPS 1 /* Check an EC key is compatible with extensions */ -static int tls1_check_ec_key(SSL *s, - unsigned char *curve_id, unsigned char *comp_id) +static int tls1_check_ec_key(SSL *s, unsigned char *curve_id, + unsigned char *comp_id, int check_own_groups) { const unsigned char *pformats, *pcurves; size_t num_formats, num_curves, i; int j; + /* * If point formats extension present check it, otherwise everything is * supported (see RFC4492). @@ -513,8 +516,12 @@ static int tls1_check_ec_key(SSL *s, } if (!curve_id) return 1; + + if (!s->server && !check_own_groups) + return 1; + /* Check curve is consistent with client and server preferences */ - for (j = 0; j <= 1; j++) { + for (j = check_own_groups ? 0 : 1; j <= 1; j++) { if (!tls1_get_curvelist(s, j, &pcurves, &num_curves)) return 0; if (j == 1 && num_curves == 0) { @@ -579,9 +586,12 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md) return 0; /* * Can't check curve_id for client certs as we don't have a supported - * curves extension. + * curves extension. For server certs we will tolerate certificates that + * aren't in our own list of curves. If we've been configured to use an EC + * cert then we should use it - therefore we use DONT_CHECK_OWN_GROUPS here. */ - rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, &comp_id); + rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, &comp_id, + DONT_CHECK_OWN_GROUPS); if (!rv) return 0; /* @@ -644,7 +654,7 @@ int tls1_check_ec_tmp_key(SSL *s, unsigned long cid) return 0; curve_id[0] = 0; /* Check this curve is acceptable */ - if (!tls1_check_ec_key(s, curve_id, NULL)) + if (!tls1_check_ec_key(s, curve_id, NULL, CHECK_OWN_GROUPS)) return 0; return 1; } @@ -746,8 +756,9 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs) } /* - * Check signature algorithm is consistent with sent supported signature - * algorithms and if so return relevant digest. + * Check signature algorithm received from the peer with a signature is + * consistent with the sent supported signature algorithms and if so return + * relevant digest. */ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s, const unsigned char *sig, EVP_PKEY *pkey) @@ -769,7 +780,8 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s, /* Check compression and curve matches extensions */ if (!tls1_set_ec_id(curve_id, &comp_id, EVP_PKEY_get0_EC_KEY(pkey))) return 0; - if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id)) { + if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id, + CHECK_OWN_GROUPS)) { SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE); return 0; } @@ -2144,6 +2156,10 @@ static int ssl_scan_clienthello_tlsext(SSL *s, PACKET *pkt, int *al) } } } else if (type == TLSEXT_TYPE_status_request) { + /* Ignore this if resuming */ + if (s->hit) + continue; + if (!PACKET_get_1(&extension, (unsigned int *)&s->tlsext_status_type)) { return 0; @@ -2784,7 +2800,7 @@ int tls1_set_server_sigalgs(SSL *s) if (!s->cert->shared_sigalgs) { SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS, SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS); - al = SSL_AD_ILLEGAL_PARAMETER; + al = SSL_AD_HANDSHAKE_FAILURE; goto err; } } else { @@ -4125,13 +4141,16 @@ DH *ssl_get_auto_dh(SSL *s) if (dhp == NULL) return NULL; g = BN_new(); - if (g != NULL) - BN_set_word(g, 2); + if (g == NULL || !BN_set_word(g, 2)) { + DH_free(dhp); + BN_free(g); + return NULL; + } if (dh_secbits >= 192) p = BN_get_rfc3526_prime_8192(NULL); else p = BN_get_rfc3526_prime_3072(NULL); - if (p == NULL || g == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { + if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { DH_free(dhp); BN_free(p); BN_free(g); @@ -4172,6 +4191,9 @@ static int ssl_security_cert_sig(SSL *s, SSL_CTX *ctx, X509 *x, int op) if ((X509_get_extension_flags(x) & EXFLAG_SS) != 0) return 1; sig_nid = X509_get_signature_nid(x); + /* We are not able to look up the CA MD for RSA PSS in this version */ + if (sig_nid == NID_rsassaPss) + return 1; if (sig_nid && OBJ_find_sigid_algs(sig_nid, &md_nid, NULL)) { const EVP_MD *md; if (md_nid && (md = EVP_get_digestbynid(md_nid))) diff --git a/deps/openssl/openssl/ssl/t1_trce.c b/deps/openssl/openssl/ssl/t1_trce.c index 76bdf792ae..588cb8cc3d 100644 --- a/deps/openssl/openssl/ssl/t1_trce.c +++ b/deps/openssl/openssl/ssl/t1_trce.c @@ -1,5 +1,5 @@ /* - * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -725,6 +725,8 @@ static int ssl_print_extensions(BIO *bio, int indent, int server, BIO_puts(bio, "No Extensions\n"); return 1; } + if (msglen < 2) + return 0; extslen = (msg[0] << 8) | msg[1]; if (extslen != msglen - 2) return 0; @@ -1092,6 +1094,8 @@ static int ssl_print_cert_request(BIO *bio, int indent, SSL *s, msglen -= xlen + 2; skip_sig: + if (msglen < 2) + return 0; xlen = (msg[0] << 8) | msg[1]; BIO_indent(bio, indent, 80); if (msglen < xlen + 2) @@ -1271,7 +1275,16 @@ void SSL_trace(int write_p, int version, int content_type, switch (content_type) { case SSL3_RT_HEADER: { - int hvers = msg[1] << 8 | msg[2]; + int hvers; + + /* avoid overlapping with length at the end of buffer */ + if (msglen < (size_t)(SSL_IS_DTLS(ssl) ? + DTLS1_RT_HEADER_LENGTH : SSL3_RT_HEADER_LENGTH)) { + BIO_puts(bio, write_p ? "Sent" : "Received"); + ssl_print_hex(bio, 0, " too short message", msg, msglen); + break; + } + hvers = msg[1] << 8 | msg[2]; BIO_puts(bio, write_p ? "Sent" : "Received"); BIO_printf(bio, " Record\nHeader:\n Version = %s (0x%x)\n", ssl_trace_str(hvers, ssl_version_tbl), hvers); |