src - OpenBSD base system

diff options


context:
space:
mode:

author	Markus Friedl <markus@cvs.openbsd.org>	2002-07-30 11:08:07 +0000
committer	Markus Friedl <markus@cvs.openbsd.org>	2002-07-30 11:08:07 +0000
commit	acf5080264898deb37bfcd6f94075bca2aed9f46 (patch)
tree	0b0dcaba8a04b49dfca8057960c9cb37df769e14 /lib/libssl
parent	b2199be640a137c9d677ad8f5253e7c265372725 (diff)

apply patches from OpenSSL Security Advisory [30 July 2002],

http://marc.theaimsgroup.com/?l=openssl-dev&m=102802395104110&w=2

Diffstat (limited to 'lib/libssl')

-rw-r--r--

lib/libssl/src/CHANGES

-rw-r--r--

lib/libssl/src/crypto/asn1/asn1_lib.c

-rw-r--r--

lib/libssl/src/crypto/conf/conf_def.c

-rw-r--r--

lib/libssl/src/crypto/cryptlib.h

-rw-r--r--

lib/libssl/src/crypto/objects/obj_dat.c

-rw-r--r--

lib/libssl/src/ssl/s2_clnt.c

-rw-r--r--

lib/libssl/src/ssl/s2_lib.c

-rw-r--r--

lib/libssl/src/ssl/s2_srvr.c

-rw-r--r--

lib/libssl/src/ssl/s3_clnt.c

-rw-r--r--

lib/libssl/src/ssl/s3_srvr.c

-rw-r--r--

lib/libssl/src/ssl/ssl.h

-rw-r--r--

lib/libssl/src/ssl/ssl_asn1.c

-rw-r--r--

lib/libssl/src/ssl/ssl_err.c

-rw-r--r--

lib/libssl/src/ssl/ssl_lib.c

-rw-r--r--

lib/libssl/src/ssl/ssl_locl.h

-rw-r--r--

lib/libssl/src/ssl/ssl_sess.c

-rw-r--r--

lib/libssl/ssl/Makefile

17 files changed, 97 insertions, 7 deletions

diff --git a/lib/libssl/src/CHANGES b/lib/libssl/src/CHANGES
index d63996c70d3..64c33c70489 100644
--- a/lib/libssl/src/CHANGES
+++ b/lib/libssl/src/CHANGES

@@ -1622,6 +1622,35 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k

*) Fix EVP_dsa_sha macro.

[Nils Larsch]

+ Changes in security patch

+Changes marked "(CHATS)" were sponsored by the Defense Advanced

+Research Projects Agency (DARPA) and Air Force Research Laboratory,

+Air Force Materiel Command, USAF, under agreement number

+F30602-01-2-0537.

+ *) Add various sanity checks to asn1_get_length() to reject

+ the ASN1 length bytes if they exceed sizeof(long), will appear

+ negative or the content length exceeds the length of the

+ supplied buffer.

+ [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]

+ *) Assertions for various potential buffer overflows, not known to

+ happen in practice.

+ [Ben Laurie (CHATS)]

+ *) Various temporary buffers to hold ASCII versions of integers were

+ too small for 64 bit platforms. (CAN-2002-0655)

+ [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>

+ *) Remote buffer overflow in SSL3 protocol - an attacker could

+ supply an oversized session ID to a client. (CAN-2002-0656)

+ [Ben Laurie (CHATS)]

+ *) Remote buffer overflow in SSL2 protocol - an attacker could

+ supply an oversized client master key. (CAN-2002-0656)

+ [Ben Laurie (CHATS)]

Changes between 0.9.6c and 0.9.6d [9 May 2002]

*) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not

diff --git a/lib/libssl/src/crypto/asn1/asn1_lib.c b/lib/libssl/src/crypto/asn1/asn1_lib.c
index 830ff2af3ce..fd8e77044ee 100644
--- a/lib/libssl/src/crypto/asn1/asn1_lib.c
+++ b/lib/libssl/src/crypto/asn1/asn1_lib.c

@@ -123,15 +123,13 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,

(int)(omax+ *pp));

#endif

-#if 0

- if ((p+ *plength) > (omax+ *pp))

+ if (*plength > (omax - (*pp - p)))

{

ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);

/* Set this so that even if things are not long enough

* the values are set correctly */

ret|=0x80;

}

-#endif

*pp=p;

return(ret|inf);

err:

@@ -158,6 +156,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)

i= *p&0x7f;

if (*(p++) & 0x80)

{

+ if (i > sizeof(long))

+ return 0;

if (max-- == 0) return(0);

while (i-- > 0)

{

@@ -169,6 +169,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)

else

ret=i;

}

+ if (ret < 0)

+ return 0;

*pp=p;

*rl=ret;

return(1);

@@ -406,7 +408,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)

void asn1_add_error(unsigned char *address, int offset)

{

- char buf1[16],buf2[16];

+ char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];

sprintf(buf1,"%lu",(unsigned long)address);

sprintf(buf2,"%d",offset);

diff --git a/lib/libssl/src/crypto/conf/conf_def.c b/lib/libssl/src/crypto/conf/conf_def.c
index 31f2766246a..5e194de60e9 100644
--- a/lib/libssl/src/crypto/conf/conf_def.c
+++ b/lib/libssl/src/crypto/conf/conf_def.c

@@ -67,6 +67,7 @@

#include "conf_def.h"

#include <openssl/buffer.h>

#include <openssl/err.h>

+#include "cryptlib.h"

static char *eat_ws(CONF *conf, char *p);

static char *eat_alpha_numeric(CONF *conf, char *p);

@@ -208,12 +209,12 @@ static int def_load(CONF *conf, const char *name, long *line)

static int def_load_bio(CONF *conf, BIO *in, long *line)

{

#define BUFSIZE 512

- char btmp[16];

int bufnum=0,i,ii;

BUF_MEM *buff=NULL;

char *s,*p,*end;

int again,n;

long eline=0;

+ char btmp[DECIMAL_SIZE(eline)+1];

CONF_VALUE *v=NULL,*tv;

CONF_VALUE *sv=NULL;

char *section=NULL,*buf;

diff --git a/lib/libssl/src/crypto/cryptlib.h b/lib/libssl/src/crypto/cryptlib.h
index a0489e57fc9..37ce7721fb0 100644
--- a/lib/libssl/src/crypto/cryptlib.h
+++ b/lib/libssl/src/crypto/cryptlib.h

@@ -89,6 +89,9 @@ extern "C" {

#define X509_CERT_DIR_EVP "SSL_CERT_DIR"

#define X509_CERT_FILE_EVP "SSL_CERT_FILE"

+/* size of string represenations */

+#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)

#ifdef __cplusplus

}

#endif

diff --git a/lib/libssl/src/crypto/objects/obj_dat.c b/lib/libssl/src/crypto/objects/obj_dat.c
index 3ff64bb8d13..02c3719f04e 100644
--- a/lib/libssl/src/crypto/objects/obj_dat.c
+++ b/lib/libssl/src/crypto/objects/obj_dat.c

@@ -436,7 +436,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)

unsigned long l;

unsigned char *p;

const char *s;

- char tbuf[32];

+ char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2];

if (buf_len <= 0) return(0);

diff --git a/lib/libssl/src/ssl/s2_clnt.c b/lib/libssl/src/ssl/s2_clnt.c
index 4cb11841613..42ad313183d 100644
--- a/lib/libssl/src/ssl/s2_clnt.c
+++ b/lib/libssl/src/ssl/s2_clnt.c

@@ -116,6 +116,7 @@

#include <openssl/buffer.h>

#include <openssl/objects.h>

#include <openssl/evp.h>

+#include "ssl_locl.h"

static SSL_METHOD *ssl2_get_client_method(int ver);

static int get_server_finished(SSL *s);

@@ -535,6 +536,7 @@ static int get_server_hello(SSL *s)

}

s->s2->conn_id_length=s->s2->tmp.conn_id_length;

+ die(s->s2->conn_id_length <= sizeof s->s2->conn_id);

memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);

return(1);

}

@@ -636,6 +638,7 @@ static int client_master_key(SSL *s)

/* make key_arg data */

i=EVP_CIPHER_iv_length(c);

sess->key_arg_length=i;

+ die(i <= SSL_MAX_KEY_ARG_LENGTH);

if (i > 0) RAND_pseudo_bytes(sess->key_arg,i);

/* make a master key */

@@ -643,6 +646,7 @@ static int client_master_key(SSL *s)

sess->master_key_length=i;

if (i > 0)

{

+ die(i <= sizeof sess->master_key);

if (RAND_bytes(sess->master_key,i) <= 0)

{

ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);

@@ -686,6 +690,7 @@ static int client_master_key(SSL *s)

d+=enc;

karg=sess->key_arg_length;

s2n(karg,p); /* key arg size */

+ die(karg <= sizeof sess->key_arg);

memcpy(d,sess->key_arg,(unsigned int)karg);

d+=karg;

@@ -706,6 +711,7 @@ static int client_finished(SSL *s)

{

p=(unsigned char *)s->init_buf->data;

*(p++)=SSL2_MT_CLIENT_FINISHED;

+ die(s->s2->conn_id_length <= sizeof s->s2->conn_id);

memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);

s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;

@@ -978,6 +984,8 @@ static int get_server_finished(SSL *s)

{

if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))

{

+ die(s->session->session_id_length

+ <= sizeof s->session->session_id);

if (memcmp(buf,s->session->session_id,

(unsigned int)s->session->session_id_length) != 0)

{

diff --git a/lib/libssl/src/ssl/s2_lib.c b/lib/libssl/src/ssl/s2_lib.c
index eb315bcf07a..83d5730ff3b 100644
--- a/lib/libssl/src/ssl/s2_lib.c
+++ b/lib/libssl/src/ssl/s2_lib.c

@@ -63,6 +63,7 @@

#include <openssl/objects.h>

#include <openssl/evp.h>

#include <openssl/md5.h>

+#include "ssl_locl.h"

static long ssl2_default_timeout(void );

const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;

@@ -428,10 +429,14 @@ void ssl2_generate_key_material(SSL *s)

#endif

EVP_MD_CTX_init(&ctx);

km=s->s2->key_material;

+ die(s->s2->key_material_length <= sizeof s->s2->key_material);

for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)

{

EVP_DigestInit_ex(&ctx,EVP_md5(), NULL);

+ die(s->session->master_key_length >= 0

+ && s->session->master_key_length

+ < sizeof s->session->master_key);

EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);

EVP_DigestUpdate(&ctx,&c,1);

c++;

@@ -467,6 +472,7 @@ void ssl2_write_error(SSL *s)

/* state=s->rwstate;*/

error=s->error;

s->error=0;

+ die(error >= 0 && error <= 3);

i=ssl2_write(s,&(buf[3-error]),error);

/* if (i == error) s->rwstate=state; */

diff --git a/lib/libssl/src/ssl/s2_srvr.c b/lib/libssl/src/ssl/s2_srvr.c
index 56da65195e7..a83605a1b76 100644
--- a/lib/libssl/src/ssl/s2_srvr.c
+++ b/lib/libssl/src/ssl/s2_srvr.c

@@ -116,6 +116,7 @@

#include <openssl/rand.h>

#include <openssl/objects.h>

#include <openssl/evp.h>

+#include "ssl_locl.h"

static SSL_METHOD *ssl2_get_server_method(int ver);

static int get_client_master_key(SSL *s);

@@ -417,11 +418,18 @@ static int get_client_master_key(SSL *s)

n2s(p,i); s->s2->tmp.clear=i;

n2s(p,i); s->s2->tmp.enc=i;

n2s(p,i); s->session->key_arg_length=i;

+ if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH)

+ {

+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,

+ SSL_R_KEY_ARG_TOO_LONG);

+ return -1;

+ }

s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;

}

/* SSL2_ST_GET_CLIENT_MASTER_KEY_B */

p=(unsigned char *)s->init_buf->data;

+ die(s->init_buf->length >= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER);

keya=s->session->key_arg_length;

len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;

if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)

@@ -504,6 +512,7 @@ static int get_client_master_key(SSL *s)

#endif

if (is_export) i+=s->s2->tmp.clear;

+ die(i <= SSL_MAX_MASTER_KEY_LENGTH);

s->session->master_key_length=i;

memcpy(s->session->master_key,p,(unsigned int)i);

return(1);

@@ -670,6 +679,7 @@ static int get_client_hello(SSL *s)

p+=s->s2->tmp.session_id_length;

/* challenge */

+ die(s->s2->challenge_length <= sizeof s->s2->challenge);

memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);

return(1);

mem_err:

@@ -826,6 +836,7 @@ static int get_client_finished(SSL *s)

}

/* SSL2_ST_GET_CLIENT_FINISHED_B */

+ die(s->s2->conn_id_length <= sizeof s->s2->conn_id);

len = 1 + (unsigned long)s->s2->conn_id_length;

n = (int)len - s->init_num;

i = ssl2_read(s,(char *)&(p[s->init_num]),n);

@@ -853,6 +864,7 @@ static int server_verify(SSL *s)

{

p=(unsigned char *)s->init_buf->data;

*(p++)=SSL2_MT_SERVER_VERIFY;

+ die(s->s2->challenge_length <= sizeof s->s2->challenge);

memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length);

/* p+=s->s2->challenge_length; */

@@ -872,6 +884,8 @@ static int server_finish(SSL *s)

p=(unsigned char *)s->init_buf->data;

*(p++)=SSL2_MT_SERVER_FINISHED;

+ die(s->session->session_id_length

+ <= sizeof s->session->session_id);

memcpy(p,s->session->session_id,

(unsigned int)s->session->session_id_length);

/* p+=s->session->session_id_length; */

diff --git a/lib/libssl/src/ssl/s3_clnt.c b/lib/libssl/src/ssl/s3_clnt.c
index e5853ede95b..b6be7489326 100644
--- a/lib/libssl/src/ssl/s3_clnt.c
+++ b/lib/libssl/src/ssl/s3_clnt.c

@@ -545,6 +545,7 @@ static int ssl3_client_hello(SSL *s)

*(p++)=i;

if (i != 0)

{

+ die(i <= sizeof s->session->session_id);

memcpy(p,s->session->session_id,i);

p+=i;

}

@@ -626,6 +627,14 @@ static int ssl3_get_server_hello(SSL *s)

/* get the session-id */

j= *(p++);

+ if(j > sizeof s->session->session_id)

+ {

+ al=SSL_AD_ILLEGAL_PARAMETER;

+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,

+ SSL_R_SSL3_SESSION_ID_TOO_LONG);

+ goto f_err;

+ }

if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))

{

/* SSLref returns 16 :-( */

diff --git a/lib/libssl/src/ssl/s3_srvr.c b/lib/libssl/src/ssl/s3_srvr.c
index 99b6a869838..3748cd7c243 100644
--- a/lib/libssl/src/ssl/s3_srvr.c
+++ b/lib/libssl/src/ssl/s3_srvr.c

@@ -964,6 +964,7 @@ static int ssl3_send_server_hello(SSL *s)

s->session->session_id_length=0;

sl=s->session->session_id_length;

+ die(sl <= sizeof s->session->session_id);

*(p++)=sl;

memcpy(p,s->session->session_id,sl);

p+=sl;

diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h
index 833f7616907..ce6354b2ff1 100644
--- a/lib/libssl/src/ssl/ssl.h
+++ b/lib/libssl/src/ssl/ssl.h

@@ -1637,6 +1637,7 @@ void ERR_load_SSL_strings(void);

#define SSL_R_INVALID_COMMAND 280

#define SSL_R_INVALID_PURPOSE 278

#define SSL_R_INVALID_TRUST 279

+#define SSL_R_KEY_ARG_TOO_LONG 1112

#define SSL_R_KRB5 1104

#define SSL_R_KRB5_C_CC_PRINC 1094

#define SSL_R_KRB5_C_GET_CRED 1095

@@ -1716,6 +1717,7 @@ void ERR_load_SSL_strings(void);

#define SSL_R_SHORT_READ 219

#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220

#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221

+#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113

#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222

#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042

#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020

diff --git a/lib/libssl/src/ssl/ssl_asn1.c b/lib/libssl/src/ssl/ssl_asn1.c
index c5eeeb6bc59..39ffa46ceec 100644
--- a/lib/libssl/src/ssl/ssl_asn1.c
+++ b/lib/libssl/src/ssl/ssl_asn1.c

@@ -296,6 +296,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,

os.length=i;

ret->session_id_length=os.length;

+ die(os.length <= sizeof ret->session_id);

memcpy(ret->session_id,os.data,os.length);

M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);

diff --git a/lib/libssl/src/ssl/ssl_err.c b/lib/libssl/src/ssl/ssl_err.c
index c32c4ef6e97..0cad32c855d 100644
--- a/lib/libssl/src/ssl/ssl_err.c
+++ b/lib/libssl/src/ssl/ssl_err.c

@@ -1,6 +1,6 @@

/* ssl/ssl_err.c */

/* ====================================================================

* Redistribution and use in source and binary forms, with or without

* modification, are permitted provided that the following conditions

@@ -275,6 +275,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=

{SSL_R_INVALID_COMMAND ,"invalid command"},

{SSL_R_INVALID_PURPOSE ,"invalid purpose"},

{SSL_R_INVALID_TRUST ,"invalid trust"},

+{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"},

{SSL_R_KRB5 ,"krb5"},

{SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"},

{SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"},

@@ -354,6 +355,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=

{SSL_R_SHORT_READ ,"short read"},

{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},

{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"},

+{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"},

{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},

{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},

{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"},

diff --git a/lib/libssl/src/ssl/ssl_lib.c b/lib/libssl/src/ssl/ssl_lib.c
index df307a80c58..e516382b6c6 100644
--- a/lib/libssl/src/ssl/ssl_lib.c
+++ b/lib/libssl/src/ssl/ssl_lib.c

@@ -2289,3 +2289,10 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con

IMPLEMENT_STACK_OF(SSL_CIPHER)

IMPLEMENT_STACK_OF(SSL_COMP)

+void OpenSSLDie(const char *file,int line,const char *assertion)

+ {

+ fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n",

+ file,line,assertion);

+ abort();

+ }

diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h
index 5208c4c42a1..0029edc3a6c 100644
--- a/lib/libssl/src/ssl/ssl_locl.h
+++ b/lib/libssl/src/ssl/ssl_locl.h

@@ -615,5 +615,8 @@ int ssl_ok(SSL *s);

SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);

STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);

+/* die if we have to */

+void OpenSSLDie(const char *file,int line,const char *assertion);

+#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))

#endif

diff --git a/lib/libssl/src/ssl/ssl_sess.c b/lib/libssl/src/ssl/ssl_sess.c
index 6424f775e21..a0c3100b29f 100644
--- a/lib/libssl/src/ssl/ssl_sess.c
+++ b/lib/libssl/src/ssl/ssl_sess.c

@@ -250,6 +250,7 @@ int ssl_get_new_session(SSL *s, int session)

ss->session_id_length=0;

}

+ die(s->sid_ctx_length <= sizeof ss->sid_ctx);

memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);

ss->sid_ctx_length=s->sid_ctx_length;

s->session=ss;

diff --git a/lib/libssl/ssl/Makefile b/lib/libssl/ssl/Makefile
index 0fd5407dcad..410399d2163 100644
--- a/lib/libssl/ssl/Makefile
+++ b/lib/libssl/ssl/Makefile

@@ -27,6 +27,7 @@ CFLAGS+= -DB_ENDIAN

CFLAGS+= -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR

CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DSO_DLFCN -DHAVE_DLFCN_H

CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST}/include

+CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST}/crypto

CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST}

SRCS= bio_ssl.c s2_clnt.c s3_both.c s3_srvr.c ssl_err2.c ssl_txt.c \