diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2004-06-10 15:50:49 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2004-06-10 15:50:49 +0000 |
| commit | 5b72873c4275b420afc38649edca2ef90d4074b1 (patch) | |
| tree | 88a4b4b5604caaa924784279812277040652c579 /usr.sbin | |
| parent | 029e8948e82df60a161af1f9776c7ede732a6207 (diff) | |
get changes from mod_ssl 2.8.18:
*) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
if the Subject-DN in the client certificate exceeds 6KB in length.
(CVE CAN-2004-0488).
*) Handle the case of OpenSSL retry requests after interrupted system
calls during the SSL handshake phase.
*) Remove some unused functions.
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/httpd/src/modules/ssl/mod_ssl.h | 3 | ||||
| -rw-r--r-- | usr.sbin/httpd/src/modules/ssl/ssl_engine_kernel.c | 16 | ||||
| -rw-r--r-- | usr.sbin/httpd/src/modules/ssl/ssl_util.c | 44 |
3 files changed, 10 insertions, 53 deletions
diff --git a/usr.sbin/httpd/src/modules/ssl/mod_ssl.h b/usr.sbin/httpd/src/modules/ssl/mod_ssl.h index 9f78fb1f8be..fb42aa2f05a 100644 --- a/usr.sbin/httpd/src/modules/ssl/mod_ssl.h +++ b/usr.sbin/httpd/src/modules/ssl/mod_ssl.h @@ -832,9 +832,6 @@ void ssl_compat_variables(request_rec *); /* Utility Functions */ char *ssl_util_server_root_relative(pool *, char *, char *); char *ssl_util_vhostid(pool *, server_rec *); -void ssl_util_strupper(char *); -void ssl_util_uuencode(char *, const char *, BOOL); -void ssl_util_uuencode_binary(unsigned char *, const unsigned char *, int, BOOL); FILE *ssl_util_ppopen(server_rec *, pool *, char *); int ssl_util_ppopen_child(void *, child_info *); void ssl_util_ppclose(server_rec *, pool *, FILE *); diff --git a/usr.sbin/httpd/src/modules/ssl/ssl_engine_kernel.c b/usr.sbin/httpd/src/modules/ssl/ssl_engine_kernel.c index e21d9c2421c..dd135e4ee89 100644 --- a/usr.sbin/httpd/src/modules/ssl/ssl_engine_kernel.c +++ b/usr.sbin/httpd/src/modules/ssl/ssl_engine_kernel.c @@ -334,6 +334,12 @@ void ssl_hook_NewConnection(conn_rec *conn) ap_ctx_set(ap_global_ctx, "ssl::handshake::timeout", (void *)FALSE); return; } + else if ( (SSL_get_error(ssl, rc) == SSL_ERROR_WANT_READ && BIO_should_retry(SSL_get_rbio(ssl))) + || (SSL_get_error(ssl, rc) == SSL_ERROR_WANT_WRITE && BIO_should_retry(SSL_get_wbio(ssl)))) { + ssl_log(srvr, SSL_LOG_TRACE, "SSL handshake I/O retry (server %s, client %s)", + cpVHostID, conn->remote_ip != NULL ? conn->remote_ip : "unknown"); + continue; + } else { /* * Ok, anything else is a fatal error @@ -1139,7 +1145,6 @@ int ssl_hook_Auth(request_rec *r) { SSLSrvConfigRec *sc = mySrvConfig(r->server); SSLDirConfigRec *dc = myDirConfig(r); - char b1[MAX_STRING_LEN], b2[MAX_STRING_LEN]; char *clientdn; const char *cpAL; const char *cpUN; @@ -1200,12 +1205,11 @@ int ssl_hook_Auth(request_rec *r) * adding the string "xxj31ZMTZzkVA" as the password in the user file. * This is just the crypted variant of the word "password" ;-) */ - ap_snprintf(b1, sizeof(b1), "%s:password", clientdn); - ssl_util_uuencode(b2, b1, FALSE); - ap_snprintf(b1, sizeof(b1), "Basic %s", b2); - ap_table_set(r->headers_in, "Authorization", b1); + cpAL = ap_pstrcat(r->pool, "Basic ", ap_pbase64encode(r->pool, + ap_pstrcat(r->pool, clientdn, ":password", NULL)), NULL); + ap_table_set(r->headers_in, "Authorization", cpAL); ssl_log(r->server, SSL_LOG_INFO, - "Faking HTTP Basic Auth header: \"Authorization: %s\"", b1); + "Faking HTTP Basic Auth header: \"Authorization: %s\"", cpAL); return DECLINED; } diff --git a/usr.sbin/httpd/src/modules/ssl/ssl_util.c b/usr.sbin/httpd/src/modules/ssl/ssl_util.c index b01d5d43c2f..99015482222 100644 --- a/usr.sbin/httpd/src/modules/ssl/ssl_util.c +++ b/usr.sbin/httpd/src/modules/ssl/ssl_util.c @@ -151,50 +151,6 @@ char *ssl_util_vhostid(pool *p, server_rec *s) return id; } -void ssl_util_strupper(char *s) -{ - for (; *s; ++s) - *s = toupper(*s); - return; -} - -static const char ssl_util_uuencode_six2pr[64+1] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -void ssl_util_uuencode(char *szTo, const char *szFrom, BOOL bPad) -{ - ssl_util_uuencode_binary((unsigned char *)szTo, - (const unsigned char *)szFrom, - strlen(szFrom), bPad); -} - -void ssl_util_uuencode_binary( - unsigned char *szTo, const unsigned char *szFrom, int nLength, BOOL bPad) -{ - const unsigned char *s; - int nPad = 0; - - for (s = szFrom; nLength > 0; s += 3) { - *szTo++ = ssl_util_uuencode_six2pr[s[0] >> 2]; - *szTo++ = ssl_util_uuencode_six2pr[(s[0] << 4 | s[1] >> 4) & 0x3f]; - if (--nLength == 0) { - nPad = 2; - break; - } - *szTo++ = ssl_util_uuencode_six2pr[(s[1] << 2 | s[2] >> 6) & 0x3f]; - if (--nLength == 0) { - nPad = 1; - break; - } - *szTo++ = ssl_util_uuencode_six2pr[s[2] & 0x3f]; - --nLength; - } - while(bPad && nPad--) - *szTo++ = NUL; - *szTo = NUL; - return; -} - FILE *ssl_util_ppopen(server_rec *s, pool *p, char *cmd) { FILE *fpout; |