diff options
| -rw-r--r-- | lib/libssl/d1_srvr.c | 58 | ||||
| -rw-r--r-- | lib/libssl/s3_lib.c | 103 | ||||
| -rw-r--r-- | lib/libssl/s3_srvr.c | 94 | ||||
| -rw-r--r-- | lib/libssl/ssl3.h | 4 | ||||
| -rw-r--r-- | lib/libssl/ssl_cert.c | 10 | ||||
| -rw-r--r-- | lib/libssl/ssl_lib.c | 7 | ||||
| -rw-r--r-- | lib/libssl/ssl_locl.h | 5 |
7 files changed, 44 insertions, 237 deletions
diff --git a/lib/libssl/d1_srvr.c b/lib/libssl/d1_srvr.c index a85715753ca..d2f642f8773 100644 --- a/lib/libssl/d1_srvr.c +++ b/lib/libssl/d1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srvr.c,v 1.40 2014/10/18 16:13:16 jsing Exp $ */ +/* $OpenBSD: d1_srvr.c,v 1.41 2014/10/31 14:51:01 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -446,27 +446,8 @@ dtls1_accept(SSL *s) case SSL3_ST_SW_KEY_EXCH_B: alg_k = s->s3->tmp.new_cipher->algorithm_mkey; - /* clear this, it may get reset by - * send_server_key_exchange */ - if ((s->options & SSL_OP_EPHEMERAL_RSA) - ) - /* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key - * even when forbidden by protocol specs - * (handshake may fail as clients are not required to - * be able to handle this) */ - s->s3->tmp.use_rsa_tmp = 1; - else - s->s3->tmp.use_rsa_tmp = 0; - - /* only send if a DH key exchange or - * RSA but we have a sign only certificate */ - if (s->s3->tmp.use_rsa_tmp - || (alg_k & (SSL_kDHE|SSL_kECDHE)) - || ((alg_k & SSL_kRSA) - && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL - ) - ) - ) { + /* Only send if using a DH key exchange. */ + if (alg_k & (SSL_kDHE|SSL_kECDHE)) { dtls1_start_timer(s); ret = dtls1_send_server_key_exchange(s); if (ret <= 0) @@ -994,7 +975,6 @@ dtls1_send_server_key_exchange(SSL *s) { unsigned char *q; int j, num; - RSA *rsa; unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; unsigned int u; DH *dh = NULL, *dhp; @@ -1024,28 +1004,7 @@ dtls1_send_server_key_exchange(SSL *s) r[0] = r[1] = r[2] = r[3] = NULL; n = 0; - if (type & SSL_kRSA) { - rsa = cert->rsa_tmp; - if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) { - rsa = s->cert->rsa_tmp_cb(s, 0, - SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher)); - if (rsa == NULL) { - al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY); - goto f_err; - } - RSA_up_ref(rsa); - cert->rsa_tmp = rsa; - } - if (rsa == NULL) { - al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_RSA_KEY); - goto f_err; - } - r[0] = rsa->n; - r[1] = rsa->e; - s->s3->tmp.use_rsa_tmp = 1; - } else + if (type & SSL_kDHE) { dhp = cert->dh_tmp; if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) @@ -1087,8 +1046,7 @@ dtls1_send_server_key_exchange(SSL *s) r[0] = dh->p; r[1] = dh->g; r[2] = dh->pub_key; - } else - if (type & SSL_kECDHE) { + } else if (type & SSL_kECDHE) { const EC_GROUP *group; ecdhp = cert->ecdh_tmp; @@ -1185,10 +1143,10 @@ dtls1_send_server_key_exchange(SSL *s) r[1] = NULL; r[2] = NULL; r[3] = NULL; - } else - { + } else { al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); + SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, + SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); goto f_err; } for (i = 0; r[i] != NULL; i++) { diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 42f8074f8c3..08c51111298 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.82 2014/10/03 13:58:17 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.83 2014/10/31 14:51:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1934,8 +1934,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) { int ret = 0; - if (cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || - cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) { + if (cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) { if (!ssl_cert_inst(&s->cert)) { SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); @@ -1963,36 +1962,11 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) ret = (int)(s->s3->flags); break; case SSL_CTRL_NEED_TMP_RSA: - if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && - ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || - (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) - > (512 / 8)))) - ret = 1; + ret = 0; break; case SSL_CTRL_SET_TMP_RSA: - { - RSA *rsa = (RSA *)parg; - if (rsa == NULL) { - SSLerr(SSL_F_SSL3_CTRL, - ERR_R_PASSED_NULL_PARAMETER); - return (ret); - } - if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) { - SSLerr(SSL_F_SSL3_CTRL, - ERR_R_RSA_LIB); - return (ret); - } - RSA_free(s->cert->rsa_tmp); - s->cert->rsa_tmp = rsa; - ret = 1; - } - break; case SSL_CTRL_SET_TMP_RSA_CB: - { - SSLerr(SSL_F_SSL3_CTRL, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return (ret); - } + SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); break; case SSL_CTRL_SET_TMP_DH: { @@ -2144,7 +2118,7 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) { int ret = 0; - if (cmd == SSL_CTRL_SET_TMP_RSA_CB || cmd == SSL_CTRL_SET_TMP_DH_CB) { + if (cmd == SSL_CTRL_SET_TMP_DH_CB) { if (!ssl_cert_inst(&s->cert)) { SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); @@ -2154,20 +2128,13 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) switch (cmd) { case SSL_CTRL_SET_TMP_RSA_CB: - { - s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; - } + SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); break; case SSL_CTRL_SET_TMP_DH_CB: - { - s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; - } + s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; break; case SSL_CTRL_SET_TMP_ECDH_CB: - { - s->cert->ecdh_tmp_cb = - (EC_KEY *(*)(SSL *, int, int))fp; - } + s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; break; case SSL_CTRL_SET_TLSEXT_DEBUG_CB: s->tlsext_debug_cb = (void (*)(SSL *, int , int, @@ -2188,45 +2155,11 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) switch (cmd) { case SSL_CTRL_NEED_TMP_RSA: - if ((cert->rsa_tmp == NULL) && - ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || - (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > - (512 / 8)))) - return (1); - else - return (0); - /* break; */ + return (0); case SSL_CTRL_SET_TMP_RSA: - { - RSA *rsa; - int i; - - rsa = (RSA *)parg; - i = 1; - if (rsa == NULL) - i = 0; - else { - if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) - i = 0; - } - if (!i) { - SSLerr(SSL_F_SSL3_CTX_CTRL, - ERR_R_RSA_LIB); - return (0); - } else { - RSA_free(cert->rsa_tmp); - cert->rsa_tmp = rsa; - return (1); - } - } - /* break; */ case SSL_CTRL_SET_TMP_RSA_CB: - { - SSLerr(SSL_F_SSL3_CTX_CTRL, - ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return (0); - } - break; + SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return (0); case SSL_CTRL_SET_TMP_DH: { DH *new = NULL, *dh; @@ -2366,19 +2299,13 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) switch (cmd) { case SSL_CTRL_SET_TMP_RSA_CB: - { - cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; - } - break; + SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return (0); case SSL_CTRL_SET_TMP_DH_CB: - { - cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; - } + cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; break; case SSL_CTRL_SET_TMP_ECDH_CB: - { - cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; - } + cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; break; case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: ctx->tlsext_servername_callback = diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c index 719b4c56c1d..1b97895f76f 100644 --- a/lib/libssl/s3_srvr.c +++ b/lib/libssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_srvr.c,v 1.87 2014/10/18 16:13:16 jsing Exp $ */ +/* $OpenBSD: s3_srvr.c,v 1.88 2014/10/31 14:51:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -392,37 +392,14 @@ ssl3_accept(SSL *s) alg_k = s->s3->tmp.new_cipher->algorithm_mkey; /* - * Clear this, it may get reset by - * send_server_key_exchange. - */ - if ((s->options & SSL_OP_EPHEMERAL_RSA) - ) - /* - * option SSL_OP_EPHEMERAL_RSA sends temporary - * RSA key even when forbidden by protocol - * specs (handshake may fail as clients are - * not required to be able to handle this) - */ - s->s3->tmp.use_rsa_tmp = 1; - else - s->s3->tmp.use_rsa_tmp = 0; - - - /* - * Only send if a DH key exchange, fortezza or - * RSA but we have a sign only certificate. + * Only send if using a DH key exchange. * - * For ECC ciphersuites, we send a serverKeyExchange - * message only if the cipher suite is either - * ECDH-anon or ECDHE. In other cases, the - * server certificate contains the server's + * For ECC ciphersuites, we send a ServerKeyExchange + * message only if the cipher suite is ECDHE. In other + * cases, the server certificate contains the server's * public key for key exchange. */ - if (s->s3->tmp.use_rsa_tmp || - (alg_k & (SSL_kDHE|SSL_kECDHE)) || - ((alg_k & SSL_kRSA) && - (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == - NULL))) { + if (alg_k & (SSL_kDHE|SSL_kECDHE)) { ret = ssl3_send_server_key_exchange(s); if (ret <= 0) goto end; @@ -1352,7 +1329,6 @@ ssl3_send_server_key_exchange(SSL *s) { unsigned char *q; int j, num; - RSA *rsa; unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; unsigned int u; DH *dh = NULL, *dhp; @@ -1383,31 +1359,6 @@ ssl3_send_server_key_exchange(SSL *s) r[0] = r[1] = r[2] = r[3] = NULL; n = 0; - if (type & SSL_kRSA) { - rsa = cert->rsa_tmp; - if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) { - rsa = s->cert->rsa_tmp_cb(s, 0, - SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher)); - if (rsa == NULL) { - al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr( - SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, - SSL_R_ERROR_GENERATING_TMP_RSA_KEY); - goto f_err; - } - RSA_up_ref(rsa); - cert->rsa_tmp = rsa; - } - if (rsa == NULL) { - al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, - SSL_R_MISSING_TMP_RSA_KEY); - goto f_err; - } - r[0] = rsa->n; - r[1] = rsa->e; - s->s3->tmp.use_rsa_tmp = 1; - } else if (type & SSL_kDHE) { dhp = cert->dh_tmp; if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) @@ -1855,32 +1806,15 @@ ssl3_get_client_key_exchange(SSL *s) alg_k = s->s3->tmp.new_cipher->algorithm_mkey; if (alg_k & SSL_kRSA) { - /* FIX THIS UP EAY EAY EAY EAY */ - if (s->s3->tmp.use_rsa_tmp) { - if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL)) - rsa = s->cert->rsa_tmp; - /* - * Don't do a callback because rsa_tmp should - * be sent already - */ - if (rsa == NULL) { - al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, - SSL_R_MISSING_TMP_RSA_PKEY); - goto f_err; - - } - } else { - pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey; - if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) || - (pkey->pkey.rsa == NULL)) { - al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, - SSL_R_MISSING_RSA_CERTIFICATE); - goto f_err; - } - rsa = pkey->pkey.rsa; + pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey; + if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) || + (pkey->pkey.rsa == NULL)) { + al = SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, + SSL_R_MISSING_RSA_CERTIFICATE); + goto f_err; } + rsa = pkey->pkey.rsa; /* TLS and [incidentally] DTLS{0xFEFF} */ if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) { diff --git a/lib/libssl/ssl3.h b/lib/libssl/ssl3.h index 9a28b4701f1..18afa304c94 100644 --- a/lib/libssl/ssl3.h +++ b/lib/libssl/ssl3.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl3.h,v 1.26 2014/08/11 01:10:42 jsing Exp $ */ +/* $OpenBSD: ssl3.h,v 1.27 2014/10/31 14:51:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -473,7 +473,7 @@ typedef struct ssl3_state_st { char ctype[SSL3_CT_NUMBER]; STACK_OF(X509_NAME) *ca_names; - int use_rsa_tmp; + int use_rsa_tmp; /* XXX - remove at next bump. */ int key_block_length; unsigned char *key_block; diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c index 6f1815067b9..beea31c64bd 100644 --- a/lib/libssl/ssl_cert.c +++ b/lib/libssl/ssl_cert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_cert.c,v 1.42 2014/10/03 13:58:18 jsing Exp $ */ +/* $OpenBSD: ssl_cert.c,v 1.43 2014/10/31 14:51:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -205,12 +205,6 @@ ssl_cert_dup(CERT *cert) ret->mask_k = cert->mask_k; ret->mask_a = cert->mask_a; - if (cert->rsa_tmp != NULL) { - RSA_up_ref(cert->rsa_tmp); - ret->rsa_tmp = cert->rsa_tmp; - } - ret->rsa_tmp_cb = cert->rsa_tmp_cb; - if (cert->dh_tmp != NULL) { ret->dh_tmp = DHparams_dup(cert->dh_tmp); if (ret->dh_tmp == NULL) { @@ -305,7 +299,6 @@ ssl_cert_dup(CERT *cert) return (ret); err: - RSA_free(ret->rsa_tmp); DH_free(ret->dh_tmp); EC_KEY_free(ret->ecdh_tmp); @@ -331,7 +324,6 @@ ssl_cert_free(CERT *c) if (i > 0) return; - RSA_free(c->rsa_tmp); DH_free(c->dh_tmp); EC_KEY_free(c->ecdh_tmp); diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 3fa8f5039f8..579c005cc33 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.87 2014/10/18 16:13:16 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.88 2014/10/31 14:51:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1931,7 +1931,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) { CERT_PKEY *cpk; - int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dsa_sign; + int rsa_enc, rsa_sign, dh_tmp, dsa_sign; unsigned long mask_k, mask_a; int have_ecc_cert, ecdh_ok, ecdsa_ok; int have_ecdh_tmp; @@ -1942,7 +1942,6 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) if (c == NULL) return; - rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL); dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL); have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL || @@ -1970,7 +1969,7 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) mask_a |= SSL_aGOST94; } - if (rsa_enc || (rsa_tmp && rsa_sign)) + if (rsa_enc) mask_k|=SSL_kRSA; if (dh_tmp) diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 976f835c923..955c169244e 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.71 2014/10/03 13:58:18 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.72 2014/10/31 14:51:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -440,9 +440,6 @@ typedef struct cert_st { unsigned long mask_k; unsigned long mask_a; - RSA *rsa_tmp; - RSA *(*rsa_tmp_cb)(SSL *ssl, int is_export, int keysize); - DH *dh_tmp; DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize); |