From 5f8785cd7c1174233b77260d5624035b81ba1173 Mon Sep 17 00:00:00 2001 From: Doug Hogan Date: Sat, 12 Sep 2015 16:10:09 +0000 Subject: Remove most of the SSLv3 version checks and a few TLS v1.0. We can now assume >= TLS v1.0 since SSL2_VERSION, SSL3_VERSION and DTLS1_BAD_VER support was removed. "reads ok" miod@ --- lib/libssl/d1_clnt.c | 14 +++--------- lib/libssl/s3_clnt.c | 60 ++++++++++++++++++--------------------------------- lib/libssl/s3_lib.c | 15 +++++-------- lib/libssl/s3_pkt.c | 7 +----- lib/libssl/s3_srvr.c | 61 +++++++++++++++++++++------------------------------- lib/libssl/ssl_lib.c | 5 +---- lib/libssl/t1_lib.c | 13 ++--------- 7 files changed, 57 insertions(+), 118 deletions(-) (limited to 'lib') diff --git a/lib/libssl/d1_clnt.c b/lib/libssl/d1_clnt.c index 4b02fcf3c4b..fd26bb5a1e1 100644 --- a/lib/libssl/d1_clnt.c +++ b/lib/libssl/d1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_clnt.c,v 1.54 2015/09/12 12:58:15 jsing Exp $ */ +/* $OpenBSD: d1_clnt.c,v 1.55 2015/09/12 16:10:07 doug Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -700,16 +700,8 @@ dtls1_send_client_certificate(SSL *s) if (x509 != NULL) X509_free(x509); EVP_PKEY_free(pkey); - if (i == 0) { - if (s->version == SSL3_VERSION) { - s->s3->tmp.cert_req = 0; - ssl3_send_alert(s, SSL3_AL_WARNING, - SSL_AD_NO_CERTIFICATE); - return (1); - } else { - s->s3->tmp.cert_req = 2; - } - } + if (i == 0) + s->s3->tmp.cert_req = 2; /* Ok, we have a cert */ s->state = SSL3_ST_CW_CERT_C; diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c index 12677319ccd..2863b7380e8 100644 --- a/lib/libssl/s3_clnt.c +++ b/lib/libssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.130 2015/09/12 12:17:00 jsing Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.131 2015/09/12 16:10:07 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -795,7 +795,7 @@ ssl3_get_server_hello(SSL *s) * Check if we want to resume the session based on external * pre-shared secret */ - if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) { + if (s->tls_session_secret_cb) { SSL_CIPHER *pref_cipher = NULL; s->session->master_key_length = sizeof(s->session->master_key); if (s->tls_session_secret_cb(s, s->session->master_key, @@ -901,19 +901,14 @@ ssl3_get_server_hello(SSL *s) } /* TLS extensions*/ - if (s->version >= SSL3_VERSION) { - if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) { - /* 'al' set by ssl_parse_serverhello_tlsext */ - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, - SSL_R_PARSE_TLSEXT); - goto f_err; - - } - if (ssl_check_serverhello_tlsext(s) <= 0) { - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, - SSL_R_SERVERHELLO_TLSEXT); - goto err; - } + if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) { + /* 'al' set by ssl_parse_serverhello_tlsext */ + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_PARSE_TLSEXT); + goto f_err; + } + if (ssl_check_serverhello_tlsext(s) <= 0) { + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT); + goto err; } if (p != d + n) @@ -1538,14 +1533,11 @@ ssl3_get_certificate_request(SSL *s) } /* TLS does not like anon-DH with client cert */ - if (s->version > SSL3_VERSION) { - if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) { - ssl3_send_alert(s, SSL3_AL_FATAL, - SSL_AD_UNEXPECTED_MESSAGE); - SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, - SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); - goto err; - } + if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) { + ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, + SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); + goto err; } if (n < 0) @@ -1914,8 +1906,8 @@ ssl3_send_client_key_exchange(SSL *s) q = p; /* Fix buf for TLS and beyond */ - if (s->version > SSL3_VERSION) - p += 2; + p += 2; + n = RSA_public_encrypt(sizeof tmp_buf, tmp_buf, p, rsa, RSA_PKCS1_PADDING); if (n <= 0) { @@ -1925,10 +1917,8 @@ ssl3_send_client_key_exchange(SSL *s) } /* Fix buf for TLS and beyond */ - if (s->version > SSL3_VERSION) { - s2n(n, q); - n += 2; - } + s2n(n, q); + n += 2; s->session->master_key_length = s->method->ssl3_enc->generate_master_secret( @@ -2448,16 +2438,8 @@ ssl3_send_client_certificate(SSL *s) if (x509 != NULL) X509_free(x509); EVP_PKEY_free(pkey); - if (i == 0) { - if (s->version == SSL3_VERSION) { - s->s3->tmp.cert_req = 0; - ssl3_send_alert(s, SSL3_AL_WARNING, - SSL_AD_NO_CERTIFICATE); - return (1); - } else { - s->s3->tmp.cert_req = 2; - } - } + if (i == 0) + s->s3->tmp.cert_req = 2; /* Ok, we have a cert */ s->state = SSL3_ST_CW_CERT_C; diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 912ac8dbdbb..ce383bb209f 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.105 2015/09/12 15:03:39 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.106 2015/09/12 16:10:07 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2598,7 +2598,7 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) alg_k = s->s3->tmp.new_cipher->algorithm_mkey; #ifndef OPENSSL_NO_GOST - if ((alg_k & SSL_kGOST) && (s->version >= TLS1_VERSION)) { + if ((alg_k & SSL_kGOST)) { p[ret++] = TLS_CT_GOST94_SIGN; p[ret++] = TLS_CT_GOST01_SIGN; p[ret++] = TLS_CT_GOST12_256_SIGN; @@ -2610,13 +2610,9 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) p[ret++] = SSL3_CT_RSA_FIXED_DH; p[ret++] = SSL3_CT_DSS_FIXED_DH; } - if (s->version == SSL3_VERSION && (alg_k & SSL_kDHE)) { - p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; - p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; - } p[ret++] = SSL3_CT_RSA_SIGN; p[ret++] = SSL3_CT_DSS_SIGN; - if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { + if ((alg_k & (SSL_kECDHr|SSL_kECDHe))) { p[ret++] = TLS_CT_RSA_FIXED_ECDH; p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; } @@ -2625,9 +2621,8 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p) * ECDSA certs can be used with RSA cipher suites as well * so we don't need to check for SSL_kECDH or SSL_kECDHE */ - if (s->version >= TLS1_VERSION) { - p[ret++] = TLS_CT_ECDSA_SIGN; - } + p[ret++] = TLS_CT_ECDSA_SIGN; + return (ret); } diff --git a/lib/libssl/s3_pkt.c b/lib/libssl/s3_pkt.c index 33fee732d1f..153b37612f7 100644 --- a/lib/libssl/s3_pkt.c +++ b/lib/libssl/s3_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_pkt.c,v 1.56 2015/07/24 02:39:43 doug Exp $ */ +/* $OpenBSD: s3_pkt.c,v 1.57 2015/09/12 16:10:07 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1074,7 +1074,6 @@ start: if (s->server && SSL_is_init_finished(s) && !s->s3->send_connection_binding && - (s->version > SSL3_VERSION) && (s->s3->handshake_fragment_len >= 4) && (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && (s->session != NULL) && (s->session->cipher != NULL)) { @@ -1339,10 +1338,6 @@ ssl3_send_alert(SSL *s, int level, int desc) { /* Map tls/ssl alert value to correct one */ desc = s->method->ssl3_enc->alert_value(desc); - if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) { - /* SSL 3.0 does not have protocol_version alerts */ - desc = SSL_AD_HANDSHAKE_FAILURE; - } if (desc < 0) return -1; /* If a fatal one, remove from cache */ diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c index dbcbc9b709a..2fbf063140c 100644 --- a/lib/libssl/s3_srvr.c +++ b/lib/libssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_srvr.c,v 1.120 2015/09/12 15:03:39 jsing Exp $ */ +/* $OpenBSD: s3_srvr.c,v 1.121 2015/09/12 16:10:07 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -942,13 +942,10 @@ ssl3_get_client_hello(SSL *s) } /* TLS extensions*/ - if (s->version >= SSL3_VERSION) { - if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { - /* 'al' set by ssl_parse_clienthello_tlsext */ - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, - SSL_R_PARSE_TLSEXT); - goto f_err; - } + if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { + /* 'al' set by ssl_parse_clienthello_tlsext */ + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT); + goto f_err; } if (ssl_check_clienthello_tlsext_early(s) <= 0) { SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, @@ -964,7 +961,7 @@ ssl3_get_client_hello(SSL *s) */ arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); - if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) { + if (!s->hit && s->tls_session_secret_cb) { SSL_CIPHER *pref_cipher = NULL; s->session->master_key_length = sizeof(s->session->master_key); @@ -1054,12 +1051,9 @@ ssl3_get_client_hello(SSL *s) */ /* Handles TLS extensions that we couldn't check earlier */ - if (s->version >= SSL3_VERSION) { - if (ssl_check_clienthello_tlsext_late(s) <= 0) { - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, - SSL_R_CLIENTHELLO_TLSEXT); - goto err; - } + if (ssl_check_clienthello_tlsext_late(s) <= 0) { + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); + goto err; } if (ret < 0) @@ -1646,18 +1640,15 @@ ssl3_get_client_key_exchange(SSL *s) } rsa = pkey->pkey.rsa; - /* TLS and [incidentally] DTLS{0xFEFF} */ - if (s->version > SSL3_VERSION) { - if (2 > n) - goto truncated; - n2s(p, i); - if (n != i + 2) { - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, - SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); - goto err; - } else - n = i; - } + if (2 > n) + goto truncated; + n2s(p, i); + if (n != i + 2) { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, + SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); + goto err; + } else + n = i; i = RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING); @@ -2300,7 +2291,7 @@ ssl3_get_client_certificate(SSL *s) * If tls asked for a client cert, * the client must return a 0 list. */ - if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) { + if (s->s3->tmp.cert_request) { SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST ); @@ -2365,15 +2356,11 @@ ssl3_get_client_certificate(SSL *s) } if (sk_X509_num(sk) <= 0) { - /* TLS does not mind 0 certs returned */ - if (s->version == SSL3_VERSION) { - al = SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, - SSL_R_NO_CERTIFICATES_RETURNED); - goto f_err; - } - /* Fail for TLS only if we required a certificate */ - else if ((s->verify_mode & SSL_VERIFY_PEER) && + /* + * TLS does not mind 0 certs returned. + * Fail for TLS only if we required a certificate. + */ + if ((s->verify_mode & SSL_VERIFY_PEER) && (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index fe73046366c..660ff99e271 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.110 2015/09/11 17:35:36 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.111 2015/09/12 16:10:07 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1731,9 +1731,6 @@ SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, const char *label, size_t llen, const unsigned char *p, size_t plen, int use_context) { - if (s->version < TLS1_VERSION) - return (-1); - return (s->method->ssl3_enc->export_keying_material(s, out, olen, label, llen, p, plen, use_context)); } diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c index fc54fe1e6dd..f3522a02bec 100644 --- a/lib/libssl/t1_lib.c +++ b/lib/libssl/t1_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_lib.c,v 1.84 2015/09/01 13:38:27 jsing Exp $ */ +/* $OpenBSD: t1_lib.c,v 1.85 2015/09/12 16:10:08 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -659,11 +659,6 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) } } - /* don't add extensions for SSLv3 unless doing secure renegotiation */ - if (s->client_version == SSL3_VERSION && - !s->s3->send_connection_binding) - return p; - ret += 2; if (ret >= limit) @@ -973,10 +968,6 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) alg_a & SSL_aECDSA) && s->session->tlsext_ecpointformatlist != NULL; - /* don't add extensions for SSLv3, unless doing secure renegotiation */ - if (s->version == SSL3_VERSION && !s->s3->send_connection_binding) - return p; - ret += 2; if (ret >= limit) return NULL; /* this really never occurs, but ... */ @@ -2048,7 +2039,7 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, */ if (SSL_get_options(s) & SSL_OP_NO_TICKET) return 0; - if (s->version <= SSL3_VERSION || !limit) + if (!limit) return 0; if (limit < session) -- cgit v1.2.3