Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

merge conflicts, restore binary compatibility in hmac, regen.

Browse Source
This commit is contained in:
christos 2015-06-12 17:01:11 +00:00
parent 9cae6e10c2
commit 2dedb2215d
404 changed files with 2238 additions and 1399 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
crypto/external/bsd/openssl/dist/CHANGES vendored
View File

@ -2,6 +2,77 @@
OpenSSL CHANGES
_______________
Changes between 1.0.1m and 1.0.1n [11 Jun 2015]
*) Malformed ECParameters causes infinite loop
When processing an ECParameters structure OpenSSL enters an infinite loop
if the curve specified is over a specially malformed binary polynomial
field.
This can be used to perform denial of service against any
system which processes public keys, certificate requests or
certificates. This includes TLS clients and TLS servers with
client authentication enabled.
This issue was reported to OpenSSL by Joseph Barr-Pixton.
(CVE-2015-1788)
[Andy Polyakov]
*) Exploitable out-of-bounds read in X509_cmp_time
X509_cmp_time does not properly check the length of the ASN1_TIME
string and can read a few bytes out of bounds. In addition,
X509_cmp_time accepts an arbitrary number of fractional seconds in the
time string.
An attacker can use this to craft malformed certificates and CRLs of
various sizes and potentially cause a segmentation fault, resulting in
a DoS on applications that verify certificates or CRLs. TLS clients
that verify CRLs are affected. TLS clients and servers with client
authentication enabled may be affected if they use custom verification
callbacks.
This issue was reported to OpenSSL by Robert Swiecki (Google), and
independently by Hanno Böck.
(CVE-2015-1789)
[Emilia Käsper]
*) PKCS7 crash with missing EnvelopedContent
The PKCS#7 parsing code does not handle missing inner EncryptedContent
correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
with missing content and trigger a NULL pointer dereference on parsing.
Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
structures from untrusted sources are affected. OpenSSL clients and
servers are not affected.
This issue was reported to OpenSSL by Michal Zalewski (Google).
(CVE-2015-1790)
[Emilia Käsper]
*) CMS verify infinite loop with unknown hash function
When verifying a signedData message the CMS code can enter an infinite loop
if presented with an unknown hash function OID. This can be used to perform
denial of service against any system which verifies signedData messages using
the CMS code.
This issue was reported to OpenSSL by Johannes Bauer.
(CVE-2015-1792)
[Stephen Henson]
*) Race condition handling NewSessionTicket
If a NewSessionTicket is received by a multi-threaded client when attempting to
reuse a previous ticket then a race condition can occur potentially leading to
a double free of the ticket data.
(CVE-2015-1791)
[Matt Caswell]
*) Reject DH handshakes with parameters shorter than 768 bits.
[Kurt Roeckx and Emilia Kasper]
Changes between 1.0.1l and 1.0.1m [19 Mar 2015]
*) Segmentation fault in ASN1_TYPE_cmp fix

10
crypto/external/bsd/openssl/dist/Configure vendored
View File

@ -230,12 +230,12 @@ my %table=(
#### SPARC Solaris with GNU C setups
"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-gcc","gcc:-mcpu=v8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
####
"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=v8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SPARC Solaris with Sun C setups
@ -252,7 +252,7 @@ my %table=(
#### SunOS configs, assuming sparc for the gcc one.
#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
"sunos-gcc","gcc:-O3 -mcpu=v8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
#### IRIX 5.x configs
# -mips2 flag is added by ./config when appropriate.
@ -379,7 +379,7 @@ my %table=(
#### SPARC Linux setups
# Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
# assisted with debugging of following two configs.
"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"linux-sparcv8","gcc:-mcpu=v8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# it's a real mess with -mcpu=ultrasparc option under Linux, but
# -Wa,-Av8plus should do the trick no matter what.
"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -413,7 +413,7 @@ my %table=(
"BSD-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mcpu=v8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it

28
crypto/external/bsd/openssl/dist/Makefile vendored
View File

@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=1.0.1m
VERSION=1.0.1n
MAJOR=1
MINOR=0.1
SHLIB_VERSION_NUMBER=1.0.0
@ -186,7 +186,7 @@ WTARFILE= $(NAME)-win.tar
EXHEADER= e_os2.h
HEADER= e_os.h
all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
all: Makefile build_all
# as we stick to -e, CLEARENV ensures that local variables in lower
# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
@ -272,7 +272,10 @@ reflect:
sub_all: build_all
build_all: build_libs build_apps build_tests build_tools
build_libs: build_crypto build_ssl build_engines
build_libs: build_libcrypto build_libssl openssl.pc
build_libcrypto: build_crypto build_engines libcrypto.pc
build_libssl: build_ssl libssl.pc
build_crypto:
@dir=crypto; target=all; $(BUILD_ONE_CMD)
@ -461,6 +464,9 @@ tests: rehash
report:
@$(PERL) util/selftest.pl
update: errors stacks util/libeay.num util/ssleay.num TABLE
@set -e; target=update; $(RECURSIVE_BUILD_CMD)
depend:
@set -e; target=depend; $(RECURSIVE_BUILD_CMD)
@ -485,26 +491,10 @@ util/libeay.num::
util/ssleay.num::
$(PERL) util/mkdef.pl ssl update
crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h
apps/openssl-vms.cnf: apps/openssl.cnf
$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
TABLE: Configure
(echo 'Output of `Configure TABLE'"':"; \
$(PERL) Configure TABLE) > TABLE
update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
# Build distribution tar-file. As the list of files returned by "find" is
# pretty long, on several platforms a "too many arguments" error or similar
# would occur. Therefore the list of files is temporarily stored into a file

8
crypto/external/bsd/openssl/dist/NEWS vendored
View File

@ -5,6 +5,14 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015]
o Malformed ECParameters causes infinite loop (CVE-2015-1788)
o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
o CMS verify infinite loop with unknown hash function (CVE-2015-1792)
o Race condition handling NewSessionTicket (CVE-2015-1791)
Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015]
o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)

2
crypto/external/bsd/openssl/dist/README vendored
View File

@ -1,5 +1,5 @@
OpenSSL 1.0.1m 19 Mar 2015
OpenSSL 1.0.1n 11 Jun 2015
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

10
crypto/external/bsd/openssl/dist/apps/ca.c vendored
View File

@ -558,7 +558,7 @@ int MAIN(int argc, char **argv)
#ifdef OPENSSL_SYS_VMS
len = strlen(s) + sizeof(CONFIG_FILE);
tofree = OPENSSL_malloc(len);
if(!tofree) {
if (!tofree) {
BIO_printf(bio_err, "Out of memory\n");
goto err;
}
@ -566,7 +566,7 @@ int MAIN(int argc, char **argv)
#else
len = strlen(s) + sizeof(CONFIG_FILE) + 1;
tofree = OPENSSL_malloc(len);
if(!tofree) {
if (!tofree) {
BIO_printf(bio_err, "Out of memory\n");
goto err;
}
@ -2803,7 +2803,7 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
ASN1_GENERALIZEDTIME *comp_time = NULL;
tmp = BUF_strdup(str);
if(!tmp) {
if (!tmp) {
BIO_printf(bio_err, "memory allocation failure\n");
goto err;
}
@ -2825,7 +2825,7 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
if (prevtm) {
*prevtm = ASN1_UTCTIME_new();
if(!*prevtm) {
if (!*prevtm) {
BIO_printf(bio_err, "memory allocation failure\n");
goto err;
}
@ -2869,7 +2869,7 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
goto err;
}
comp_time = ASN1_GENERALIZEDTIME_new();
if(!comp_time) {
if (!comp_time) {
BIO_printf(bio_err, "memory allocation failure\n");
goto err;
}

2
crypto/external/bsd/openssl/dist/apps/ocsp.c vendored
View File

@ -518,6 +518,8 @@ int MAIN(int argc, char **argv)
"-CApath dir trusted certificates directory\n");
BIO_printf(bio_err,
"-CAfile file trusted certificates file\n");
BIO_printf(bio_err,
"-no_alt_chains only ever use the first certificate chain found\n");
BIO_printf(bio_err,
"-VAfile file validator certificates file\n");
BIO_printf(bio_err,

15
crypto/external/bsd/openssl/dist/apps/s_client.c vendored
View File

@ -322,6 +322,8 @@ static void sc_usage(void)
" -pass arg - private key file pass phrase source\n");
BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
BIO_printf(bio_err,
" -no_alt_chains - only ever use the first certificate chain found\n");
BIO_printf(bio_err,
" -reconnect - Drop and re-make the connection with the same Session-ID\n");
BIO_printf(bio_err,
@ -547,7 +549,7 @@ static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
PW_CB_DATA cb_tmp;
int l;
if(!pass) {
if (!pass) {
BIO_printf(bio_err, "Malloc failure\n");
return NULL;
}
@ -1178,13 +1180,12 @@ int MAIN(int argc, char **argv)
if (!set_cert_key_stuff(ctx, cert, key))
goto end;
if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(ctx))) {
/*
* BIO_printf(bio_err,"error setting default verify locations\n");
*/
if ((CAfile || CApath)
&& !SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) {
ERR_print_errors(bio_err);
}
if (!SSL_CTX_set_default_verify_paths(ctx)) {
ERR_print_errors(bio_err);
/* goto end; */
}
#ifndef OPENSSL_NO_TLSEXT
if (servername != NULL) {

73
crypto/external/bsd/openssl/dist/apps/s_server.c vendored
View File

@ -219,7 +219,7 @@ static int generate_session_id(const SSL *ssl, unsigned char *id,
unsigned int *id_len);
#ifndef OPENSSL_NO_DH
static DH *load_dh_param(const char *dhfile);
static DH *get_dh512(void);
static DH *get_dh2048(void);
#endif
#ifdef MONOLITH
@ -227,30 +227,48 @@ static void s_server_init(void);
#endif
#ifndef OPENSSL_NO_DH
static unsigned char dh512_p[] = {
0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75,
0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3,
0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C,
0x47, 0x74, 0xE8, 0x33,
static unsigned char dh2048_p[] = {
0xF6,0x42,0x57,0xB7,0x08,0x7F,0x08,0x17,0x72,0xA2,0xBA,0xD6,
0xA9,0x42,0xF3,0x05,0xE8,0xF9,0x53,0x11,0x39,0x4F,0xB6,0xF1,
0x6E,0xB9,0x4B,0x38,0x20,0xDA,0x01,0xA7,0x56,0xA3,0x14,0xE9,
0x8F,0x40,0x55,0xF3,0xD0,0x07,0xC6,0xCB,0x43,0xA9,0x94,0xAD,
0xF7,0x4C,0x64,0x86,0x49,0xF8,0x0C,0x83,0xBD,0x65,0xE9,0x17,
0xD4,0xA1,0xD3,0x50,0xF8,0xF5,0x59,0x5F,0xDC,0x76,0x52,0x4F,
0x3D,0x3D,0x8D,0xDB,0xCE,0x99,0xE1,0x57,0x92,0x59,0xCD,0xFD,
0xB8,0xAE,0x74,0x4F,0xC5,0xFC,0x76,0xBC,0x83,0xC5,0x47,0x30,
0x61,0xCE,0x7C,0xC9,0x66,0xFF,0x15,0xF9,0xBB,0xFD,0x91,0x5E,
0xC7,0x01,0xAA,0xD3,0x5B,0x9E,0x8D,0xA0,0xA5,0x72,0x3A,0xD4,
0x1A,0xF0,0xBF,0x46,0x00,0x58,0x2B,0xE5,0xF4,0x88,0xFD,0x58,
0x4E,0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,
0x33,0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,
0x5B,0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,
0x18,0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,
0x7C,0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,
0xB5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,
0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,
0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,
0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,
0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,
0xE9,0x32,0x0B,0x3B,
};
static unsigned char dh512_g[] = {
static unsigned char dh2048_g[] = {
0x02,
};
static DH *get_dh512(void)
DH *get_dh2048()
{
DH *dh = NULL;
DH *dh;
if ((dh = DH_new()) == NULL)
return (NULL);
dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
if ((dh->p == NULL) || (dh->g == NULL))
return (NULL);
return (dh);
return NULL;
dh->p=BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
dh->g=BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
if (dh->p == NULL || dh->g == NULL) {
DH_free(dh);
return NULL;
}
return dh;
}
#endif
@ -522,6 +540,8 @@ static void sv_usage(void)
BIO_printf(bio_err, " -state - Print the SSL states\n");
BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
BIO_printf(bio_err,
" -no_alt_chains - only ever use the first certificate chain found\n");
BIO_printf(bio_err,
" -nocert - Don't use any certificates (Anon-DH)\n");
BIO_printf(bio_err,
@ -720,7 +740,7 @@ static int ebcdic_write(BIO *b, const char *in, int inl)
num = inl;
wbuf =
(EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
if(!wbuf)
if (!wbuf)
return 0;
OPENSSL_free(b->ptr);
@ -998,7 +1018,7 @@ int MAIN(int argc, char *argv[])
int off = 0;
int no_tmp_rsa = 0, no_dhe = 0, nocert = 0;
#ifndef OPENSSL_NO_ECDH
int no_ecdhe;
int no_ecdhe = 0;
#endif
int state = 0;
const SSL_METHOD *meth = NULL;
@ -1654,7 +1674,11 @@ int MAIN(int argc, char *argv[])
BIO_printf(bio_s_out, "Setting temp DH parameters\n");
} else {
BIO_printf(bio_s_out, "Using default temp DH parameters\n");
dh = get_dh512();
dh = get_dh2048();
if (dh == NULL) {
ERR_print_errors(bio_err);
goto end;
}
}
(void)BIO_flush(bio_s_out);
@ -2256,8 +2280,10 @@ static int sv_body(char *hostname, int s, unsigned char *context)
ret = 1;
goto err;
}
l += k;
i -= k;
if (k > 0) {
l += k;
i -= k;
}
if (i <= 0)
break;
}
@ -2921,7 +2947,8 @@ static int generate_session_id(const SSL *ssl, unsigned char *id,
{
unsigned int count = 0;
do {
RAND_pseudo_bytes(id, *id_len);
if (RAND_pseudo_bytes(id, *id_len) < 0)
return 0;
/*
* Prefix the session_id with the required prefix. NB: If our prefix
* is too long, clip it - but there will be worse effects anyway, eg.

2
crypto/external/bsd/openssl/dist/apps/s_time.c vendored
View File

@ -302,7 +302,7 @@ static int parseArgs(int argc, char **argv)
if (--argc < 1)
goto bad;
maxTime = atoi(*(++argv));
if(maxTime <= 0) {
if (maxTime <= 0) {
BIO_printf(bio_err, "time must be > 0\n");
badop = 1;
}

11
crypto/external/bsd/openssl/dist/crypto/Makefile vendored
View File

@ -125,12 +125,17 @@ install:
lint:
@target=lint; $(RECURSIVE_MAKE)
depend:
update: local_depend
@[ -z "$(THIS)" ] || (set -e; target=update; $(RECURSIVE_MAKE) )
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
depend: local_depend
@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
local_depend:
@[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist
@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h
@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
clean:
rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff

2
crypto/external/bsd/openssl/dist/crypto/aes/Makefile vendored
View File

@ -106,6 +106,8 @@ tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

3
crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c vendored
View File

@ -289,7 +289,8 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
if ((flags & SMIME_DETACHED) && data) {
/* We want multipart/signed */
/* Generate a random boundary */
RAND_pseudo_bytes((unsigned char *)bound, 32);
if (RAND_pseudo_bytes((unsigned char *)bound, 32) < 0)
return 0;
for (i = 0; i < 32; i++) {
c = bound[i] & 0xf;
if (c < 10)

0
crypto/external/bsd/openssl/dist/crypto/bn/asm/mips3.s vendored
View File

5
crypto/external/bsd/openssl/dist/crypto/bn/bn.h vendored
View File

@ -797,6 +797,7 @@ int RAND_pseudo_bytes(unsigned char *buf, int num);
* wouldn't be constructed with top!=dmax. */ \
BN_ULONG *_not_const; \
memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
/* Debug only - safe to ignore error return */ \
RAND_pseudo_bytes(&_tmp_char, 1); \
memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
@ -910,6 +911,7 @@ void ERR_load_BN_strings(void);
# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
# define BN_F_BN_GF2M_MOD_SQR 136
# define BN_F_BN_GF2M_MOD_SQRT 137
# define BN_F_BN_LSHIFT 145
# define BN_F_BN_MOD_EXP2_MONT 118
# define BN_F_BN_MOD_EXP_MONT 109
# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
@ -925,12 +927,14 @@ void ERR_load_BN_strings(void);
# define BN_F_BN_NEW 113
# define BN_F_BN_RAND 114
# define BN_F_BN_RAND_RANGE 122
# define BN_F_BN_RSHIFT 146
# define BN_F_BN_USUB 115
/* Reason codes. */
# define BN_R_ARG2_LT_ARG3 100
# define BN_R_BAD_RECIPROCAL 101
# define BN_R_BIGNUM_TOO_LONG 114
# define BN_R_BITS_TOO_SMALL 118
# define BN_R_CALLED_WITH_EVEN_MODULUS 102
# define BN_R_DIV_BY_ZERO 103
# define BN_R_ENCODING_ERROR 104
@ -938,6 +942,7 @@ void ERR_load_BN_strings(void);
# define BN_R_INPUT_NOT_REDUCED 110
# define BN_R_INVALID_LENGTH 106
# define BN_R_INVALID_RANGE 115
# define BN_R_INVALID_SHIFT 119
# define BN_R_NOT_A_SQUARE 111
# define BN_R_NOT_INITIALIZED 107
# define BN_R_NO_INVERSE 108

8
crypto/external/bsd/openssl/dist/crypto/bn/bn_lcl.h vendored
View File

@ -276,6 +276,13 @@ unsigned __int64 _umul128(unsigned __int64 a, unsigned __int64 b,
# endif
# elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG))
# if defined(__GNUC__) && __GNUC__>=2
# if __GNUC__>4 || (__GNUC__>=4 && __GNUC_MINOR__>=4)
/* "h" constraint is no more since 4.4 */
# define BN_UMULT_HIGH(a,b) (((__uint128_t)(a)*(b))>>64)
# define BN_UMULT_LOHI(low,high,a,b) ({ \
__uint128_t ret=(__uint128_t)(a)*(b); \
(high)=ret>>64; (low)=ret; })
# else
# define BN_UMULT_HIGH(a,b) ({ \
register BN_ULONG ret; \
asm ("dmultu %1,%2" "\n\t" \
@ -289,6 +296,7 @@ unsigned __int64 _umul128(unsigned __int64 a, unsigned __int64 b,
"mfhi %1" "\n\t" \
: "=r"(low),"=r"(high) \
: "r"(a), "r"(b) : "lo", "hi");
# endif
# endif
# endif /* cpu */
# endif /* OPENSSL_NO_ASM */

2
crypto/external/bsd/openssl/dist/crypto/buffer/buffer.c vendored
View File

@ -88,7 +88,7 @@ void BUF_MEM_free(BUF_MEM *a)
return;
if (a->data != NULL) {
memset(a->data, 0, (unsigned int)a->max);
OPENSSL_cleanse(a->data, a->max);
OPENSSL_free(a->data);
}
OPENSSL_free(a);

7
crypto/external/bsd/openssl/dist/crypto/cms/cms_pwri.c vendored
View File

@ -231,7 +231,7 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen,
return 0;
}
tmp = OPENSSL_malloc(inlen);
if(!tmp)
if (!tmp)
return 0;
/* setup IV by decrypting last two blocks */
EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
@ -297,8 +297,9 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
out[3] = in[2] ^ 0xFF;
memcpy(out + 4, in, inlen);
/* Add random padding to end */
if (olen > inlen + 4)
RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen);
if (olen > inlen + 4
&& RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen) < 0)
return 0;
/* Encrypt twice */
EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
EVP_EncryptUpdate(ctx, out, &dummy, out, olen);

2
crypto/external/bsd/openssl/dist/crypto/cryptlib.c vendored
View File

@ -806,8 +806,6 @@ int OPENSSL_isservice(void)
if (_OPENSSL_isservice.p != (void *)-1)
return (*_OPENSSL_isservice.f) ();
(void)GetDesktopWindow(); /* return value is ignored */
h = GetProcessWindowStation();
if (h == NULL)
return -1;

6
crypto/external/bsd/openssl/dist/crypto/des/des.c vendored
View File

@ -455,8 +455,10 @@ void doencryption(void)
rem = l % 8;
len = l - rem;
if (feof(DES_IN)) {
for (i = 7 - rem; i > 0; i--)
RAND_pseudo_bytes(buf + l++, 1);
for (i = 7 - rem; i > 0; i--) {
if (RAND_pseudo_bytes(buf + l++, 1) < 0)
goto problems;
}
buf[l++] = rem;
ex = 1;
len += rem;

20
crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c vendored
View File

@ -1114,7 +1114,7 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
{
int ret = 0, ok = 0;
unsigned char *buffer = NULL;
size_t buf_len = 0, tmp_len;
size_t buf_len = 0, tmp_len, bn_len;
EC_PRIVATEKEY *priv_key = NULL;
if (a == NULL || a->group == NULL || a->priv_key == NULL ||
@ -1130,18 +1130,32 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
priv_key->version = a->version;
buf_len = (size_t)BN_num_bytes(a->priv_key);
bn_len = (size_t)BN_num_bytes(a->priv_key);
/* Octetstring may need leading zeros if BN is to short */
buf_len = (EC_GROUP_get_degree(a->group) + 7) / 8;
if (bn_len > buf_len) {
ECerr(EC_F_I2D_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
goto err;
}
buffer = OPENSSL_malloc(buf_len);
if (buffer == NULL) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!BN_bn2bin(a->priv_key, buffer)) {
if (!BN_bn2bin(a->priv_key, buffer + buf_len - bn_len)) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
goto err;
}
if (buf_len - bn_len > 0) {
memset(buffer, 0, buf_len - bn_len);
}
if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
goto err;

24
crypto/external/bsd/openssl/dist/crypto/ec/ectest.c vendored
View File

@ -412,7 +412,7 @@ static void prime_field_tests(void)
ABORT;
if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx))
ABORT;
if (!EC_POINT_is_on_curve(group, Q, ctx)) {
if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) {
if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx))
ABORT;
fprintf(stderr, "Point is not on curve: x = 0x");
@ -544,7 +544,7 @@ static void prime_field_tests(void)
ABORT;
if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx))
ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx))
if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
ABORT;
if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257"))
ABORT;
@ -593,7 +593,7 @@ static void prime_field_tests(void)
ABORT;
if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx))
if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
ABORT;
if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"))
ABORT;
@ -646,7 +646,7 @@ static void prime_field_tests(void)
ABORT;
if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx))
if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
ABORT;
if (!BN_hex2bn
(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"))
@ -705,7 +705,7 @@ static void prime_field_tests(void)
ABORT;
if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx))
if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
ABORT;
if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
"84F3B9CAC2FC632551"))
@ -761,7 +761,7 @@ static void prime_field_tests(void)
ABORT;
if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx))
if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
ABORT;
if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
"FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"))
@ -820,7 +820,7 @@ static void prime_field_tests(void)
ABORT;
if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx))
if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
ABORT;
if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
"FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"
@ -864,7 +864,7 @@ static void prime_field_tests(void)
ABORT;
if (!EC_POINT_dbl(group, P, P, ctx))
ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx))
if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
ABORT;
if (!EC_POINT_invert(group, Q, ctx))
ABORT; /* P = -2Q */
@ -1008,7 +1008,7 @@ static void prime_field_tests(void)
# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
if (!BN_hex2bn(&x, _x)) ABORT; \
if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \
if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \
if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \
if (!BN_hex2bn(&z, _order)) ABORT; \
if (!BN_hex2bn(&cof, _cof)) ABORT; \
if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
@ -1026,7 +1026,7 @@ static void prime_field_tests(void)
if (!BN_hex2bn(&x, _x)) ABORT; \
if (!BN_hex2bn(&y, _y)) ABORT; \
if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \
if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \
if (!BN_hex2bn(&z, _order)) ABORT; \
if (!BN_hex2bn(&cof, _cof)) ABORT; \
if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
@ -1157,7 +1157,7 @@ static void char2_field_tests(void)
if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx))
ABORT;
# endif
if (!EC_POINT_is_on_curve(group, Q, ctx)) {
if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) {
/* Change test based on whether binary point compression is enabled or not. */
# ifdef OPENSSL_EC_BIN_PT_COMP
if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx))
@ -1378,7 +1378,7 @@ static void char2_field_tests(void)
ABORT;
if (!EC_POINT_dbl(group, P, P, ctx))
ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx))
if (EC_POINT_is_on_curve(group, P, ctx) <= 0)
ABORT;
if (!EC_POINT_invert(group, Q, ctx))
ABORT; /* P = -2Q */

2
crypto/external/bsd/openssl/dist/crypto/engine/Makefile vendored
View File

@ -71,6 +71,8 @@ tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

2
crypto/external/bsd/openssl/dist/crypto/evp/Makefile vendored
View File

@ -86,6 +86,8 @@ tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)

7
crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c vendored
View File

@ -50,6 +50,7 @@
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_AES
#include <openssl/crypto.h>
# include <openssl/evp.h>
# include <openssl/err.h>
# include <string.h>
@ -753,7 +754,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
case EVP_CTRL_AEAD_TLS1_AAD:
/* Save the AAD for later use */
if (arg != 13)
if (arg != EVP_AEAD_TLS1_AAD_LEN)
return 0;
memcpy(c->buf, ptr, arg);
gctx->tls_aad_len = arg;
@ -914,7 +915,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
/* Retrieve tag */
CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);
/* If tag mismatch wipe buffer */
if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
if (CRYPTO_memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
OPENSSL_cleanse(out, len);
goto err;
}
@ -1259,7 +1260,7 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
!CRYPTO_ccm128_decrypt(ccm, in, out, len)) {
unsigned char tag[16];
if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {
if (!memcmp(tag, ctx->buf, cctx->M))
if (!CRYPTO_memcmp(tag, ctx->buf, cctx->M))
rv = len;
}
}

17
crypto/external/bsd/openssl/dist/crypto/hmac/hmac.c vendored
View File

@ -65,6 +65,8 @@
# include <openssl/fips.h>
#endif
#define HMAC_UNINIT ((unsigned int)~0)
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md, ENGINE *impl)
{
@ -97,7 +99,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
return 0;
}
if (!ctx->key_init && key == NULL)
if (ctx->key_length == HMAC_UNINIT && key == NULL)
return 0;
if (key != NULL) {
@ -121,7 +123,6 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
memset(&ctx->key[ctx->key_length], 0,
HMAC_MAX_MD_CBLOCK - ctx->key_length);
ctx->key_init = 1;
}
if (reset) {
@ -143,6 +144,7 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
goto err;
return 1;
err:
ctx->key_length = HMAC_UNINIT;
return 0;
}
@ -159,7 +161,7 @@ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
if (FIPS_mode() && !ctx->i_ctx.engine)
return FIPS_hmac_update(ctx, data, len);
#endif
if (!ctx->key_init)
if (ctx->key_length == HMAC_UNINIT)
return 0;
return EVP_DigestUpdate(&ctx->md_ctx, data, len);
@ -174,7 +176,7 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
return FIPS_hmac_final(ctx, md, len);
#endif
if (!ctx->key_init)
if (ctx->key_length == HMAC_UNINIT)
goto err;
if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
@ -195,7 +197,7 @@ void HMAC_CTX_init(HMAC_CTX *ctx)
EVP_MD_CTX_init(&ctx->i_ctx);
EVP_MD_CTX_init(&ctx->o_ctx);
EVP_MD_CTX_init(&ctx->md_ctx);
ctx->key_init = 0;
ctx->key_length = HMAC_UNINIT;
ctx->md = NULL;
}
@ -207,10 +209,9 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
goto err;
if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
goto err;
dctx->key_init = sctx->key_init;
if (sctx->key_init) {
dctx->key_length = sctx->key_length;
if (sctx->key_length != HMAC_UNINIT) {
memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
dctx->key_length = sctx->key_length;
}
dctx->md = sctx->md;
return 1;

1
crypto/external/bsd/openssl/dist/crypto/hmac/hmac.h vendored
View File

@ -79,7 +79,6 @@ typedef struct hmac_ctx_st {
EVP_MD_CTX o_ctx;
unsigned int key_length;
unsigned char key[HMAC_MAX_MD_CBLOCK];
int key_init;
} HMAC_CTX;
# define HMAC_size(e) (EVP_MD_size((e)->md))

176
crypto/external/bsd/openssl/dist/crypto/hmac/hmactest.c vendored
View File

@ -85,7 +85,7 @@ static struct test_st {
const unsigned char data[64];
int data_len;
const unsigned char *digest;
} test[4] = {
} test[8] = {
{
"", 0, "More text test vectors to stuff up EBCDIC machines :-)", 54,
(const unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",
@ -113,10 +113,27 @@ static struct test_st {
0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd
}, 50, (const unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
},
{
"", 0, "My test data", 12,
(unsigned char *)"61afdecb95429ef494d61fdee15990cabf0826fc"
},
{
"", 0, "My test data", 12,
(unsigned char *)"2274b195d90ce8e03406f4b526a47e0787a88a65479938f1a5baa3ce0f079776"
},
{
"123456", 6, "My test data", 12,
(unsigned char *)"bab53058ae861a7f191abe2d0145cbb123776a6369ee3f9d79ce455667e411dd"
},
{
"12345", 5, "My test data again", 12,
(unsigned char *)"7dbe8c764c068e3bcd6e6b0fbcd5e6fc197b15bb"
}
};
# endif
static char *pt(unsigned char *md);
static char *pt(unsigned char *md, unsigned int len);
int main(int argc, char *argv[])
{
# ifndef OPENSSL_NO_MD5
@ -124,6 +141,9 @@ int main(int argc, char *argv[])
char *p;
# endif
int err = 0;
HMAC_CTX ctx, ctx2;
unsigned char buf[EVP_MAX_MD_SIZE];
unsigned int len;
# ifdef OPENSSL_NO_MD5
printf("test skipped: MD5 disabled\n");
@ -139,28 +159,168 @@ int main(int argc, char *argv[])
for (i = 0; i < 4; i++) {
p = pt(HMAC(EVP_md5(),
test[i].key, test[i].key_len,
test[i].data, test[i].data_len, NULL, NULL));
test[i].data, test[i].data_len, NULL, NULL),
MD5_DIGEST_LENGTH);
if (strcmp(p, (const char *)test[i].digest) != 0) {
printf("error calculating HMAC on %d entry'\n", i);
printf("Error calculating HMAC on %d entry'\n", i);
printf("got %s instead of %s\n", p, test[i].digest);
err++;
} else
printf("test %d ok\n", i);
}
# endif /* OPENSSL_NO_MD5 */
/* test4 */
HMAC_CTX_init(&ctx);
if (HMAC_Init_ex(&ctx, NULL, 0, NULL, NULL)) {
printf("Should fail to initialise HMAC with empty MD and key (test 4)\n");
err++;
goto test5;
}
if (HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
printf("Should fail HMAC_Update with ctx not set up (test 4)\n");
err++;
goto test5;
}
if (HMAC_Init_ex(&ctx, NULL, 0, EVP_sha1(), NULL)) {
printf("Should fail to initialise HMAC with empty key (test 4)\n");
err++;
goto test5;
}
if (HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
printf("Should fail HMAC_Update with ctx not set up (test 4)\n");
err++;
goto test5;
}
printf("test 4 ok\n");
test5:
HMAC_CTX_init(&ctx);
if (HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, NULL, NULL)) {
printf("Should fail to initialise HMAC with empty MD (test 5)\n");
err++;
goto test6;
}
if (HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
printf("Should fail HMAC_Update with ctx not set up (test 5)\n");
err++;
goto test6;
}
if (HMAC_Init_ex(&ctx, test[4].key, -1, EVP_sha1(), NULL)) {
printf("Should fail to initialise HMAC with invalid key len(test 5)\n");
err++;
goto test6;
}
if (!HMAC_Init_ex(&ctx, test[4].key, test[4].key_len, EVP_sha1(), NULL)) {
printf("Failed to initialise HMAC (test 5)\n");
err++;
goto test6;
}
if (!HMAC_Update(&ctx, test[4].data, test[4].data_len)) {
printf("Error updating HMAC with data (test 5)\n");
err++;
goto test6;
}
if (!HMAC_Final(&ctx, buf, &len)) {
printf("Error finalising data (test 5)\n");
err++;
goto test6;
}
p = pt(buf, len);
if (strcmp(p, (char *)test[4].digest) != 0) {
printf("Error calculating interim HMAC on test 5\n");
printf("got %s instead of %s\n", p, test[4].digest);
err++;
goto test6;
}
if (!HMAC_Init_ex(&ctx, NULL, 0, EVP_sha256(), NULL)) {
printf("Failed to reinitialise HMAC (test 5)\n");
err++;
goto test6;
}
if (!HMAC_Update(&ctx, test[5].data, test[5].data_len)) {
printf("Error updating HMAC with data (sha256) (test 5)\n");
err++;
goto test6;
}
if (!HMAC_Final(&ctx, buf, &len)) {
printf("Error finalising data (sha256) (test 5)\n");
err++;
goto test6;
}
p = pt(buf, len);
if (strcmp(p, (char *)test[5].digest) != 0) {
printf("Error calculating 2nd interim HMAC on test 5\n");
printf("got %s instead of %s\n", p, test[5].digest);
err++;
goto test6;
}
if (!HMAC_Init_ex(&ctx, test[6].key, test[6].key_len, NULL, NULL)) {
printf("Failed to reinitialise HMAC with key (test 5)\n");
err++;
goto test6;
}
if (!HMAC_Update(&ctx, test[6].data, test[6].data_len)) {
printf("Error updating HMAC with data (new key) (test 5)\n");
err++;
goto test6;
}
if (!HMAC_Final(&ctx, buf, &len)) {
printf("Error finalising data (new key) (test 5)\n");
err++;
goto test6;
}
p = pt(buf, len);
if (strcmp(p, (char *)test[6].digest) != 0) {
printf("error calculating HMAC on test 5\n");
printf("got %s instead of %s\n", p, test[6].digest);
err++;
} else {
printf("test 5 ok\n");
}
test6:
HMAC_CTX_init(&ctx);
if (!HMAC_Init_ex(&ctx, test[7].key, test[7].key_len, EVP_sha1(), NULL)) {
printf("Failed to initialise HMAC (test 6)\n");
err++;
goto end;
}
if (!HMAC_Update(&ctx, test[7].data, test[7].data_len)) {
printf("Error updating HMAC with data (test 6)\n");
err++;
goto end;
}
if (!HMAC_CTX_copy(&ctx2, &ctx)) {
printf("Failed to copy HMAC_CTX (test 6)\n");
err++;
goto end;
}
if (!HMAC_Final(&ctx2, buf, &len)) {
printf("Error finalising data (test 6)\n");
err++;
goto end;
}
p = pt(buf, len);
if (strcmp(p, (char *)test[7].digest) != 0) {
printf("Error calculating HMAC on test 6\n");
printf("got %s instead of %s\n", p, test[7].digest);
err++;
} else {
printf("test 6 ok\n");
}
end:
EXIT(err);
return (0);
}
# ifndef OPENSSL_NO_MD5
static char *pt(unsigned char *md)
static char *pt(unsigned char *md, unsigned int len)
{
int i;
unsigned int i;
static char buf[80];
for (i = 0; i < MD5_DIGEST_LENGTH; i++)
snprintf(&(buf[i*2]), sizeof(buf) - i * 2,"%02x",md[i]);
for (i = 0; i < len; i++)
snprintf(&(buf[i * 2]), sizeof(buf) - i * 2, "%02x", md[i]);
return (buf);
}
# endif

4
crypto/external/bsd/openssl/dist/crypto/md32_common.h vendored
View File

@ -142,8 +142,10 @@
*/
#undef ROTATE
#ifndef PEDANTIC
# if defined(_MSC_VER) || defined(__ICC)
# if defined(_MSC_VER)
# define ROTATE(a,n) _lrotl(a,n)
# elif defined(__ICC)
# define ROTATE(a,n) _rotl(a,n)
# elif defined(__MWERKS__)
# if defined(__POWERPC__)
# define ROTATE(a,n) __rlwinm(a,n,0,31)

3
crypto/external/bsd/openssl/dist/crypto/mem.c vendored
View File

@ -365,6 +365,9 @@ char *CRYPTO_strdup(const char *str, const char *file, int line)
{
char *ret = CRYPTO_malloc(strlen(str) + 1, file, line);
if (ret == NULL)
return NULL;
strcpy(ret, str);
return ret;
}

2
crypto/external/bsd/openssl/dist/crypto/objects/o_names.c vendored
View File

@ -313,7 +313,7 @@ void OBJ_NAME_do_all_sorted(int type,
d.names =
OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
/* Really should return an error if !d.names...but its a void function! */
if(d.names) {
if (d.names) {
d.n = 0;
OBJ_NAME_do_all(type, do_all_sorted_fn, &d);

21
crypto/external/bsd/openssl/dist/crypto/ocsp/ocsp_vfy.c vendored
View File

@ -83,6 +83,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
{
X509 *signer, *x;
STACK_OF(X509) *chain = NULL;
STACK_OF(X509) *untrusted = NULL;
X509_STORE_CTX ctx;
int i, ret = 0;
ret = ocsp_find_signer(&signer, bs, certs, st, flags);
@ -107,10 +108,20 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
}
if (!(flags & OCSP_NOVERIFY)) {
int init_res;
if (flags & OCSP_NOCHAIN)
init_res = X509_STORE_CTX_init(&ctx, st, signer, NULL);
else
init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs);
if (flags & OCSP_NOCHAIN) {
untrusted = NULL;
} else if (bs->certs && certs) {
untrusted = sk_X509_dup(bs->certs);
for (i = 0; i < sk_X509_num(certs); i++) {
if (!sk_X509_push(untrusted, sk_X509_value(certs, i))) {
OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_MALLOC_FAILURE);
goto end;
}
}
} else {
untrusted = bs->certs;
}
init_res = X509_STORE_CTX_init(&ctx, st, signer, untrusted);
if (!init_res) {
ret = -1;
OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_X509_LIB);
@ -161,6 +172,8 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
end:
if (chain)
sk_X509_pop_free(chain, X509_free);
if (bs->certs && certs)
sk_X509_free(untrusted);
return ret;
}

6
crypto/external/bsd/openssl/dist/crypto/opensslv.h vendored
View File

@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
# define OPENSSL_VERSION_NUMBER 0x100010dfL
# define OPENSSL_VERSION_NUMBER 0x100010efL
# ifdef OPENSSL_FIPS
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1m-fips 19 Mar 2015"
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1n-fips 11 Jun 2015"
# else
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1m 19 Mar 2015"
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1n 11 Jun 2015"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

BIN
crypto/external/bsd/openssl/dist/crypto/pkcs7/p7/cert.p7c vendored
View File

Binary file not shown.

BIN
crypto/external/bsd/openssl/dist/crypto/pkcs7/p7/smime.p7m vendored
View File

Binary file not shown.

BIN
crypto/external/bsd/openssl/dist/crypto/pkcs7/p7/smime.p7s vendored
View File

Binary file not shown.

16
crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c vendored
View File

@ -445,6 +445,12 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
switch (i) {
case NID_pkcs7_signed:
/*
* p7->d.sign->contents is a PKCS7 structure consisting of a contentType
* field and optional content.
* data_body is NULL if that structure has no (=detached) content
* or if the contentType is wrong (i.e., not "data").
*/
data_body = PKCS7_get_octet_string(p7->d.sign->contents);
if (!PKCS7_is_detached(p7) && data_body == NULL) {
PKCS7err(PKCS7_F_PKCS7_DATADECODE,
@ -456,6 +462,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
case NID_pkcs7_signedAndEnveloped:
rsk = p7->d.signed_and_enveloped->recipientinfo;
md_sk = p7->d.signed_and_enveloped->md_algs;
/* data_body is NULL if the optional EncryptedContent is missing. */
data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
@ -468,6 +475,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
case NID_pkcs7_enveloped:
rsk = p7->d.enveloped->recipientinfo;
enc_alg = p7->d.enveloped->enc_data->algorithm;
/* data_body is NULL if the optional EncryptedContent is missing. */
data_body = p7->d.enveloped->enc_data->enc_data;
evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
if (evp_cipher == NULL) {
@ -481,6 +489,12 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
goto err;
}
/* Detached content must be supplied via in_bio instead. */
if (data_body == NULL && in_bio == NULL) {
PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
goto err;
}
/* We will be checking the signature */
if (md_sk != NULL) {
for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
@ -623,7 +637,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
etmp = NULL;
}
#if 1
if (PKCS7_is_detached(p7) || (in_bio != NULL)) {
if (in_bio != NULL) {
bio = in_bio;
} else {
# if 0

2
crypto/external/bsd/openssl/dist/crypto/rc4/Makefile vendored
View File

@ -89,6 +89,8 @@ tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

2
crypto/external/bsd/openssl/dist/crypto/rsa/Makefile vendored
View File

@ -67,6 +67,8 @@ tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

12
crypto/external/bsd/openssl/dist/crypto/threads/th-lock.c vendored
View File

@ -117,7 +117,7 @@ void CRYPTO_thread_setup(void)
int i;
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
if(!lock_cs) {
if (!lock_cs) {
/* Nothing we can do about this...void function! */
return;
}
@ -172,7 +172,7 @@ void CRYPTO_thread_setup(void)
# else
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(rwlock_t));
# endif
if(!lock_cs) {
if (!lock_cs) {
/* Nothing we can do about this...void function! */
return;
}
@ -260,7 +260,7 @@ void CRYPTO_thread_setup(void)
char filename[20];
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
if(!lock_cs) {
if (!lock_cs) {
/* Nothing we can do about this...void function! */
return;
}
@ -328,11 +328,11 @@ void CRYPTO_thread_setup(void)
lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
if(!lock_cs || !lock_count) {
if (!lock_cs || !lock_count) {
/* Nothing we can do about this...void function! */
if(lock_cs)
if (lock_cs)
OPENSSL_free(lock_cs);
if(lock_count)
if (lock_count)
OPENSSL_free(lock_count);
return;
}

228
crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c vendored
View File

@ -151,11 +151,11 @@ static int x509_subject_cmp(X509 **a, X509 **b)
int X509_verify_cert(X509_STORE_CTX *ctx)
{
X509 *x, *xtmp, *chain_ss = NULL;
X509 *x, *xtmp, *xtmp2, *chain_ss = NULL;
int bad_chain = 0;
X509_VERIFY_PARAM *param = ctx->param;
int depth, i, ok = 0;
int num;
int num, j, retry;
int (*cb) (int xok, X509_STORE_CTX *xctx);
STACK_OF(X509) *sktmp = NULL;
if (ctx->cert == NULL) {
@ -224,85 +224,118 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
break;
}
/* Remember how many untrusted certs we have */
j = num;
/*
* at this point, chain should contain a list of untrusted certificates.
* We now need to add at least one trusted one, if possible, otherwise we
* complain.
*/
/*
* Examine last certificate in chain and see if it is self signed.
*/
i = sk_X509_num(ctx->chain);
x = sk_X509_value(ctx->chain, i - 1);
if (ctx->check_issued(ctx, x, x)) {
/* we have a self signed certificate */
if (sk_X509_num(ctx->chain) == 1) {
/*
* We have a single self signed certificate: see if we can find
* it in the store. We must have an exact match to avoid possible
* impersonation.
*/
ok = ctx->get_issuer(&xtmp, ctx, x);
if ((ok <= 0) || X509_cmp(x, xtmp)) {
ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
ctx->current_cert = x;
ctx->error_depth = i - 1;
if (ok == 1)
X509_free(xtmp);
bad_chain = 1;
ok = cb(0, ctx);
if (!ok)
goto end;
do {
/*
* Examine last certificate in chain and see if it is self signed.
*/
i = sk_X509_num(ctx->chain);
x = sk_X509_value(ctx->chain, i - 1);
if (ctx->check_issued(ctx, x, x)) {
/* we have a self signed certificate */
if (sk_X509_num(ctx->chain) == 1) {
/*
* We have a single self signed certificate: see if we can
* find it in the store. We must have an exact match to avoid
* possible impersonation.
*/
ok = ctx->get_issuer(&xtmp, ctx, x);
if ((ok <= 0) || X509_cmp(x, xtmp)) {
ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
ctx->current_cert = x;
ctx->error_depth = i - 1;
if (ok == 1)
X509_free(xtmp);
bad_chain = 1;
ok = cb(0, ctx);
if (!ok)
goto end;
} else {
/*
* We have a match: replace certificate with store
* version so we get any trust settings.
*/
X509_free(x);
x = xtmp;
(void)sk_X509_set(ctx->chain, i - 1, x);
ctx->last_untrusted = 0;
}
} else {
/*
* We have a match: replace certificate with store version so
* we get any trust settings.
* extract and save self signed certificate for later use
*/
X509_free(x);
x = xtmp;
(void)sk_X509_set(ctx->chain, i - 1, x);
ctx->last_untrusted = 0;
chain_ss = sk_X509_pop(ctx->chain);
ctx->last_untrusted--;
num--;
j--;
x = sk_X509_value(ctx->chain, num - 1);
}
} else {
/*
* extract and save self signed certificate for later use
*/
chain_ss = sk_X509_pop(ctx->chain);
ctx->last_untrusted--;
num--;
x = sk_X509_value(ctx->chain, num - 1);
}
}
/* We now lookup certs from the certificate store */
for (;;) {
/* If we have enough, we break */
if (depth < num)
break;
/* If we are self signed, we break */
if (ctx->check_issued(ctx, x, x))
break;
ok = ctx->get_issuer(&xtmp, ctx, x);
if (ok < 0)
return ok;
if (ok == 0)
break;
x = xtmp;
if (!sk_X509_push(ctx->chain, x)) {
X509_free(xtmp);
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
return 0;
/* We now lookup certs from the certificate store */
for (;;) {
/* If we have enough, we break */
if (depth < num)
break;
/* If we are self signed, we break */
if (ctx->check_issued(ctx, x, x))
break;
ok = ctx->get_issuer(&xtmp, ctx, x);
if (ok < 0)
return ok;
if (ok == 0)
break;
x = xtmp;
if (!sk_X509_push(ctx->chain, x)) {
X509_free(xtmp);
X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
return 0;
}
num++;
}
num++;
}
/* we now have our chain, lets check it... */
/*
* If we haven't got a least one certificate from our store then check
* if there is an alternative chain that could be used. We only do this
* if the user hasn't switched off alternate chain checking
*/
retry = 0;
if (j == ctx->last_untrusted &&
!(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) {
while (j-- > 1) {
xtmp2 = sk_X509_value(ctx->chain, j - 1);
ok = ctx->get_issuer(&xtmp, ctx, xtmp2);
if (ok < 0)
goto end;
/* Check if we found an alternate chain */
if (ok > 0) {
/*
* Free up the found cert we'll add it again later
*/
X509_free(xtmp);
/*
* Dump all the certs above this point - we've found an
* alternate chain
*/
while (num > j) {
xtmp = sk_X509_pop(ctx->chain);
X509_free(xtmp);
num--;
ctx->last_untrusted--;
}
retry = 1;
break;
}
}
}
} while (retry);
/* Is last certificate looked up self signed? */
if (!ctx->check_issued(ctx, x, x)) {
@ -1604,47 +1637,84 @@ int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
ASN1_TIME atm;
long offset;
char buff1[24], buff2[24], *p;
int i, j;
int i, j, remaining;
p = buff1;
i = ctm->length;
remaining = ctm->length;
str = (char *)ctm->data;
/*
* Note that the following (historical) code allows much more slack in the
* time format than RFC5280. In RFC5280, the representation is fixed:
* UTCTime: YYMMDDHHMMSSZ
* GeneralizedTime: YYYYMMDDHHMMSSZ
*/
if (ctm->type == V_ASN1_UTCTIME) {
if ((i < 11) || (i > 17))
/* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */
int min_length = sizeof("YYMMDDHHMMZ") - 1;
int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
if (remaining < min_length || remaining > max_length)
return 0;
memcpy(p, str, 10);
p += 10;
str += 10;
remaining -= 10;
} else {
if (i < 13)
/* YYYYMMDDHHMM[SS[.fff]]Z or YYYYMMDDHHMM[SS[.f[f[f]]]](+-)hhmm */
int min_length = sizeof("YYYYMMDDHHMMZ") - 1;
int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1;
if (remaining < min_length || remaining > max_length)
return 0;
memcpy(p, str, 12);
p += 12;
str += 12;
remaining -= 12;
}
if ((*str == 'Z') || (*str == '-') || (*str == '+')) {
*(p++) = '0';
*(p++) = '0';
} else {
/* SS (seconds) */
if (remaining < 2)
return 0;
*(p++) = *(str++);
*(p++) = *(str++);
/* Skip any fractional seconds... */
if (*str == '.') {
remaining -= 2;
/*
* Skip any (up to three) fractional seconds...
* TODO(emilia): in RFC5280, fractional seconds are forbidden.
* Can we just kill them altogether?
*/
if (remaining && *str == '.') {
str++;
while ((*str >= '0') && (*str <= '9'))
str++;
remaining--;
for (i = 0; i < 3 && remaining; i++, str++, remaining--) {
if (*str < '0' || *str > '9')
break;
}
}
}
*(p++) = 'Z';
*(p++) = '\0';
if (*str == 'Z')
/* We now need either a terminating 'Z' or an offset. */
if (!remaining)
return 0;
if (*str == 'Z') {
if (remaining != 1)
return 0;
offset = 0;
else {
} else {
/* (+-)HHMM */
if ((*str != '+') && (*str != '-'))
return 0;
/* Historical behaviour: the (+-)hhmm offset is forbidden in RFC5280. */
if (remaining != 5)
return 0;
if (str[1] < '0' || str[1] > '9' || str[2] < '0' || str[2] > '9' ||
str[3] < '0' || str[3] > '9' || str[4] < '0' || str[4] > '9')
return 0;
offset = ((str[1] - '0') * 10 + (str[2] - '0')) * 60;
offset += (str[3] - '0') * 10 + (str[4] - '0');
if (*str == '-')
@ -1921,6 +1991,8 @@ X509_STORE_CTX *X509_STORE_CTX_new(void)
void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
{
if (!ctx)
return;
X509_STORE_CTX_cleanup(ctx);
OPENSSL_free(ctx);
}

106
crypto/external/bsd/openssl/dist/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod vendored
View File

@ -61,12 +61,12 @@ negotiation is being saved.
If "strong" primes were used to generate the DH parameters, it is not strictly
necessary to generate a new key for each handshake but it does improve forward
secrecy. If it is not assured, that "strong" primes were used (see especially
the section about DSA parameters below), SSL_OP_SINGLE_DH_USE must be used
in order to prevent small subgroup attacks. Always using SSL_OP_SINGLE_DH_USE
has an impact on the computer time needed during negotiation, but it is not
very large, so application authors/users should consider to always enable
this option.
secrecy. If it is not assured that "strong" primes were used,
SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup
attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the
computer time needed during negotiation, but it is not very large, so
application authors/users should consider always enabling this option.
The option is required to implement perfect forward secrecy (PFS).
As generating DH parameters is extremely time consuming, an application
should not generate the parameters on the fly but supply the parameters.
@ -74,83 +74,63 @@ DH parameters can be reused, as the actual key is newly generated during
the negotiation. The risk in reusing DH parameters is that an attacker
may specialize on a very often used DH group. Applications should therefore
generate their own DH parameters during the installation process using the
openssl L<dhparam(1)|dhparam(1)> application. In order to reduce the computer
time needed for this generation, it is possible to use DSA parameters
instead (see L<dhparam(1)|dhparam(1)>), but in this case SSL_OP_SINGLE_DH_USE
is mandatory.
openssl L<dhparam(1)|dhparam(1)> application. This application
guarantees that "strong" primes are used.
Application authors may compile in DH parameters. Files dh512.pem,
dh1024.pem, dh2048.pem, and dh4096.pem in the 'apps' directory of current
Files dh2048.pem, and dh4096.pem in the 'apps' directory of the current
version of the OpenSSL distribution contain the 'SKIP' DH parameters,
which use safe primes and were generated verifiably pseudo-randomly.
These files can be converted into C code using the B<-C> option of the
L<dhparam(1)|dhparam(1)> application.
Authors may also generate their own set of parameters using
L<dhparam(1)|dhparam(1)>, but a user may not be sure how the parameters were
generated. The generation of DH parameters during installation is therefore
recommended.
L<dhparam(1)|dhparam(1)> application. Generation of custom DH
parameters during installation should still be preferred to stop an
attacker from specializing on a commonly used group. Files dh1024.pem
and dh512.pem contain old parameters that must not be used by
applications.
An application may either directly specify the DH parameters or
can supply the DH parameters via a callback function. The callback approach
has the advantage, that the callback may supply DH parameters for different
key lengths.
can supply the DH parameters via a callback function.
The B<tmp_dh_callback> is called with the B<keylength> needed and
the B<is_export> information. The B<is_export> flag is set, when the
ephemeral DH key exchange is performed with an export cipher.
Previous versions of the callback used B<is_export> and B<keylength>
parameters to control parameter generation for export and non-export
cipher suites. Modern servers that do not support export ciphersuites
are advised to either use SSL_CTX_set_tmp_dh() in combination with
SSL_OP_SINGLE_DH_USE, or alternatively, use the callback but ignore
B<keylength> and B<is_export> and simply supply at least 2048-bit
parameters in the callback.
=head1 EXAMPLES
Handle DH parameters for key lengths of 512 and 1024 bits. (Error handling
Setup DH parameters with a key length of 2048 bits. (Error handling
partly left out.)
Command-line parameter generation:
$ openssl dhparam -out dh_param_2048.pem 2048
Code for setting up parameters during server initialization:
...
/* Set up ephemeral DH stuff */
DH *dh_512 = NULL;
DH *dh_1024 = NULL;
SSL_CTX ctx = SSL_CTX_new();
...
/* Set up ephemeral DH parameters. */
DH *dh_2048 = NULL;
FILE *paramfile;
...
/* "openssl dhparam -out dh_param_512.pem -2 512" */
paramfile = fopen("dh_param_512.pem", "r");
paramfile = fopen("dh_param_2048.pem", "r");
if (paramfile) {
dh_512 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
fclose(paramfile);
} else {
/* Error. */
}
/* "openssl dhparam -out dh_param_1024.pem -2 1024" */
paramfile = fopen("dh_param_1024.pem", "r");
if (paramfile) {
dh_1024 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
fclose(paramfile);
if (dh_2048 == NULL) {
/* Error. */
}
if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {
/* Error. */
}
SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
...
/* "openssl dhparam -C -2 512" etc... */
DH *get_dh512() { ... }
DH *get_dh1024() { ... }
DH *tmp_dh_callback(SSL *s, int is_export, int keylength)
{
DH *dh_tmp=NULL;
switch (keylength) {
case 512:
if (!dh_512)
dh_512 = get_dh512();
dh_tmp = dh_512;
break;
case 1024:
if (!dh_1024)
dh_1024 = get_dh1024();
dh_tmp = dh_1024;
break;
default:
/* Generating a key on the fly is very costly, so use what is there */
setup_dh_parameters_like_above();
}
return(dh_tmp);
}
=head1 RETURN VALUES
SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return

6
crypto/external/bsd/openssl/dist/engines/ccgost/gost94_keyx.c vendored
View File

@ -104,6 +104,7 @@ int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
gost_ctx cctx;
int key_is_ephemeral = 1;
int tmp_outlen;
EVP_PKEY *mykey = EVP_PKEY_CTX_get0_peerkey(ctx);
/* Do not use vizir cipher parameters with cryptopro */
@ -174,12 +175,13 @@ int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
}
ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
*outlen = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL);
if (*outlen <= 0) {
tmp_outlen = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL);
if (tmp_outlen <= 0) {
GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO);
goto err;
}
*outlen = tmp_outlen;
if (!key_is_ephemeral) {
/* Set control "public key from client certificate used" */
if (EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <=

2
crypto/external/bsd/openssl/dist/openssl.spec vendored
View File

@ -7,7 +7,7 @@ Release: 1
Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
#Version: %{libmaj}.%{libmin}.%{librel}
Version: 1.0.1m
Version: 1.0.1n
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
License: OpenSSL
Group: System Environment/Libraries

54
crypto/external/bsd/openssl/dist/ssl/Makefile vendored
View File

@ -89,12 +89,13 @@ tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
depend:
@if [ -z "$(THIS)" ]; then \
$(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
else \
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
fi
update: local_depend
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
depend: local_depend
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
local_depend:
@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
@ -507,26 +508,27 @@ s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
s2_pkt.o: ssl_locl.h
s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
s2_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
s2_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
s2_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
s2_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s2_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
s2_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
s2_srvr.o: ../include/openssl/x509_vfy.h s2_srvr.c ssl_locl.h
s2_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
s2_srvr.o: ../include/openssl/bio.h ../include/openssl/buffer.h
s2_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
s2_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
s2_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
s2_srvr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
s2_srvr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
s2_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
s2_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s2_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
s2_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
s2_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
s2_srvr.o: ssl_locl.h
s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h

46
crypto/external/bsd/openssl/dist/ssl/d1_both.c vendored
View File

@ -485,6 +485,12 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
return i;
}
if (mt >= 0 && s->s3->tmp.message_type != mt) {
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
}
p = (unsigned char *)s->init_buf->data;
msg_len = msg_hdr->msg_len;
@ -869,6 +875,20 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
/* parse the message fragment header */
dtls1_get_message_header(wire, &msg_hdr);
len = msg_hdr.msg_len;
frag_off = msg_hdr.frag_off;
frag_len = msg_hdr.frag_len;
/*
* We must have at least frag_len bytes left in the record to be read.
* Fragments must not span records.
*/
if (frag_len > s->s3->rrec.length) {
al = SSL3_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_BAD_LENGTH);
goto f_err;
}
/*
* if this is a future (or stale) message it gets buffered
* (or dropped)--no further processing at this time
@ -879,10 +899,6 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
&& !(s->d1->listen && msg_hdr.seq == 1))
return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
len = msg_hdr.msg_len;
frag_off = msg_hdr.frag_off;
frag_len = msg_hdr.frag_len;
if (frag_len && frag_len < len)
return dtls1_reassemble_fragment(s, &msg_hdr, ok);
@ -913,17 +929,16 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
if ((al = dtls1_preprocess_fragment(s, &msg_hdr, max)))
goto f_err;
/* XDTLS: ressurect this when restart is in place */
s->state = stn;
if (frag_len > 0) {
unsigned char *p =
(unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
&p[frag_off], frag_len, 0);
/*
* XDTLS: fix this--message fragments cannot span multiple packets
* This shouldn't ever fail due to NBIO because we already checked
* that we have enough data in the record
*/
if (i <= 0) {
s->rwstate = SSL_READING;
@ -944,6 +959,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
}
*ok = 1;
s->state = stn;
/*
* Note that s->init_num is *not* used as current offset in
@ -1540,7 +1556,10 @@ int dtls1_process_heartbeat(SSL *s)
memcpy(bp, pl, payload);
bp += payload;
/* Random padding */
RAND_pseudo_bytes(bp, padding);
if (RAND_pseudo_bytes(bp, padding) < 0) {
OPENSSL_free(buffer);
return -1;
}
r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
@ -1574,7 +1593,7 @@ int dtls1_process_heartbeat(SSL *s)
int dtls1_heartbeat(SSL *s)
{
unsigned char *buf, *p;
int ret;
int ret = -1;
unsigned int payload = 18; /* Sequence number + random bytes */
unsigned int padding = 16; /* Use minimum padding */
@ -1622,10 +1641,12 @@ int dtls1_heartbeat(SSL *s)
/* Sequence number */
s2n(s->tlsext_hb_seq, p);
/* 16 random bytes */
RAND_pseudo_bytes(p, 16);
if (RAND_pseudo_bytes(p, 16) < 0)
goto err;
p += 16;
/* Random padding */
RAND_pseudo_bytes(p, padding);
if (RAND_pseudo_bytes(p, padding) < 0)
goto err;
ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
if (ret >= 0) {
@ -1638,6 +1659,7 @@ int dtls1_heartbeat(SSL *s)
s->tlsext_hb_pending = 1;
}
err:
OPENSSL_free(buf);
return ret;

3
crypto/external/bsd/openssl/dist/ssl/d1_lib.c vendored
View File

@ -496,6 +496,9 @@ int dtls1_listen(SSL *s, struct sockaddr *client)
{
int ret;
/* Ensure there is no state left over from a previous invocation */
SSL_clear(s);
SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
s->d1->listen = 1;

2
crypto/external/bsd/openssl/dist/ssl/d1_pkt.c vendored
View File

@ -1065,7 +1065,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
(s->d1->handshake_fragment[3] != 0)) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
goto err;
goto f_err;
}
/*

28
crypto/external/bsd/openssl/dist/ssl/d1_srvr.c vendored
View File

@ -224,11 +224,13 @@ int dtls1_accept(SSL *s)
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
BUF_MEM_free(buf);
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@ -236,6 +238,7 @@ int dtls1_accept(SSL *s)
if (!ssl3_setup_buffers(s)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -257,6 +260,7 @@ int dtls1_accept(SSL *s)
#endif
if (!ssl_init_wbio_buffer(s, 1)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -470,7 +474,7 @@ int dtls1_accept(SSL *s)
#ifndef OPENSSL_NO_PSK
|| ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
#endif
|| (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd))
|| (alg_k & SSL_kEDH)
|| (alg_k & SSL_kEECDH)
|| ((alg_k & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
@ -665,15 +669,6 @@ int dtls1_accept(SSL *s)
case SSL3_ST_SR_CERT_VRFY_A:
case SSL3_ST_SR_CERT_VRFY_B:
/*
* This *should* be the first time we enable CCS, but be
* extra careful about surrounding code changes. We need
* to set this here because we don't know if we're
* expecting a CertificateVerify or not.
*/
if (!s->s3->change_cipher_spec)
s->d1->change_cipher_spec_ok = 1;
/* we should decide if we expected this one */
ret = ssl3_get_cert_verify(s);
if (ret <= 0)
goto end;
@ -690,11 +685,10 @@ int dtls1_accept(SSL *s)
case SSL3_ST_SR_FINISHED_A:
case SSL3_ST_SR_FINISHED_B:
/*
* Enable CCS for resumed handshakes.
* In a full handshake, we end up here through
* SSL3_ST_SR_CERT_VRFY_B, so change_cipher_spec_ok was
* already set. Receiving a CCS clears the flag, so make
* sure not to re-enable it to ban duplicates.
* Enable CCS. Receiving a CCS clears the flag, so make
* sure not to re-enable it to ban duplicates. This *should* be the
* first time we have received one - but we check anyway to be
* cautious.
* s->s3->change_cipher_spec is set when a CCS is
* processed in d1_pkt.c, and remains set until
* the client's Finished message is read.
@ -744,6 +738,7 @@ int dtls1_accept(SSL *s)
s->session->cipher = s->s3->tmp.new_cipher;
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -772,6 +767,7 @@ int dtls1_accept(SSL *s)
SSL3_CHANGE_CIPHER_SERVER_WRITE))
{
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -852,6 +848,7 @@ int dtls1_accept(SSL *s)
goto end;
/* break; */
case SSL_ST_ERR:
default:
SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_UNKNOWN_STATE);
ret = -1;
@ -932,6 +929,7 @@ int dtls1_send_hello_verify_request(SSL *s)
&(s->d1->cookie_len)) == 0) {
SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return 0;
}

104
crypto/external/bsd/openssl/dist/ssl/s2_srvr.c vendored
View File

@ -111,6 +111,7 @@
#include "ssl_locl.h"
#ifndef OPENSSL_NO_SSL2
#include "../crypto/constant_time_locl.h"
# include <stdio.h>
# include <openssl/bio.h>
# include <openssl/rand.h>
@ -372,12 +373,15 @@ int ssl2_accept(SSL *s)
static int get_client_master_key(SSL *s)
{
int is_export, i, n, keya;
unsigned int ek;
unsigned int num_encrypted_key_bytes, key_length;
unsigned long len;
unsigned char *p;
const SSL_CIPHER *cp;
const EVP_CIPHER *c;
const EVP_MD *md;
unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
unsigned char decrypt_good;
size_t j;
p = (unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
@ -465,12 +469,6 @@ static int get_client_master_key(SSL *s)
return (0);
}
if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
is_export = 1;
ek = 8;
} else
ek = 5;
/*
* The format of the CLIENT-MASTER-KEY message is
* 1 byte message type
@ -484,12 +482,27 @@ static int get_client_master_key(SSL *s)
*
* If the cipher is an export cipher, then the encrypted key bytes
* are a fixed portion of the total key (5 or 8 bytes). The size of
* this portion is in |ek|. If the cipher is not an export cipher,
* then the entire key material is encrypted (i.e., clear key length
* must be zero).
* this portion is in |num_encrypted_key_bytes|. If the cipher is not an
* export cipher, then the entire key material is encrypted (i.e., clear
* key length must be zero).
*/
if ((!is_export && s->s2->tmp.clear != 0) ||
(is_export && s->s2->tmp.clear + ek != (unsigned int)EVP_CIPHER_key_length(c))) {
key_length = (unsigned int)EVP_CIPHER_key_length(c);
if (key_length > SSL_MAX_MASTER_KEY_LENGTH) {
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
return -1;
}
if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
is_export = 1;
num_encrypted_key_bytes = 8;
} else if (is_export) {
num_encrypted_key_bytes = 5;
} else {
num_encrypted_key_bytes = key_length;
}
if (s->s2->tmp.clear + num_encrypted_key_bytes != key_length) {
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH);
return -1;
@ -499,64 +512,49 @@ static int get_client_master_key(SSL *s)
* Decryption can't be expanding, so if we don't have enough encrypted
* bytes to fit the key in the buffer, stop now.
*/
if ((is_export && s->s2->tmp.enc < ek) ||
(!is_export && s->s2->tmp.enc < (unsigned int)EVP_CIPHER_key_length(c))) {
if (s->s2->tmp.enc < num_encrypted_key_bytes) {
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT);
return -1;
}
/*
* We must not leak whether a decryption failure occurs because of
* Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
* section 7.4.7.1). The code follows that advice of the TLS RFC and
* generates a random premaster secret for the case that the decrypt
* fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
*/
/*
* should be RAND_bytes, but we cannot work around a failure.
*/
if (RAND_pseudo_bytes(rand_premaster_secret,
(int)num_encrypted_key_bytes) <= 0)
return 0;
i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
&(p[s->s2->tmp.clear]),
&(p[s->s2->tmp.clear]),
(s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
RSA_PKCS1_PADDING);
/* bad decrypt */
# if 1
ERR_clear_error();
/*
* If a bad decrypt, continue with protocol but with a random master
* secret (Bleichenbacher attack)
*/
if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c))
|| (is_export && i != (int)ek))) {
ERR_clear_error();
if (is_export)
i = ek;
else
i = EVP_CIPHER_key_length(c);
if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0)
return 0;
decrypt_good = constant_time_eq_int_8(i, (int)num_encrypted_key_bytes);
for (j = 0; j < num_encrypted_key_bytes; j++) {
p[s->s2->tmp.clear + j] =
constant_time_select_8(decrypt_good, p[s->s2->tmp.clear + j],
rand_premaster_secret[j]);
}
# else
if (i < 0) {
error = 1;
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_BAD_RSA_DECRYPT);
}
/* incorrect number of key bytes for non export cipher */
else if ((!is_export && (i != EVP_CIPHER_key_length(c)))
|| (is_export && ((i != ek) || (s->s2->tmp.clear + i !=
EVP_CIPHER_key_length(c))))) {
error = 1;
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_WRONG_NUMBER_OF_KEY_BITS);
}
if (error) {
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
return (-1);
}
# endif
if (is_export)
i = EVP_CIPHER_key_length(c);
s->session->master_key_length = (int)key_length;
memcpy(s->session->master_key, p, key_length);
OPENSSL_cleanse(p, key_length);
if (i > SSL_MAX_MASTER_KEY_LENGTH) {
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
return -1;
}
s->session->master_key_length = i;
memcpy(s->session->master_key, p, (unsigned int)i);
return (1);
return 1;
}
static int get_client_hello(SSL *s)

16
crypto/external/bsd/openssl/dist/ssl/s3_cbc.c vendored
View File

@ -149,7 +149,7 @@ int tls1_cbc_remove_padding(const SSL *s,
*/
if ((s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) && !s->expand) {
/* First packet is even in size, so check */
if ((memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", 8) == 0) &&
if ((CRYPTO_memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", 8) == 0) &&
!(padding_length & 1)) {
s->s3->flags |= TLS1_FLAGS_TLS_PADDING_BUG;
}
@ -639,12 +639,22 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
if (k > 0) {
if (is_sslv3) {
unsigned overhang;
/*
* The SSLv3 header is larger than a single block. overhang is
* the number of bytes beyond a single block that the header
* consumes: either 7 bytes (SHA1) or 11 bytes (MD5).
* consumes: either 7 bytes (SHA1) or 11 bytes (MD5). There are no
* ciphersuites in SSLv3 that are not SHA1 or MD5 based and
* therefore we can be confident that the header_length will be
* greater than |md_block_size|. However we add a sanity check just
* in case
*/
unsigned overhang = header_length - md_block_size;
if (header_length <= md_block_size) {
/* Should never happen */
return;
}
overhang = header_length - md_block_size;
md_transform(md_state.c, header);
memcpy(first_block, header + md_block_size, overhang);
memcpy(first_block + overhang, data, md_block_size - overhang);

273
crypto/external/bsd/openssl/dist/ssl/s3_clnt.c vendored
View File

@ -168,6 +168,9 @@
#endif
static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b);
#ifndef OPENSSL_NO_TLSEXT
static int ssl3_check_finished(SSL *s);
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
static const SSL_METHOD *ssl3_get_client_method(int ver)
@ -235,6 +238,7 @@ int ssl3_connect(SSL *s)
if ((s->version & 0xff00) != 0x0300) {
SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
ret = -1;
goto end;
}
@ -245,10 +249,12 @@ int ssl3_connect(SSL *s)
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@ -263,6 +269,7 @@ int ssl3_connect(SSL *s)
/* setup buffing BIO */
if (!ssl_init_wbio_buffer(s, 0)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -317,12 +324,24 @@ int ssl3_connect(SSL *s)
case SSL3_ST_CR_CERT_A:
case SSL3_ST_CR_CERT_B:
#ifndef OPENSSL_NO_TLSEXT
/* Noop (ret = 0) for everything but EAP-FAST. */
ret = ssl3_check_finished(s);
if (ret < 0)
goto end;
if (ret == 1) {
s->hit = 1;
s->state = SSL3_ST_CR_FINISHED_A;
s->init_num = 0;
break;
}
#endif
/* Check if it is anon DH/ECDH, SRP auth */
/* or PSK */
if (!
(s->s3->tmp.
new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
ret = ssl3_get_server_certificate(s);
if (ret <= 0)
goto end;
@ -358,6 +377,7 @@ int ssl3_connect(SSL *s)
*/
if (!ssl3_check_cert_and_algorithm(s)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
break;
@ -381,6 +401,7 @@ int ssl3_connect(SSL *s)
if ((ret = SRP_Calc_A_param(s)) <= 0) {
SSLerr(SSL_F_SSL3_CONNECT, SSL_R_SRP_A_CALC);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
goto end;
}
}
@ -472,6 +493,7 @@ int ssl3_connect(SSL *s)
#endif
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -479,6 +501,7 @@ int ssl3_connect(SSL *s)
SSL3_CHANGE_CIPHER_CLIENT_WRITE))
{
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -553,7 +576,8 @@ int ssl3_connect(SSL *s)
case SSL3_ST_CR_FINISHED_A:
case SSL3_ST_CR_FINISHED_B:
s->s3->flags |= SSL3_FLAGS_CCS_OK;
if (!s->s3->change_cipher_spec)
s->s3->flags |= SSL3_FLAGS_CCS_OK;
ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
SSL3_ST_CR_FINISHED_B);
if (ret <= 0)
@ -612,6 +636,7 @@ int ssl3_connect(SSL *s)
goto end;
/* break; */
case SSL_ST_ERR:
default:
SSLerr(SSL_F_SSL3_CONNECT, SSL_R_UNKNOWN_STATE);
ret = -1;
@ -658,9 +683,17 @@ int ssl3_client_hello(SSL *s)
buf = (unsigned char *)s->init_buf->data;
if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
SSL_SESSION *sess = s->session;
if ((sess == NULL) ||
(sess->ssl_version != s->version) ||
!sess->session_id_length || (sess->not_resumable)) {
if ((sess == NULL) || (sess->ssl_version != s->version) ||
#ifdef OPENSSL_NO_TLSEXT
!sess->session_id_length ||
#else
/*
* In the case of EAP-FAST, we can have a pre-shared
* "ticket" without a session ID.
*/
(!sess->session_id_length && !sess->tlsext_tick) ||
#endif
(sess->not_resumable)) {
if (!ssl_get_new_session(s, 0))
goto err;
}
@ -798,6 +831,7 @@ int ssl3_client_hello(SSL *s)
/* SSL3_ST_CW_CLNT_HELLO_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
err:
s->state = SSL_ST_ERR;
return (-1);
}
@ -867,10 +901,19 @@ int ssl3_get_server_hello(SSL *s)
}
#ifndef OPENSSL_NO_TLSEXT
/*
* check if we want to resume the session based on external pre-shared
* secret
* Check if we can resume the session based on external pre-shared secret.
* EAP-FAST (RFC 4851) supports two types of session resumption.
* Resumption based on server-side state works with session IDs.
* Resumption based on pre-shared Protected Access Credentials (PACs)
* works by overriding the SessionTicket extension at the application
* layer, and does not send a session ID. (We do not know whether EAP-FAST
* servers would honour the session ID.) Therefore, the session ID alone
* is not a reliable indicator of session resumption, so we first check if
* we can resume, and later peek at the next handshake message to see if the
* server wants to resume.
*/
if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
if (s->version >= TLS1_VERSION && s->tls_session_secret_cb &&
s->session->tlsext_tick) {
SSL_CIPHER *pref_cipher = NULL;
s->session->master_key_length = sizeof(s->session->master_key);
if (s->tls_session_secret_cb(s, s->session->master_key,
@ -879,12 +922,15 @@ int ssl3_get_server_hello(SSL *s)
s->tls_session_secret_cb_arg)) {
s->session->cipher = pref_cipher ?
pref_cipher : ssl_get_cipher_by_char(s, p + j);
s->hit = 1;
} else {
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
al = SSL_AD_INTERNAL_ERROR;
goto f_err;
}
}
#endif /* OPENSSL_NO_TLSEXT */
if (!s->hit && j != 0 && j == s->session->session_id_length
if (j != 0 && j == s->session->session_id_length
&& memcmp(p, s->session->session_id, j) == 0) {
if (s->sid_ctx_length != s->session->sid_ctx_length
|| memcmp(s->session->sid_ctx, s->sid_ctx, s->sid_ctx_length)) {
@ -895,12 +941,13 @@ int ssl3_get_server_hello(SSL *s)
goto f_err;
}
s->hit = 1;
}
/* a miss or crap from the other end */
if (!s->hit) {
} else {
/*
* If we were trying for session-id reuse, make a new SSL_SESSION so
* we don't stuff up other people
* If we were trying for session-id reuse but the server
* didn't echo the ID, make a new SSL_SESSION.
* In the case of EAP-FAST and PAC, we do not send a session ID,
* so the PAC-based session secret is always preserved. It'll be
* overwritten if the server refuses resumption.
*/
if (s->session->session_id_length > 0) {
if (!ssl_get_new_session(s, 0)) {
@ -1045,6 +1092,7 @@ int ssl3_get_server_hello(SSL *s)
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
s->state = SSL_ST_ERR;
return (-1);
}
@ -1223,8 +1271,10 @@ int ssl3_get_server_certificate(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
}
err:
s->state = SSL_ST_ERR;
}
EVP_PKEY_free(pkey);
X509_free(x);
sk_X509_pop_free(sk, X509_free);
@ -1546,6 +1596,13 @@ int ssl3_get_key_exchange(SSL *s)
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
goto err;
}
if (EVP_PKEY_bits(pkey) <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
}
s->session->sess_cert->peer_rsa_tmp = rsa;
rsa = NULL;
}
@ -1894,6 +1951,7 @@ int ssl3_get_key_exchange(SSL *s)
EC_KEY_free(ecdh);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
s->state = SSL_ST_ERR;
return (-1);
}
@ -2050,7 +2108,10 @@ int ssl3_get_certificate_request(SSL *s)
ca_sk = NULL;
ret = 1;
goto done;
err:
s->state = SSL_ST_ERR;
done:
if (ca_sk != NULL)
sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
return (ret);
@ -2085,6 +2146,38 @@ int ssl3_get_new_session_ticket(SSL *s)
}
p = d = (unsigned char *)s->init_msg;
if (s->session->session_id_length > 0) {
int i = s->session_ctx->session_cache_mode;
SSL_SESSION *new_sess;
/*
* We reused an existing session, so we need to replace it with a new
* one
*/
if (i & SSL_SESS_CACHE_CLIENT) {
/*
* Remove the old session from the cache
*/
if (i & SSL_SESS_CACHE_NO_INTERNAL_STORE) {
if (s->session_ctx->remove_session_cb != NULL)
s->session_ctx->remove_session_cb(s->session_ctx,
s->session);
} else {
/* We carry on if this fails */
SSL_CTX_remove_session(s->session_ctx, s->session);
}
}
if ((new_sess = ssl_session_dup(s->session, 0)) == 0) {
al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
goto f_err;
}
SSL_SESSION_free(s->session);
s->session = new_sess;
}
n2l(p, s->session->tlsext_tick_lifetime_hint);
n2s(p, ticklen);
/* ticket_lifetime_hint + ticket_length + ticket */
@ -2127,6 +2220,7 @@ int ssl3_get_new_session_ticket(SSL *s)
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
s->state = SSL_ST_ERR;
return (-1);
}
@ -2187,6 +2281,7 @@ int ssl3_get_cert_status(SSL *s)
return 1;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
s->state = SSL_ST_ERR;
return (-1);
}
#endif
@ -2208,6 +2303,7 @@ int ssl3_get_server_done(SSL *s)
/* should contain no data */
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
s->state = SSL_ST_ERR;
return -1;
}
ret = 1;
@ -2506,8 +2602,6 @@ int ssl3_send_client_key_exchange(SSL *s)
n += 2;
DH_free(dh_clnt);
/* perhaps clean things up a bit EAY EAY EAY EAY */
}
#endif
@ -2729,7 +2823,10 @@ int ssl3_send_client_key_exchange(SSL *s)
EVP_PKEY_encrypt_init(pkey_ctx);
/* Generate session key */
RAND_bytes(premaster_secret, 32);
if (RAND_bytes(premaster_secret, 32) <= 0) {
EVP_PKEY_CTX_free(pkey_ctx);
goto err;
}
/*
* If we have client certificate, use its secret as peer key
*/
@ -2948,6 +3045,7 @@ int ssl3_send_client_key_exchange(SSL *s)
EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
#endif
s->state = SSL_ST_ERR;
return (-1);
}
@ -3081,6 +3179,7 @@ int ssl3_send_client_verify(SSL *s)
err:
EVP_MD_CTX_cleanup(&mctx);
EVP_PKEY_CTX_free(pctx);
s->state = SSL_ST_ERR;
return (-1);
}
@ -3149,6 +3248,7 @@ int ssl3_send_client_certificate(SSL *s)
if (!l) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return 0;
}
s->init_num = (int)l;
@ -3165,6 +3265,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
int i, idx;
long alg_k, alg_a;
EVP_PKEY *pkey = NULL;
int pkey_bits;
SESS_CERT *sc;
#ifndef OPENSSL_NO_RSA
RSA *rsa;
@ -3172,6 +3273,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
#ifndef OPENSSL_NO_DH
DH *dh;
#endif
int al = SSL_AD_HANDSHAKE_FAILURE;
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
alg_a = s->s3->tmp.new_cipher->algorithm_auth;
@ -3207,6 +3309,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
}
#endif
pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509);
pkey_bits = EVP_PKEY_bits(pkey);
i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
EVP_PKEY_free(pkey);
@ -3224,38 +3327,71 @@ int ssl3_check_cert_and_algorithm(SSL *s)
}
#endif
#ifndef OPENSSL_NO_RSA
if ((alg_k & SSL_kRSA) &&
!(has_bits(i, EVP_PK_RSA | EVP_PKT_ENC) || (rsa != NULL))) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_RSA_ENCRYPTING_CERT);
goto f_err;
if (alg_k & SSL_kRSA) {
if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
!has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_RSA_ENCRYPTING_CERT);
goto f_err;
} else if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
if (pkey_bits <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
if (!has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_RSA_ENCRYPTING_CERT);
goto f_err;
}
if (rsa != NULL) {
/* server key exchange is not allowed. */
al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
goto f_err;
}
}
}
}
#endif
#ifndef OPENSSL_NO_DH
if ((alg_k & SSL_kEDH) &&
!(has_bits(i, EVP_PK_DH | EVP_PKT_EXCH) || (dh != NULL))) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_DH_KEY);
if ((alg_k & SSL_kEDH) && dh == NULL) {
al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
goto f_err;
} else if ((alg_k & SSL_kDHr) && !has_bits(i, EVP_PK_DH | EVP_PKS_RSA)) {
}
if ((alg_k & SSL_kDHr) && !has_bits(i, EVP_PK_DH | EVP_PKS_RSA)) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_DH_RSA_CERT);
goto f_err;
}
# ifndef OPENSSL_NO_DSA
else if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH | EVP_PKS_DSA)) {
if ((alg_k & SSL_kDHd) && !has_bits(i, EVP_PK_DH | EVP_PKS_DSA)) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_DH_DSA_CERT);
goto f_err;
}
# endif
#endif
if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i, EVP_PKT_EXP)) {
/* Check DHE only: static DH not implemented. */
if (alg_k & SSL_kEDH) {
int dh_size = BN_num_bits(dh->p);
if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 768)
|| (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
goto f_err;
}
}
#endif /* !OPENSSL_NO_DH */
if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
pkey_bits > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
#ifndef OPENSSL_NO_RSA
if (alg_k & SSL_kRSA) {
if (rsa == NULL
|| RSA_size(rsa) * 8 >
if (rsa == NULL) {
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
goto f_err;
} else if (BN_num_bits(rsa->n) >
SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
/* We have a temporary RSA key but it's too large. */
al = SSL_AD_EXPORT_RESTRICTION;
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
goto f_err;
@ -3263,14 +3399,21 @@ int ssl3_check_cert_and_algorithm(SSL *s)
} else
#endif
#ifndef OPENSSL_NO_DH
if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
if (dh == NULL
|| DH_size(dh) * 8 >
if (alg_k & SSL_kEDH) {
if (BN_num_bits(dh->p) >
SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
/* We have a temporary DH key but it's too large. */
al = SSL_AD_EXPORT_RESTRICTION;
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_EXPORT_TMP_DH_KEY);
goto f_err;
}
} else if (alg_k & (SSL_kDHr | SSL_kDHd)) {
/* The cert should have had an export DH key. */
al = SSL_AD_EXPORT_RESTRICTION;
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
SSL_R_MISSING_EXPORT_TMP_DH_KEY);
goto f_err;
} else
#endif
{
@ -3281,12 +3424,62 @@ int ssl3_check_cert_and_algorithm(SSL *s)
}
return (1);
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
return (0);
}
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
#ifndef OPENSSL_NO_TLSEXT
/*
* Normally, we can tell if the server is resuming the session from
* the session ID. EAP-FAST (RFC 4851), however, relies on the next server
* message after the ServerHello to determine if the server is resuming.
* Therefore, we allow EAP-FAST to peek ahead.
* ssl3_check_finished returns 1 if we are resuming from an external
* pre-shared secret, we have a "ticket" and the next server handshake message
* is Finished; and 0 otherwise. It returns -1 upon an error.
*/
static int ssl3_check_finished(SSL *s)
{
int ok = 0;
if (s->version < TLS1_VERSION || !s->tls_session_secret_cb ||
!s->session->tlsext_tick)
return 0;
/* Need to permit this temporarily, in case the next message is Finished. */
s->s3->flags |= SSL3_FLAGS_CCS_OK;
/*
* This function is called when we might get a Certificate message instead,
* so permit appropriate message length.
* We ignore the return value as we're only interested in the message type
* and not its length.
*/
s->method->ssl_get_message(s,
SSL3_ST_CR_CERT_A,
SSL3_ST_CR_CERT_B,
-1, s->max_cert_list, &ok);
s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
if (!ok)
return -1;
s->s3->tmp.reuse_message = 1;
if (s->s3->tmp.message_type == SSL3_MT_FINISHED)
return 1;
/* If we're not done, then the CCS arrived early and we should bail. */
if (s->s3->change_cipher_spec) {
SSLerr(SSL_F_SSL3_CHECK_FINISHED, SSL_R_CCS_RECEIVED_EARLY);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
return -1;
}
return 0;
}
# ifndef OPENSSL_NO_NEXTPROTONEG
int ssl3_send_next_proto(SSL *s)
{
unsigned int len, padding_len;
@ -3309,8 +3502,8 @@ int ssl3_send_next_proto(SSL *s)
return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
}
#endif /* !OPENSSL_NO_TLSEXT &&
* !OPENSSL_NO_NEXTPROTONEG */
#endif /* !OPENSSL_NO_NEXTPROTONEG */
#endif /* !OPENSSL_NO_TLSEXT */
int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
{

13
crypto/external/bsd/openssl/dist/ssl/s3_pkt.c vendored
View File

@ -347,11 +347,22 @@ static int ssl3_get_record(SSL *s)
if (version != s->version) {
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);
if ((s->version & 0xFF00) == (version & 0xFF00)
&& !s->enc_write_ctx && !s->write_hash)
&& !s->enc_write_ctx && !s->write_hash) {
if (rr->type == SSL3_RT_ALERT) {
/*
* The record is using an incorrect version number, but
* what we've got appears to be an alert. We haven't
* read the body yet to check whether its a fatal or
* not - but chances are it is. We probably shouldn't
* send a fatal alert back. We'll just end.
*/
goto err;
}
/*
* Send back error using their minor version number :-)
*/
s->version = (unsigned short)version;
}
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}

262
crypto/external/bsd/openssl/dist/ssl/s3_srvr.c vendored
View File

@ -266,6 +266,7 @@ int ssl3_accept(SSL *s)
if ((s->version >> 8) != 3) {
SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return -1;
}
s->type = SSL_ST_ACCEPT;
@ -273,11 +274,13 @@ int ssl3_accept(SSL *s)
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
BUF_MEM_free(buf);
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
s->init_buf = buf;
@ -285,6 +288,7 @@ int ssl3_accept(SSL *s)
if (!ssl3_setup_buffers(s)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -303,6 +307,7 @@ int ssl3_accept(SSL *s)
*/
if (!ssl_init_wbio_buffer(s, 1)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -320,6 +325,7 @@ int ssl3_accept(SSL *s)
SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
ret = -1;
s->state = SSL_ST_ERR;
goto end;
} else {
/*
@ -379,6 +385,7 @@ int ssl3_accept(SSL *s)
SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_CLIENTHELLO_TLSEXT);
ret = SSL_TLSEXT_ERR_ALERT_FATAL;
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
}
@ -529,9 +536,12 @@ int ssl3_accept(SSL *s)
skip = 1;
s->s3->tmp.cert_request = 0;
s->state = SSL3_ST_SW_SRVR_DONE_A;
if (s->s3->handshake_buffer)
if (!ssl3_digest_cached_records(s))
if (s->s3->handshake_buffer) {
if (!ssl3_digest_cached_records(s)) {
s->state = SSL_ST_ERR;
return -1;
}
}
} else {
s->s3->tmp.cert_request = 1;
ret = ssl3_send_certificate_request(s);
@ -629,11 +639,14 @@ int ssl3_accept(SSL *s)
*/
if (!s->s3->handshake_buffer) {
SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return -1;
}
s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
if (!ssl3_digest_cached_records(s))
if (!ssl3_digest_cached_records(s)) {
s->state = SSL_ST_ERR;
return -1;
}
} else {
int offset = 0;
int dgst_num;
@ -647,13 +660,15 @@ int ssl3_accept(SSL *s)
* CertificateVerify should be generalized. But it is next
* step
*/
if (s->s3->handshake_buffer)
if (!ssl3_digest_cached_records(s))
if (s->s3->handshake_buffer) {
if (!ssl3_digest_cached_records(s)) {
s->state = SSL_ST_ERR;
return -1;
if (s->s3->handshake_dgst != NULL) {
for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++)
if (s->s3->handshake_dgst[dgst_num]) {
int dgst_size;
}
}
for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++)
if (s->s3->handshake_dgst[dgst_num]) {
int dgst_size;
s->method->ssl3_enc->cert_verify_mac(s,
EVP_MD_CTX_type
@ -663,29 +678,20 @@ int ssl3_accept(SSL *s)
&(s->s3->
tmp.cert_verify_md
[offset]));
dgst_size =
EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
if (dgst_size < 0) {
ret = -1;
goto end;
}
offset += dgst_size;
}
}
}
dgst_size =
EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
if (dgst_size < 0) {
s->state = SSL_ST_ERR;
ret = -1;
goto end;
}
offset += dgst_size;
}
}
break;
case SSL3_ST_SR_CERT_VRFY_A:
case SSL3_ST_SR_CERT_VRFY_B:
/*
* This *should* be the first time we enable CCS, but be
* extra careful about surrounding code changes. We need
* to set this here because we don't know if we're
* expecting a CertificateVerify or not.
*/
if (!s->s3->change_cipher_spec)
s->s3->flags |= SSL3_FLAGS_CCS_OK;
/* we should decide if we expected this one */
ret = ssl3_get_cert_verify(s);
if (ret <= 0)
goto end;
@ -705,11 +711,10 @@ int ssl3_accept(SSL *s)
case SSL3_ST_SR_NEXT_PROTO_A:
case SSL3_ST_SR_NEXT_PROTO_B:
/*
* Enable CCS for resumed handshakes with NPN.
* In a full handshake with NPN, we end up here through
* SSL3_ST_SR_CERT_VRFY_B, where SSL3_FLAGS_CCS_OK was
* already set. Receiving a CCS clears the flag, so make
* sure not to re-enable it to ban duplicates.
* Enable CCS for NPN. Receiving a CCS clears the flag, so make
* sure not to re-enable it to ban duplicates. This *should* be the
* first time we have received one - but we check anyway to be
* cautious.
* s->s3->change_cipher_spec is set when a CCS is
* processed in s3_pkt.c, and remains set until
* the client's Finished message is read.
@ -728,10 +733,8 @@ int ssl3_accept(SSL *s)
case SSL3_ST_SR_FINISHED_A:
case SSL3_ST_SR_FINISHED_B:
/*
* Enable CCS for resumed handshakes without NPN.
* In a full handshake, we end up here through
* SSL3_ST_SR_CERT_VRFY_B, where SSL3_FLAGS_CCS_OK was
* already set. Receiving a CCS clears the flag, so make
* Enable CCS for handshakes without NPN. In NPN the CCS flag has
* already been set. Receiving a CCS clears the flag, so make
* sure not to re-enable it to ban duplicates.
* s->s3->change_cipher_spec is set when a CCS is
* processed in s3_pkt.c, and remains set until
@ -781,6 +784,7 @@ int ssl3_accept(SSL *s)
s->session->cipher = s->s3->tmp.new_cipher;
if (!s->method->ssl3_enc->setup_key_block(s)) {
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -797,6 +801,7 @@ int ssl3_accept(SSL *s)
SSL3_CHANGE_CIPHER_SERVER_WRITE))
{
ret = -1;
s->state = SSL_ST_ERR;
goto end;
}
@ -859,6 +864,7 @@ int ssl3_accept(SSL *s)
goto end;
/* break; */
case SSL_ST_ERR:
default:
SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
ret = -1;
@ -1000,6 +1006,16 @@ int ssl3_get_client_hello(SSL *s)
s->first_packet = 0;
d = p = (unsigned char *)s->init_msg;
/*
* 2 bytes for client version, SSL3_RANDOM_SIZE bytes for random, 1 byte
* for session id length
*/
if (n < 2 + SSL3_RANDOM_SIZE + 1) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
goto f_err;
}
/*
* use version from inside client hello, not from record header (may
* differ: see RFC 2246, Appendix E, second paragraph)
@ -1031,6 +1047,12 @@ int ssl3_get_client_hello(SSL *s)
unsigned int session_length, cookie_length;
session_length = *(p + SSL3_RANDOM_SIZE);
if (p + SSL3_RANDOM_SIZE + session_length + 1 >= d + n) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
goto f_err;
}
cookie_length = *(p + SSL3_RANDOM_SIZE + session_length + 1);
if (cookie_length == 0)
@ -1044,6 +1066,12 @@ int ssl3_get_client_hello(SSL *s)
/* get the session-id */
j = *(p++);
if (p + j > d + n) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
goto f_err;
}
s->hit = 0;
/*
* Versions before 0.9.7 always allow clients to resume sessions in
@ -1088,8 +1116,19 @@ int ssl3_get_client_hello(SSL *s)
if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
/* cookie stuff */
if (p + 1 > d + n) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
goto f_err;
}
cookie_len = *(p++);
if (p + cookie_len > d + n) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
goto f_err;
}
/*
* The ClientHello may contain a cookie even if the
* HelloVerify message has not been sent--make sure that it
@ -1130,27 +1169,33 @@ int ssl3_get_client_hello(SSL *s)
p += cookie_len;
}
if (p + 2 > d + n) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
goto f_err;
}
n2s(p, i);
if ((i == 0) && (j != 0)) {
/* we need a cipher if we are not resuming a session */
if (i == 0) {
al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_CIPHERS_SPECIFIED);
goto f_err;
}
if ((p + i) >= (d + n)) {
/* i bytes of cipher data + 1 byte for compression length later */
if ((p + i + 1) > (d + n)) {
/* not enough data */
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
goto f_err;
}
if ((i > 0) && (ssl_bytes_to_cipher_list(s, p, i, &(ciphers))
== NULL)) {
if (ssl_bytes_to_cipher_list(s, p, i, &(ciphers)) == NULL) {
goto err;
}
p += i;
/* If it is a hit, check that the cipher is in the list */
if ((s->hit) && (i > 0)) {
if (s->hit) {
j = 0;
id = s->session->cipher->id;
@ -1386,8 +1431,8 @@ int ssl3_get_client_hello(SSL *s)
sk_SSL_CIPHER_free(s->session->ciphers);
s->session->ciphers = ciphers;
if (ciphers == NULL) {
al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_CIPHERS_PASSED);
al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
goto f_err;
}
ciphers = NULL;
@ -1459,8 +1504,10 @@ int ssl3_get_client_hello(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
}
err:
s->state = SSL_ST_ERR;
}
if (ciphers != NULL)
sk_SSL_CIPHER_free(ciphers);
return (ret);
@ -1477,8 +1524,10 @@ int ssl3_send_server_hello(SSL *s)
buf = (unsigned char *)s->init_buf->data;
#ifdef OPENSSL_NO_TLSEXT
p = s->s3->server_random;
if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0)
if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) {
s->state = SSL_ST_ERR;
return -1;
}
#endif
/* Do the message type and length last */
d = p = &(buf[4]);
@ -1513,6 +1562,7 @@ int ssl3_send_server_hello(SSL *s)
sl = s->session->session_id_length;
if (sl > (int)sizeof(s->session->session_id)) {
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return -1;
}
*(p++) = sl;
@ -1535,6 +1585,7 @@ int ssl3_send_server_hello(SSL *s)
#ifndef OPENSSL_NO_TLSEXT
if (ssl_prepare_serverhello_tlsext(s) <= 0) {
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
s->state = SSL_ST_ERR;
return -1;
}
if ((p =
@ -1542,6 +1593,7 @@ int ssl3_send_server_hello(SSL *s)
buf + SSL3_RT_MAX_PLAIN_LENGTH)) ==
NULL) {
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return -1;
}
#endif
@ -2025,6 +2077,7 @@ int ssl3_send_server_key_exchange(SSL *s)
BN_CTX_free(bn_ctx);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
s->state = SSL_ST_ERR;
return (-1);
}
@ -2122,6 +2175,7 @@ int ssl3_send_certificate_request(SSL *s)
/* SSL3_ST_SW_CERT_REQ_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
err:
s->state = SSL_ST_ERR;
return (-1);
}
@ -2376,6 +2430,7 @@ int ssl3_get_client_key_exchange(SSL *s)
int padl, outl;
krb5_timestamp authtime = 0;
krb5_ticket_times ttimes;
int kerr = 0;
EVP_CIPHER_CTX_init(&ciph_ctx);
@ -2479,23 +2534,27 @@ int ssl3_get_client_key_exchange(SSL *s)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DECRYPTION_FAILED);
goto err;
kerr = 1;
goto kclean;
}
if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DATA_LENGTH_TOO_LONG);
goto err;
kerr = 1;
goto kclean;
}
if (!EVP_DecryptFinal_ex(&ciph_ctx, &(pms[outl]), &padl)) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DECRYPTION_FAILED);
goto err;
kerr = 1;
goto kclean;
}
outl += padl;
if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DATA_LENGTH_TOO_LONG);
goto err;
kerr = 1;
goto kclean;
}
if (!((pms[0] == (s->client_version >> 8))
&& (pms[1] == (s->client_version & 0xff)))) {
@ -2512,7 +2571,8 @@ int ssl3_get_client_key_exchange(SSL *s)
if (!(s->options & SSL_OP_TLS_ROLLBACK_BUG)) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_AD_DECODE_ERROR);
goto err;
kerr = 1;
goto kclean;
}
}
@ -2538,6 +2598,11 @@ int ssl3_get_client_key_exchange(SSL *s)
* kssl_ctx = kssl_ctx_free(kssl_ctx);
* if (s->kssl_ctx) s->kssl_ctx = NULL;
*/
kclean:
OPENSSL_cleanse(pms, sizeof(pms));
if (kerr)
goto err;
} else
#endif /* OPENSSL_NO_KRB5 */
@ -2856,6 +2921,7 @@ int ssl3_get_client_key_exchange(SSL *s)
s->
session->master_key,
premaster_secret, 32);
OPENSSL_cleanse(premaster_secret, sizeof(premaster_secret));
/* Check if pubkey from client certificate was used */
if (EVP_PKEY_CTX_ctrl
(pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
@ -2888,6 +2954,7 @@ int ssl3_get_client_key_exchange(SSL *s)
EC_KEY_free(srvr_ecdh);
BN_CTX_free(bn_ctx);
#endif
s->state = SSL_ST_ERR;
return (-1);
}
@ -2903,39 +2970,31 @@ int ssl3_get_cert_verify(SSL *s)
EVP_MD_CTX mctx;
EVP_MD_CTX_init(&mctx);
n = s->method->ssl_get_message(s,
SSL3_ST_SR_CERT_VRFY_A,
SSL3_ST_SR_CERT_VRFY_B,
-1, SSL3_RT_MAX_PLAIN_LENGTH, &ok);
if (!ok)
return ((int)n);
if (s->session->peer != NULL) {
peer = s->session->peer;
pkey = X509_get_pubkey(peer);
type = X509_certificate_type(peer, pkey);
} else {
peer = NULL;
pkey = NULL;
}
if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY) {
s->s3->tmp.reuse_message = 1;
if (peer != NULL) {
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_MISSING_VERIFY_MESSAGE);
goto f_err;
}
/*
* We should only process a CertificateVerify message if we have received
* a Certificate from the client. If so then |s->session->peer| will be non
* NULL. In some instances a CertificateVerify message is not required even
* if the peer has sent a Certificate (e.g. such as in the case of static
* DH). In that case the ClientKeyExchange processing will skip the
* CertificateVerify state so we should not arrive here.
*/
if (s->session->peer == NULL) {
ret = 1;
goto end;
}
if (peer == NULL) {
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_NO_CLIENT_CERT_RECEIVED);
al = SSL_AD_UNEXPECTED_MESSAGE;
goto f_err;
}
n = s->method->ssl_get_message(s,
SSL3_ST_SR_CERT_VRFY_A,
SSL3_ST_SR_CERT_VRFY_B,
SSL3_MT_CERTIFICATE_VERIFY,
SSL3_RT_MAX_PLAIN_LENGTH, &ok);
if (!ok)
return ((int)n);
peer = s->session->peer;
pkey = X509_get_pubkey(peer);
type = X509_certificate_type(peer, pkey);
if (!(type & EVP_PKT_SIGN)) {
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
@ -2944,12 +3003,6 @@ int ssl3_get_cert_verify(SSL *s)
goto f_err;
}
if (s->s3->change_cipher_spec) {
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_CCS_RECEIVED_EARLY);
al = SSL_AD_UNEXPECTED_MESSAGE;
goto f_err;
}
/* we now have a signature that we need to verify */
p = (unsigned char *)s->init_msg;
/* Check for broken implementations of GOST ciphersuites */
@ -3102,6 +3155,7 @@ int ssl3_get_cert_verify(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
s->state = SSL_ST_ERR;
}
end:
if (s->s3->handshake_buffer) {
@ -3260,8 +3314,10 @@ int ssl3_get_client_certificate(SSL *s)
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
}
err:
s->state = SSL_ST_ERR;
}
if (x != NULL)
X509_free(x);
if (sk != NULL)
@ -3282,6 +3338,7 @@ int ssl3_send_server_certificate(SSL *s)
(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5)) {
SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,
ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return (0);
}
}
@ -3289,6 +3346,7 @@ int ssl3_send_server_certificate(SSL *s)
l = ssl3_output_cert_chain(s, x);
if (!l) {
SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return (0);
}
s->state = SSL3_ST_SW_CERT_B;
@ -3324,11 +3382,15 @@ int ssl3_send_newsession_ticket(SSL *s)
* Some length values are 16 bits, so forget it if session is too
* long
*/
if (slen_full == 0 || slen_full > 0xFF00)
if (slen_full == 0 || slen_full > 0xFF00) {
s->state = SSL_ST_ERR;
return -1;
}
senc = OPENSSL_malloc(slen_full);
if (!senc)
if (!senc) {
s->state = SSL_ST_ERR;
return -1;
}
EVP_CIPHER_CTX_init(&ctx);
HMAC_CTX_init(&hctx);
@ -3451,6 +3513,7 @@ int ssl3_send_newsession_ticket(SSL *s)
OPENSSL_free(senc);
EVP_CIPHER_CTX_cleanup(&ctx);
HMAC_CTX_cleanup(&hctx);
s->state = SSL_ST_ERR;
return -1;
}
@ -3464,8 +3527,10 @@ int ssl3_send_cert_status(SSL *s)
* 1 (ocsp response type) + 3 (ocsp response length)
* + (ocsp response)
*/
if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen))
if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen)) {
s->state = SSL_ST_ERR;
return -1;
}
p = (unsigned char *)s->init_buf->data;
@ -3508,6 +3573,7 @@ int ssl3_get_next_proto(SSL *s)
if (!s->s3->next_proto_neg_seen) {
SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
s->state = SSL_ST_ERR;
return -1;
}
@ -3527,11 +3593,14 @@ int ssl3_get_next_proto(SSL *s)
*/
if (!s->s3->change_cipher_spec) {
SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
s->state = SSL_ST_ERR;
return -1;
}
if (n < 2)
if (n < 2) {
s->state = SSL_ST_ERR;
return 0; /* The body must be > 1 bytes long */
}
p = (unsigned char *)s->init_msg;
@ -3543,15 +3612,20 @@ int ssl3_get_next_proto(SSL *s)
* uint8 padding[padding_len];
*/
proto_len = p[0];
if (proto_len + 2 > s->init_num)
if (proto_len + 2 > s->init_num) {
s->state = SSL_ST_ERR;
return 0;
}
padding_len = p[proto_len + 1];
if (proto_len + padding_len + 2 != s->init_num)
if (proto_len + padding_len + 2 != s->init_num) {
s->state = SSL_ST_ERR;
return 0;
}
s->next_proto_negotiated = OPENSSL_malloc(proto_len);
if (!s->next_proto_negotiated) {
SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, ERR_R_MALLOC_FAILURE);
s->state = SSL_ST_ERR;
return 0;
}
memcpy(s->next_proto_negotiated, p + 1, proto_len);

4
crypto/external/bsd/openssl/dist/ssl/ssl.h vendored
View File

@ -1544,6 +1544,7 @@ extern "C" {
# define SSL_ST_BEFORE 0x4000
# define SSL_ST_OK 0x03
# define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
# define SSL_ST_ERR 0x05
# define SSL_CB_LOOP 0x01
# define SSL_CB_EXIT 0x02
@ -2303,6 +2304,7 @@ void ERR_load_SSL_strings(void);
# define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
# define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
# define SSL_F_SSL3_CHECK_FINISHED 339
# define SSL_F_SSL3_CLIENT_HELLO 131
# define SSL_F_SSL3_CONNECT 132
# define SSL_F_SSL3_CTRL 213
@ -2408,6 +2410,7 @@ void ERR_load_SSL_strings(void);
# define SSL_F_SSL_READ 223
# define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
# define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
# define SSL_F_SSL_SESSION_DUP 348
# define SSL_F_SSL_SESSION_NEW 189
# define SSL_F_SSL_SESSION_PRINT_FP 190
# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
@ -2522,6 +2525,7 @@ void ERR_load_SSL_strings(void);
# define SSL_R_DATA_LENGTH_TOO_LONG 146
# define SSL_R_DECRYPTION_FAILED 147
# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
# define SSL_R_DH_KEY_TOO_SMALL 372
# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
# define SSL_R_DIGEST_CHECK_FAILED 149
# define SSL_R_DTLS_MESSAGE_TOO_BIG 334

3
crypto/external/bsd/openssl/dist/ssl/ssl_err.c vendored
View File

@ -160,6 +160,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
{ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),
"SSL3_DO_CHANGE_CIPHER_SPEC"},
{ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"},
{ERR_FUNC(SSL_F_SSL3_CHECK_FINISHED), "SSL3_CHECK_FINISHED"},
{ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
{ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),
"SSL3_GET_CERTIFICATE_REQUEST"},
@ -298,6 +299,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
{ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
{ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"},
{ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
{ERR_FUNC(SSL_F_SSL_SESSION_DUP), "ssl_session_dup"},
{ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
{ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
{ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT),
@ -440,6 +442,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
{ERR_REASON(SSL_R_DECRYPTION_FAILED), "decryption failed"},
{ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),
"decryption failed or bad record mac"},
{ERR_REASON(SSL_R_DH_KEY_TOO_SMALL), "dh key too small"},
{ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),
"dh public value length is wrong"},
{ERR_REASON(SSL_R_DIGEST_CHECK_FAILED), "digest check failed"},

8
crypto/external/bsd/openssl/dist/ssl/ssl_lib.c vendored
View File

@ -1440,9 +1440,13 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
return (NULL);
}
if ((skp == NULL) || (*skp == NULL))
if ((skp == NULL) || (*skp == NULL)) {
sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
else {
if(sk == NULL) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
return NULL;
}
} else {
sk = *skp;
sk_SSL_CIPHER_zero(sk);
}

1
crypto/external/bsd/openssl/dist/ssl/ssl_locl.h vendored
View File

@ -865,6 +865,7 @@ int ssl_set_peer_cert_type(SESS_CERT *c, int type);
int ssl_get_new_session(SSL *s, int session);
int ssl_get_prev_session(SSL *s, unsigned char *session, int len,
const unsigned char *limit);
SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket);
int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,

20
crypto/external/bsd/openssl/dist/ssl/ssltest.c vendored
View File

@ -336,7 +336,9 @@ static void sv_usage(void)
" -bytes <val> - number of bytes to swap between client/server\n");
#ifndef OPENSSL_NO_DH
fprintf(stderr,
" -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
" -dhe512 - use 512 bit key for DHE (to test failure)\n");
fprintf(stderr,
" -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
fprintf(stderr,
" -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
fprintf(stderr, " -no_dhe - disable DHE\n");
@ -531,7 +533,7 @@ int main(int argc, char *argv[])
long bytes = 256L;
#ifndef OPENSSL_NO_DH
DH *dh;
int dhe1024 = 0, dhe1024dsa = 0;
int dhe512 = 0, dhe1024dsa = 0;
#endif
#ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh = NULL;
@ -611,19 +613,19 @@ int main(int argc, char *argv[])
debug = 1;
else if (strcmp(*argv, "-reuse") == 0)
reuse = 1;
else if (strcmp(*argv, "-dhe1024") == 0) {
else if (strcmp(*argv, "-dhe512") == 0) {
#ifndef OPENSSL_NO_DH
dhe1024 = 1;
dhe512 = 1;
#else
fprintf(stderr,
"ignoring -dhe1024, since I'm compiled without DH\n");
"ignoring -dhe512, since I'm compiled without DH\n");
#endif
} else if (strcmp(*argv, "-dhe1024dsa") == 0) {
#ifndef OPENSSL_NO_DH
dhe1024dsa = 1;
#else
fprintf(stderr,
"ignoring -dhe1024, since I'm compiled without DH\n");
"ignoring -dhe1024dsa, since I'm compiled without DH\n");
#endif
} else if (strcmp(*argv, "-no_dhe") == 0)
no_dhe = 1;
@ -905,10 +907,10 @@ int main(int argc, char *argv[])
*/
SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
dh = get_dh1024dsa();
} else if (dhe1024)
dh = get_dh1024();
else
} else if (dhe512)
dh = get_dh512();
else
dh = get_dh1024();
SSL_CTX_set_tmp_dh(s_ctx, dh);
DH_free(dh);
}

9
crypto/external/bsd/openssl/dist/ssl/t1_enc.c vendored
View File

@ -261,7 +261,7 @@ static int tls1_PRF(long digest_mask,
if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
count++;
}
if(!count) {
if (!count) {
/* Should never happen */
SSLerr(SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR);
goto err;
@ -785,7 +785,7 @@ int tls1_enc(SSL *s, int send)
bs = EVP_CIPHER_block_size(ds->cipher);
if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
unsigned char buf[13], *seq;
unsigned char buf[EVP_AEAD_TLS1_AAD_LEN], *seq;
seq = send ? s->s3->write_sequence : s->s3->read_sequence;
@ -809,7 +809,10 @@ int tls1_enc(SSL *s, int send)
buf[10] = (unsigned char)(s->version);
buf[11] = rec->length >> 8;
buf[12] = rec->length & 0xff;
pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD, 13, buf);
pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD,
EVP_AEAD_TLS1_AAD_LEN, buf);
if (pad <= 0)
return -1;
if (send) {
l += pad;
rec->length += pad;

176
crypto/external/bsd/openssl/dist/ssl/t1_lib.c vendored
View File

@ -1016,19 +1016,23 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
s->srtp_profile = NULL;
if (data >= (d + n - 2))
goto ri_check;
if (data >= (d + n - 2)) {
if (data != d + n)
goto err;
else
goto ri_check;
}
n2s(data, len);
if (data > (d + n - len))
goto ri_check;
goto err;
while (data <= (d + n - 4)) {
n2s(data, type);
n2s(data, size);
if (data + size > (d + n))
goto ri_check;
goto err;
# if 0
fprintf(stderr, "Received extension type %d size %d\n", type, size);
# endif
@ -1064,16 +1068,12 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
int servname_type;
int dsize;
if (size < 2) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (size < 2)
goto err;
n2s(data, dsize);
size -= 2;
if (dsize > size) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (dsize > size)
goto err;
sdata = data;
while (dsize > 3) {
@ -1081,18 +1081,16 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
n2s(sdata, len);
dsize -= 3;
if (len > dsize) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (len > dsize)
goto err;
if (s->servername_done == 0)
switch (servname_type) {
case TLSEXT_NAMETYPE_host_name:
if (!s->hit) {
if (s->session->tlsext_hostname) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (s->session->tlsext_hostname)
goto err;
if (len > TLSEXT_MAXLEN_host_name) {
*al = TLS1_AD_UNRECOGNIZED_NAME;
return 0;
@ -1126,31 +1124,23 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
dsize -= len;
}
if (dsize != 0) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (dsize != 0)
goto err;
}
# ifndef OPENSSL_NO_SRP
else if (type == TLSEXT_TYPE_srp) {
if (size <= 0 || ((len = data[0])) != (size - 1)) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (s->srp_ctx.login != NULL) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (size == 0 || ((len = data[0])) != (size - 1))
goto err;
if (s->srp_ctx.login != NULL)
goto err;
if ((s->srp_ctx.login = OPENSSL_malloc(len + 1)) == NULL)
return -1;
memcpy(s->srp_ctx.login, &data[1], len);
s->srp_ctx.login[len] = '\0';
if (strlen(s->srp_ctx.login) != len) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (strlen(s->srp_ctx.login) != len)
goto err;
}
# endif
@ -1159,10 +1149,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++);
if (ecpointformatlist_length != size - 1) {
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
if (ecpointformatlist_length != size - 1)
goto err;
if (!s->hit) {
if (s->session->tlsext_ecpointformatlist) {
OPENSSL_free(s->session->tlsext_ecpointformatlist);
@ -1196,15 +1184,13 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
if (ellipticcurvelist_length != size - 2 ||
ellipticcurvelist_length < 1 ||
/* Each NamedCurve is 2 bytes. */
ellipticcurvelist_length & 1) {
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
ellipticcurvelist_length & 1)
goto err;
if (!s->hit) {
if (s->session->tlsext_ellipticcurvelist) {
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
if (s->session->tlsext_ellipticcurvelist)
goto err;
s->session->tlsext_ellipticcurvelist_length = 0;
if ((s->session->tlsext_ellipticcurvelist =
OPENSSL_malloc(ellipticcurvelist_length)) == NULL) {
@ -1273,28 +1259,20 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
renegotiate_seen = 1;
} else if (type == TLSEXT_TYPE_signature_algorithms) {
int dsize;
if (sigalg_seen || size < 2) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (sigalg_seen || size < 2)
goto err;
sigalg_seen = 1;
n2s(data, dsize);
size -= 2;
if (dsize != size || dsize & 1) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (!tls1_process_sigalgs(s, data, dsize)) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (dsize != size || dsize & 1)
goto err;
if (!tls1_process_sigalgs(s, data, dsize))
goto err;
} else if (type == TLSEXT_TYPE_status_request &&
s->version != DTLS1_VERSION) {
if (size < 5) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (size < 5)
goto err;
s->tlsext_status_type = *data++;
size--;
@ -1304,35 +1282,26 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
/* Read in responder_id_list */
n2s(data, dsize);
size -= 2;
if (dsize > size) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (dsize > size)
goto err;
while (dsize > 0) {
OCSP_RESPID *id;
int idsize;
if (dsize < 4) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (dsize < 4)
goto err;
n2s(data, idsize);
dsize -= 2 + idsize;
size -= 2 + idsize;
if (dsize < 0) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (dsize < 0)
goto err;
sdata = data;
data += idsize;
id = d2i_OCSP_RESPID(NULL, &sdata, idsize);
if (!id) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (!id)
goto err;
if (data != sdata) {
OCSP_RESPID_free(id);
*al = SSL_AD_DECODE_ERROR;
return 0;
goto err;
}
if (!s->tlsext_ocsp_ids
&& !(s->tlsext_ocsp_ids =
@ -1349,16 +1318,12 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
}
/* Read in request_extensions */
if (size < 2) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (size < 2)
goto err;
n2s(data, dsize);
size -= 2;
if (dsize != size) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (dsize != size)
goto err;
sdata = data;
if (dsize > 0) {
if (s->tlsext_ocsp_exts) {
@ -1368,10 +1333,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
s->tlsext_ocsp_exts =
d2i_X509_EXTENSIONS(NULL, &sdata, dsize);
if (!s->tlsext_ocsp_exts || (data + dsize != sdata)) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
if (!s->tlsext_ocsp_exts || (data + dsize != sdata))
goto err;
}
}
/*
@ -1432,6 +1395,10 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
data += size;
}
/* Spurious data on the end */
if (data != d + n)
goto err;
*p = data;
ri_check:
@ -1447,6 +1414,9 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
}
return 1;
err:
*al = SSL_AD_DECODE_ERROR;
return 0;
}
# ifndef OPENSSL_NO_NEXTPROTONEG
@ -2612,7 +2582,10 @@ int tls1_process_heartbeat(SSL *s)
memcpy(bp, pl, payload);
bp += payload;
/* Random padding */
RAND_pseudo_bytes(bp, padding);
if (RAND_pseudo_bytes(bp, padding) < 0) {
OPENSSL_free(buffer);
return -1;
}
r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer,
3 + payload + padding);
@ -2647,7 +2620,7 @@ int tls1_process_heartbeat(SSL *s)
int tls1_heartbeat(SSL *s)
{
unsigned char *buf, *p;
int ret;
int ret = -1;
unsigned int payload = 18; /* Sequence number + random bytes */
unsigned int padding = 16; /* Use minimum padding */
@ -2695,10 +2668,16 @@ int tls1_heartbeat(SSL *s)
/* Sequence number */
s2n(s->tlsext_hb_seq, p);
/* 16 random bytes */
RAND_pseudo_bytes(p, 16);
if (RAND_pseudo_bytes(p, 16) < 0) {
SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
goto err;
}
p += 16;
/* Random padding */
RAND_pseudo_bytes(p, padding);
if (RAND_pseudo_bytes(p, padding) < 0) {
SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
goto err;
}
ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
if (ret >= 0) {
@ -2710,6 +2689,7 @@ int tls1_heartbeat(SSL *s)
s->tlsext_hb_pending = 1;
}
err:
OPENSSL_free(buf);
return ret;

3
crypto/external/bsd/openssl/dist/ssl/tls_srp.c vendored
View File

@ -454,7 +454,8 @@ int SRP_Calc_A_param(SSL *s)
{
unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
RAND_bytes(rnd, sizeof(rnd));
if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
return -1;
s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
OPENSSL_cleanse(rnd, sizeof(rnd));

17
crypto/external/bsd/openssl/dist/test/Makefile vendored
View File

@ -337,12 +337,13 @@ test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
depend:
@if [ -z "$(THIS)" ]; then \
$(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
else \
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
fi
update: local_depend
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
depend: local_depend
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
local_depend:
@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
@ -354,10 +355,10 @@ clean:
rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
$(DLIBSSL):
(cd ..; $(MAKE) DIRS=ssl all)
(cd ..; $(MAKE) build_libssl)
$(DLIBCRYPTO):
(cd ..; $(MAKE) DIRS=crypto all)
(cd ..; $(MAKE) build_libcrypto)
BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \

38
crypto/external/bsd/openssl/dist/test/testssl vendored
View File

@ -119,10 +119,9 @@ $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
echo "Testing ciphersuites"
for protocol in TLSv1.2 SSLv3; do
echo "Testing ciphersuites for $protocol"
for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
test_cipher() {
local cipher=$1
local protocol=$2
echo "Testing $cipher"
prot=""
if [ $protocol = "SSLv3" ] ; then
@ -133,7 +132,38 @@ for protocol in TLSv1.2 SSLv3; do
echo "Failed $cipher"
exit 1
fi
}
echo "Testing ciphersuites"
for protocol in TLSv1.2 SSLv3; do
echo "Testing ciphersuites for $protocol"
for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
test_cipher $cipher $protocol
done
if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
echo "skipping RSA+DHE tests"
else
for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
test_cipher $cipher $protocol
done
echo "testing connection with weak DH, expecting failure"
if [ $protocol = "SSLv3" ] ; then
$ssltest -cipher EDH -dhe512 -ssl3
else
$ssltest -cipher EDH -dhe512
fi
if [ $? -eq 0 ]; then
echo "FAIL: connection with weak DH succeeded"
exit 1
fi
fi
if ../util/shlib_wrap.sh ../apps/openssl no-ec; then
echo "skipping RSA+ECDHE tests"
else
for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EECDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
test_cipher $cipher $protocol
done
fi
done
#############################################################################

2
crypto/external/bsd/openssl/dist/util/mk1mf.pl vendored
View File

@ -326,7 +326,7 @@ open(IN,"<$infile") || die "unable to open $infile:$!\n";
$_=<IN>;
for (;;)
{
chop;
s/\s*$//; # was chop, didn't work in mixture of perls for Windows...
($key,$val)=/^([^=]+)=(.*)/;
if ($key eq "RELATIVE_DIRECTORY")

4
crypto/external/bsd/openssl/lib/libcrypto/man/ASN1_OBJECT_new.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: ASN1_OBJECT_new.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: ASN1_OBJECT_new.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_OBJECT_new 3"
.TH ASN1_OBJECT_new 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH ASN1_OBJECT_new 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/ASN1_STRING_length.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: ASN1_STRING_length.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: ASN1_STRING_length.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_length 3"
.TH ASN1_STRING_length 3 "2015-03-19" "1.0.1m" "OpenSSL"
.TH ASN1_STRING_length 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/ASN1_STRING_new.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: ASN1_STRING_new.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: ASN1_STRING_new.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_new 3"
.TH ASN1_STRING_new 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH ASN1_STRING_new 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/ASN1_STRING_print_ex.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: ASN1_STRING_print_ex.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: ASN1_STRING_print_ex.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_print_ex 3"
.TH ASN1_STRING_print_ex 3 "2015-03-19" "1.0.1m" "OpenSSL"
.TH ASN1_STRING_print_ex 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/ASN1_generate_nconf.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: ASN1_generate_nconf.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: ASN1_generate_nconf.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_generate_nconf 3"
.TH ASN1_generate_nconf 3 "2015-01-20" "1.0.1m" "OpenSSL"
.TH ASN1_generate_nconf 3 "2014-08-10" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_ctrl.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_ctrl.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_ctrl.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_ctrl 3"
.TH BIO_ctrl 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_ctrl 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_f_base64.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_f_base64.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_f_base64.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_base64 3"
.TH BIO_f_base64 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_f_base64 3 "2014-08-10" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_f_buffer.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_f_buffer.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_f_buffer.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_buffer 3"
.TH BIO_f_buffer 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_f_buffer 3 "2011-06-05" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_f_cipher.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_f_cipher.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_f_cipher.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_cipher 3"
.TH BIO_f_cipher 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_f_cipher 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_f_md.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_f_md.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_f_md.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_md 3"
.TH BIO_f_md 3 "2015-01-20" "1.0.1m" "OpenSSL"
.TH BIO_f_md 3 "2009-12-26" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_f_null.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_f_null.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_f_null.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_null 3"
.TH BIO_f_null 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_f_null 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_f_ssl.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_f_ssl.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_f_ssl.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_ssl 3"
.TH BIO_f_ssl 3 "2015-03-19" "1.0.1m" "OpenSSL"
.TH BIO_f_ssl 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_find_type.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_find_type.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_find_type.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_find_type 3"
.TH BIO_find_type 3 "2015-03-19" "1.0.1m" "OpenSSL"
.TH BIO_find_type 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_new.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_new.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_new.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_new 3"
.TH BIO_new 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_new 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_new_CMS.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_new_CMS.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_new_CMS.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_new_CMS 3"
.TH BIO_new_CMS 3 "2015-01-20" "1.0.1m" "OpenSSL"
.TH BIO_new_CMS 3 "2009-12-26" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_push.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_push.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_push.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_push 3"
.TH BIO_push 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_push 3 "2014-08-10" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_read.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_read.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_read.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_read 3"
.TH BIO_read 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_read 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_s_accept.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_s_accept.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_s_accept.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_accept 3"
.TH BIO_s_accept 3 "2015-03-19" "1.0.1m" "OpenSSL"
.TH BIO_s_accept 3 "2014-10-17" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_s_bio.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_s_bio.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_s_bio.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_bio 3"
.TH BIO_s_bio 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_s_bio 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_s_connect.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_s_connect.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_s_connect.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_connect 3"
.TH BIO_s_connect 3 "2015-03-19" "1.0.1m" "OpenSSL"
.TH BIO_s_connect 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_s_fd.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_s_fd.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_s_fd.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_fd 3"
.TH BIO_s_fd 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_s_fd 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_s_file.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_s_file.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_s_file.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_file 3"
.TH BIO_s_file 3 "2015-01-20" "1.0.1m" "OpenSSL"
.TH BIO_s_file 3 "2011-06-05" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_s_mem.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_s_mem.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_s_mem.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_mem 3"
.TH BIO_s_mem 3 "2015-01-20" "1.0.1m" "OpenSSL"
.TH BIO_s_mem 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_s_null.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_s_null.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_s_null.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_null 3"
.TH BIO_s_null 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_s_null 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_s_socket.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_s_socket.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_s_socket.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_socket 3"
.TH BIO_s_socket 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_s_socket 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_set_callback.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_set_callback.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_set_callback.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_set_callback 3"
.TH BIO_set_callback 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_set_callback 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BIO_should_retry.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BIO_should_retry.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BIO_should_retry.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_should_retry 3"
.TH BIO_should_retry 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BIO_should_retry 3 "2011-06-05" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BN_BLINDING_new.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BN_BLINDING_new.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BN_BLINDING_new.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BN_BLINDING_new 3"
.TH BN_BLINDING_new 3 "2015-03-19" "1.0.1m" "OpenSSL"
.TH BN_BLINDING_new 3 "2014-04-07" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BN_CTX_new.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BN_CTX_new.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BN_CTX_new.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BN_CTX_new 3"
.TH BN_CTX_new 3 "2015-03-19" "1.0.1m" "OpenSSL"
.TH BN_CTX_new 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BN_CTX_start.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BN_CTX_start.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BN_CTX_start.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BN_CTX_start 3"
.TH BN_CTX_start 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BN_CTX_start 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BN_add.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BN_add.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BN_add.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BN_add 3"
.TH BN_add 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BN_add 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BN_add_word.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BN_add_word.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BN_add_word.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BN_add_word 3"
.TH BN_add_word 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BN_add_word 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BN_bn2bin.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BN_bn2bin.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BN_bn2bin.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BN_bn2bin 3"
.TH BN_bn2bin 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BN_bn2bin 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BN_cmp.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BN_cmp.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BN_cmp.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BN_cmp 3"
.TH BN_cmp 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BN_cmp 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

4
crypto/external/bsd/openssl/lib/libcrypto/man/BN_copy.3 vendored
View File

@ -1,4 +1,4 @@
.\" $NetBSD: BN_copy.3,v 1.13 2015/03/23 10:22:50 spz Exp $
.\" $NetBSD: BN_copy.3,v 1.14 2015/06/12 17:01:13 christos Exp $
.\"
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
.\"
@ -135,7 +135,7 @@
.\" ========================================================================
.\"
.IX Title "BN_copy 3"
.TH BN_copy 3 "2015-01-15" "1.0.1m" "OpenSSL"
.TH BN_copy 3 "2009-07-19" "1.0.1n" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

Some files were not shown because too many files have changed in this diff Show More