Upgrade to openssl-1.0.0h
Change-Id: I0bc9b6b486bf10ebae34b994b63cf6011afdf5e1
diff --git a/ThirdPartyProject.prop b/ThirdPartyProject.prop
index fb0d2e1..9c17f70 100644
--- a/ThirdPartyProject.prop
+++ b/ThirdPartyProject.prop
@@ -1,7 +1,7 @@
# Copyright 2010 Google Inc. All Rights Reserved.
#Fri Jul 16 10:03:09 PDT 2010
-currentVersion=1.0.0g
-version=1.0.0g
+currentVersion=1.0.0h
+version=1.0.0h
isNative=true
feedurl=http\://www.openssl.org/
name=openssl
diff --git a/apps/apps.c b/apps/apps.c
index 38e6197..272fd78 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -109,7 +109,7 @@
*
*/
-#ifndef _POSIX_C_SOURCE
+#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
#define _POSIX_C_SOURCE 2 /* On VMS, you need to define this to get
the declaration of fileno(). The value
2 is to make sure no function defined
@@ -1215,7 +1215,8 @@
const char *pass, ENGINE *e, const char *desc)
{
STACK_OF(X509) *certs;
- load_certs_crls(err, file, format, pass, e, desc, &certs, NULL);
+ if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL))
+ return NULL;
return certs;
}
@@ -1223,7 +1224,8 @@
const char *pass, ENGINE *e, const char *desc)
{
STACK_OF(X509_CRL) *crls;
- load_certs_crls(err, file, format, pass, e, desc, NULL, &crls);
+ if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls))
+ return NULL;
return crls;
}
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index bbc4952..54a704a 100644
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -377,8 +377,12 @@
BIO *tmpbio;
const ASN1_AUX *aux = it->funcs;
ASN1_STREAM_ARG sarg;
+ int rv = 1;
- if (!(flags & SMIME_DETACHED))
+ /* If data is not deteched or resigning then the output BIO is
+ * already set up to finalise when it is written through.
+ */
+ if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST))
{
SMIME_crlf_copy(data, out, flags);
return 1;
@@ -405,7 +409,7 @@
/* Finalize structure */
if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
- return 0;
+ rv = 0;
/* Now remove any digests prepended to the BIO */
@@ -416,7 +420,7 @@
sarg.ndef_bio = tmpbio;
}
- return 1;
+ return rv;
}
@@ -486,9 +490,9 @@
if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
strcmp(hdr->value, "application/pkcs7-signature")) {
- sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
ASN1err(ASN1_F_SMIME_READ_ASN1,ASN1_R_SIG_INVALID_MIME_TYPE);
ERR_add_error_data(2, "type: ", hdr->value);
+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
sk_BIO_pop_free(parts, BIO_vfree);
return NULL;
}
@@ -858,12 +862,17 @@
static int mime_hdr_cmp(const MIME_HEADER * const *a,
const MIME_HEADER * const *b)
{
+ if (!(*a)->name || !(*b)->name)
+ return !!(*a)->name - !!(*b)->name;
+
return(strcmp((*a)->name, (*b)->name));
}
static int mime_param_cmp(const MIME_PARAM * const *a,
const MIME_PARAM * const *b)
{
+ if (!(*a)->param_name || !(*b)->param_name)
+ return !!(*a)->param_name - !!(*b)->param_name;
return(strcmp((*a)->param_name, (*b)->param_name));
}
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
index 49be08b..d7c2318 100644
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -399,8 +399,7 @@
/* If type not in bitmask just copy string across */
if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON))
{
- out->type = in->type;
- if (!ASN1_STRING_set(out, in->data, in->length))
+ if (!ASN1_STRING_copy(out, in))
return 0;
return 1;
}
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index d42b6a2..627ec87 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -171,7 +171,16 @@
goto error;
}
- key->pkey = ret;
+ /* Check to see if another thread set key->pkey first */
+ CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+ if (key->pkey)
+ {
+ EVP_PKEY_free(ret);
+ ret = key->pkey;
+ }
+ else
+ key->pkey = ret;
+ CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
return ret;
diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
index ab47abc..3c39d18 100644
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -146,6 +146,7 @@
/* #endif */
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
+#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
* MTU. want to use this
diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index 71ebe98..ad9c372 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -547,6 +547,27 @@
ret = 0;
#endif
break;
+ case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
+ switch (data->peer.sa.sa_family)
+ {
+ case AF_INET:
+ ret = 576 - 20 - 8;
+ break;
+#if OPENSSL_USE_IPV6
+ case AF_INET6:
+#ifdef IN6_IS_ADDR_V4MAPPED
+ if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
+ ret = 576 - 20 - 8;
+ else
+#endif
+ ret = 1280 - 40 - 8;
+ break;
+#endif
+ default:
+ ret = 576 - 20 - 8;
+ break;
+ }
+ break;
case BIO_CTRL_DGRAM_GET_MTU:
return data->mtu;
break;
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index 52f4ca3..5a715ac 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -79,8 +79,6 @@
unsigned char digest_res[HASH_MAX_LEN];
char *mac_data;
int mac_len;
-
- int copy;
#endif
};
@@ -200,6 +198,7 @@
if ((fd = open_dev_crypto()) == -1)
return (-1);
+#ifndef CRIOGET_NOT_NEEDED
if (ioctl(fd, CRIOGET, &retfd) == -1)
return (-1);
@@ -208,9 +207,19 @@
close(retfd);
return (-1);
}
+#else
+ retfd = fd;
+#endif
return (retfd);
}
+static void put_dev_crypto(int fd)
+{
+#ifndef CRIOGET_NOT_NEEDED
+ close(fd);
+#endif
+}
+
/* Caching version for asym operations */
static int
get_asym_dev_crypto(void)
@@ -252,7 +261,7 @@
ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
nids[count++] = ciphers[i].nid;
}
- close(fd);
+ put_dev_crypto(fd);
if (count > 0)
*cnids = nids;
@@ -291,7 +300,7 @@
ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
nids[count++] = digests[i].nid;
}
- close(fd);
+ put_dev_crypto(fd);
if (count > 0)
*cnids = nids;
@@ -436,7 +445,7 @@
sess->cipher = cipher;
if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
return (0);
}
@@ -473,7 +482,7 @@
} else {
ret = 1;
}
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
return (ret);
@@ -686,7 +695,7 @@
sess->mac = digest;
if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
printf("cryptodev_digest_init: Open session failed\n");
return (0);
@@ -758,14 +767,12 @@
if (! (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) ) {
/* if application doesn't support one buffer */
memset(&cryp, 0, sizeof(cryp));
-
cryp.ses = sess->ses;
cryp.flags = 0;
cryp.len = state->mac_len;
cryp.src = state->mac_data;
cryp.dst = NULL;
cryp.mac = (caddr_t)md;
-
if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
printf("cryptodev_digest_final: digest failed\n");
return (0);
@@ -786,6 +793,9 @@
struct dev_crypto_state *state = ctx->md_data;
struct session_op *sess = &state->d_sess;
+ if (state == NULL)
+ return 0;
+
if (state->d_fd < 0) {
printf("cryptodev_digest_cleanup: illegal input\n");
return (0);
@@ -797,16 +807,13 @@
state->mac_len = 0;
}
- if (state->copy)
- return 1;
-
if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
printf("cryptodev_digest_cleanup: failed to close session\n");
ret = 0;
} else {
ret = 1;
}
- close(state->d_fd);
+ put_dev_crypto(state->d_fd);
state->d_fd = -1;
return (ret);
@@ -816,15 +823,39 @@
{
struct dev_crypto_state *fstate = from->md_data;
struct dev_crypto_state *dstate = to->md_data;
+ struct session_op *sess;
+ int digest;
- memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
+ if (dstate == NULL || fstate == NULL)
+ return 1;
- if (fstate->mac_len != 0) {
- dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
- memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
+ memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
+
+ sess = &dstate->d_sess;
+
+ digest = digest_nid_to_cryptodev(to->digest->type);
+
+ sess->mackey = dstate->dummy_mac_key;
+ sess->mackeylen = digest_key_length(to->digest->type);
+ sess->mac = digest;
+
+ dstate->d_fd = get_dev_crypto();
+
+ if (ioctl(dstate->d_fd, CIOCGSESSION, sess) < 0) {
+ put_dev_crypto(dstate->d_fd);
+ dstate->d_fd = -1;
+ printf("cryptodev_digest_init: Open session failed\n");
+ return (0);
}
- dstate->copy = 1;
+ if (fstate->mac_len != 0) {
+ if (fstate->mac_data != NULL)
+ {
+ dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
+ memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
+ dstate->mac_len = fstate->mac_len;
+ }
+ }
return 1;
}
@@ -1347,11 +1378,11 @@
* find out what asymmetric crypto algorithms we support
*/
if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
- close(fd);
+ put_dev_crypto(fd);
ENGINE_free(engine);
return;
}
- close(fd);
+ put_dev_crypto(fd);
if (!ENGINE_set_id(engine, "cryptodev") ||
!ENGINE_set_name(engine, "BSD cryptodev engine") ||
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index a368f6f..66a6d0d 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x1000007fL
+#define OPENSSL_VERSION_NUMBER 0x1000008fL
#ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0g-fips 18 Jan 2012"
+#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0h-fips 12 Mar 2012"
#else
-#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0g 18 Jan 2012"
+#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0h 12 Mar 2012"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
index e47116b..674da3b 100755
--- a/crypto/perlasm/x86_64-xlate.pl
+++ b/crypto/perlasm/x86_64-xlate.pl
@@ -555,7 +555,8 @@
$v.=" READONLY";
$v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref);
} elsif ($line=~/\.CRT\$/i) {
- $v.=" READONLY DWORD";
+ $v.=" READONLY ";
+ $v.=$masm>=$masmref ? "ALIGN(8)" : "DWORD";
}
}
$current_segment = $line;
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index 292cc3e..206b1b0 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -167,7 +167,7 @@
if (cert && *cert)
X509_free(*cert);
if (x)
- X509_free(*cert);
+ X509_free(x);
if (ocerts)
sk_X509_pop_free(ocerts, X509_free);
return 0;
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 3bf1a36..e4b095e 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -204,11 +204,11 @@
unsigned char *ek = NULL;
size_t eklen;
- int ret = 0;
+ int ret = -1;
pctx = EVP_PKEY_CTX_new(pkey, NULL);
if (!pctx)
- return 0;
+ return -1;
if (EVP_PKEY_decrypt_init(pctx) <= 0)
goto err;
@@ -235,12 +235,19 @@
if (EVP_PKEY_decrypt(pctx, ek, &eklen,
ri->enc_key->data, ri->enc_key->length) <= 0)
{
+ ret = 0;
PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
goto err;
}
ret = 1;
+ if (*pek)
+ {
+ OPENSSL_cleanse(*pek, *peklen);
+ OPENSSL_free(*pek);
+ }
+
*pek = ek;
*peklen = eklen;
@@ -500,8 +507,8 @@
int max;
X509_OBJECT ret;
#endif
- unsigned char *ek = NULL;
- int eklen;
+ unsigned char *ek = NULL, *tkey = NULL;
+ int eklen, tkeylen;
if ((etmp=BIO_new(BIO_f_cipher())) == NULL)
{
@@ -534,29 +541,28 @@
}
/* If we haven't got a certificate try each ri in turn */
-
if (pcert == NULL)
{
+ /* Always attempt to decrypt all rinfo even
+ * after sucess as a defence against MMA timing
+ * attacks.
+ */
for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
{
ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
+
if (pkcs7_decrypt_rinfo(&ek, &eklen,
- ri, pkey) > 0)
- break;
+ ri, pkey) < 0)
+ goto err;
ERR_clear_error();
- ri = NULL;
- }
- if (ri == NULL)
- {
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_NO_RECIPIENT_MATCHES_KEY);
- goto err;
}
}
else
{
- if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) <= 0)
+ /* Only exit on fatal errors, not decrypt failure */
+ if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
goto err;
+ ERR_clear_error();
}
evp_ctx=NULL;
@@ -565,6 +571,19 @@
goto err;
if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
goto err;
+ /* Generate random key as MMA defence */
+ tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);
+ tkey = OPENSSL_malloc(tkeylen);
+ if (!tkey)
+ goto err;
+ if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
+ goto err;
+ if (ek == NULL)
+ {
+ ek = tkey;
+ eklen = tkeylen;
+ tkey = NULL;
+ }
if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
/* Some S/MIME clients don't use the same key
@@ -573,11 +592,16 @@
*/
if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen))
{
- PKCS7err(PKCS7_F_PKCS7_DATADECODE,
- PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH);
- goto err;
+ /* Use random key as MMA defence */
+ OPENSSL_cleanse(ek, eklen);
+ OPENSSL_free(ek);
+ ek = tkey;
+ eklen = tkeylen;
+ tkey = NULL;
}
}
+ /* Clear errors so we don't leak information useful in MMA */
+ ERR_clear_error();
if (EVP_CipherInit_ex(evp_ctx,NULL,NULL,ek,NULL,0) <= 0)
goto err;
@@ -586,6 +610,11 @@
OPENSSL_cleanse(ek,eklen);
OPENSSL_free(ek);
}
+ if (tkey)
+ {
+ OPENSSL_cleanse(tkey,tkeylen);
+ OPENSSL_free(tkey);
+ }
if (out == NULL)
out=etmp;
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index 86742d0..a5104f8 100644
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -573,15 +573,34 @@
return 0;
}
ret = SMIME_text(bread, data);
+ if (ret > 0 && BIO_method_type(tmpmem) == BIO_TYPE_CIPHER)
+ {
+ if (!BIO_get_cipher_status(tmpmem))
+ ret = 0;
+ }
BIO_free_all(bread);
return ret;
} else {
for(;;) {
i = BIO_read(tmpmem, buf, sizeof(buf));
- if(i <= 0) break;
- BIO_write(data, buf, i);
+ if(i <= 0)
+ {
+ ret = 1;
+ if (BIO_method_type(tmpmem) == BIO_TYPE_CIPHER)
+ {
+ if (!BIO_get_cipher_status(tmpmem))
+ ret = 0;
+ }
+
+ break;
+ }
+ if (BIO_write(data, buf, i) != i)
+ {
+ ret = 0;
+ break;
+ }
}
BIO_free_all(tmpmem);
- return 1;
+ return ret;
}
}
diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
index b05cbf3..7165cb4 100644
--- a/crypto/ui/ui_openssl.c
+++ b/crypto/ui/ui_openssl.c
@@ -122,7 +122,7 @@
* sigaction and fileno included. -pedantic would be more appropriate for
* the intended purposes, but we can't prevent users from adding -ansi.
*/
-#ifndef _POSIX_C_SOURCE
+#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
#define _POSIX_C_SOURCE 2
#endif
#include <signal.h>
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 701ec56..b0779db 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -153,7 +153,6 @@
int X509_verify_cert(X509_STORE_CTX *ctx)
{
X509 *x,*xtmp,*chain_ss=NULL;
- X509_NAME *xn;
int bad_chain = 0;
X509_VERIFY_PARAM *param = ctx->param;
int depth,i,ok=0;
@@ -205,7 +204,6 @@
*/
/* If we are self signed, we break */
- xn=X509_get_issuer_name(x);
if (ctx->check_issued(ctx, x,x)) break;
/* If we were passed a cert chain, use it first */
@@ -242,7 +240,6 @@
i=sk_X509_num(ctx->chain);
x=sk_X509_value(ctx->chain,i-1);
- xn = X509_get_subject_name(x);
if (ctx->check_issued(ctx, x, x))
{
/* we have a self signed certificate */
@@ -291,7 +288,6 @@
if (depth < num) break;
/* If we are self signed, we break */
- xn=X509_get_issuer_name(x);
if (ctx->check_issued(ctx,x,x)) break;
ok = ctx->get_issuer(&xtmp, ctx, x);
@@ -310,7 +306,6 @@
}
/* we now have our chain, lets check it... */
- xn=X509_get_issuer_name(x);
/* Is last certificate looked up self signed? */
if (!ctx->check_issued(ctx,x,x))
diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
index 3f434c0..1587e8e 100644
--- a/crypto/x509v3/v3_asid.c
+++ b/crypto/x509v3/v3_asid.c
@@ -358,6 +358,20 @@
goto done;
}
+ /*
+ * Check for inverted range.
+ */
+ i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1;
+ {
+ ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+ ASN1_INTEGER *a_min, *a_max;
+ if (a != NULL && a->type == ASIdOrRange_range) {
+ extract_min_max(a, &a_min, &a_max);
+ if (ASN1_INTEGER_cmp(a_min, a_max) > 0)
+ goto done;
+ }
+ }
+
ret = 1;
done:
@@ -392,9 +406,18 @@
return 1;
/*
- * We have a list. Sort it.
+ * If not a list, or if empty list, it's broken.
*/
- OPENSSL_assert(choice->type == ASIdentifierChoice_asIdsOrRanges);
+ if (choice->type != ASIdentifierChoice_asIdsOrRanges ||
+ sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0) {
+ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+ X509V3_R_EXTENSION_VALUE_ERROR);
+ return 0;
+ }
+
+ /*
+ * We have a non-empty list. Sort it.
+ */
sk_ASIdOrRange_sort(choice->u.asIdsOrRanges);
/*
@@ -415,6 +438,13 @@
OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0);
/*
+ * Punt inverted ranges.
+ */
+ if (ASN1_INTEGER_cmp(a_min, a_max) > 0 ||
+ ASN1_INTEGER_cmp(b_min, b_max) > 0)
+ goto done;
+
+ /*
* Check for overlaps.
*/
if (ASN1_INTEGER_cmp(a_max, b_min) >= 0) {
@@ -465,12 +495,26 @@
break;
}
ASIdOrRange_free(b);
- sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1);
+ (void) sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1);
i--;
continue;
}
}
+ /*
+ * Check for final inverted range.
+ */
+ i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1;
+ {
+ ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+ ASN1_INTEGER *a_min, *a_max;
+ if (a != NULL && a->type == ASIdOrRange_range) {
+ extract_min_max(a, &a_min, &a_max);
+ if (ASN1_INTEGER_cmp(a_min, a_max) > 0)
+ goto done;
+ }
+ }
+
OPENSSL_assert(ASIdentifierChoice_is_canonical(choice)); /* Paranoia */
ret = 1;
@@ -498,6 +542,7 @@
struct v3_ext_ctx *ctx,
STACK_OF(CONF_VALUE) *values)
{
+ ASN1_INTEGER *min = NULL, *max = NULL;
ASIdentifiers *asid = NULL;
int i;
@@ -508,7 +553,6 @@
for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
- ASN1_INTEGER *min = NULL, *max = NULL;
int i1, i2, i3, is_range, which;
/*
@@ -578,18 +622,19 @@
max = s2i_ASN1_INTEGER(NULL, s + i2);
OPENSSL_free(s);
if (min == NULL || max == NULL) {
- ASN1_INTEGER_free(min);
- ASN1_INTEGER_free(max);
X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
goto err;
}
+ if (ASN1_INTEGER_cmp(min, max) > 0) {
+ X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_EXTENSION_VALUE_ERROR);
+ goto err;
+ }
}
if (!v3_asid_add_id_or_range(asid, which, min, max)) {
- ASN1_INTEGER_free(min);
- ASN1_INTEGER_free(max);
X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
goto err;
}
+ min = max = NULL;
}
/*
@@ -601,6 +646,8 @@
err:
ASIdentifiers_free(asid);
+ ASN1_INTEGER_free(min);
+ ASN1_INTEGER_free(max);
return NULL;
}
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index ab47abc..3c39d18 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -146,6 +146,7 @@
/* #endif */
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
+#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
* MTU. want to use this
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
index a368f6f..66a6d0d 100644
--- a/include/openssl/opensslv.h
+++ b/include/openssl/opensslv.h
@@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x1000007fL
+#define OPENSSL_VERSION_NUMBER 0x1000008fL
#ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0g-fips 18 Jan 2012"
+#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0h-fips 12 Mar 2012"
#else
-#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0g 18 Jan 2012"
+#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0h 12 Mar 2012"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index a0a7e0c..d88d22d 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1900,6 +1900,7 @@
#define SSL_F_DTLS1_ACCEPT 246
#define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
#define SSL_F_DTLS1_BUFFER_RECORD 247
+#define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 305
#define SSL_F_DTLS1_CLIENT_HELLO 248
#define SSL_F_DTLS1_CONNECT 249
#define SSL_F_DTLS1_ENC 250
diff --git a/openssl.config b/openssl.config
index d5a2677..02b91fd 100644
--- a/openssl.config
+++ b/openssl.config
@@ -104,8 +104,6 @@
crypto/ecdh/Makefile \
crypto/ecdsa/Makefile \
crypto/engine/Makefile \
-crypto/engine/tb_asnmth.c \
-crypto/engine/tb_pkmeth.c \
crypto/err/Makefile \
crypto/evp/Makefile \
crypto/evp/m_md2.c \
diff --git a/openssl.version b/openssl.version
index 8095718..a535da9 100644
--- a/openssl.version
+++ b/openssl.version
@@ -1,2 +1,2 @@
# also update ThirdPartyProject.prop
-OPENSSL_VERSION=1.0.0g
+OPENSSL_VERSION=1.0.0h
diff --git a/patches/crypto_Android.mk b/patches/crypto_Android.mk
index 6f09fa5..bde68fc 100644
--- a/patches/crypto_Android.mk
+++ b/patches/crypto_Android.mk
@@ -249,6 +249,28 @@
ecdsa/ecs_ossl.c \
ecdsa/ecs_sign.c \
ecdsa/ecs_vrf.c \
+ engine/eng_all.c \
+ engine/eng_cnf.c \
+ engine/eng_ctrl.c \
+ engine/eng_dyn.c \
+ engine/eng_err.c \
+ engine/eng_fat.c \
+ engine/eng_init.c \
+ engine/eng_lib.c \
+ engine/eng_list.c \
+ engine/eng_pkey.c \
+ engine/eng_table.c \
+ engine/tb_asnmth.c \
+ engine/tb_cipher.c \
+ engine/tb_dh.c \
+ engine/tb_digest.c \
+ engine/tb_dsa.c \
+ engine/tb_ecdh.c \
+ engine/tb_ecdsa.c \
+ engine/tb_pkmeth.c \
+ engine/tb_rand.c \
+ engine/tb_rsa.c \
+ engine/tb_store.c \
err/err.c \
err/err_all.c \
err/err_prn.c \
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 9f898d6..2f95880 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -227,14 +227,14 @@
unsigned int len, frag_off, mac_size, blocksize;
/* AHA! Figure out the MTU, and stick to the right size */
- if ( ! (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
+ if (s->d1->mtu < dtls1_min_mtu() && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
{
s->d1->mtu =
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
/* I've seen the kernel return bogus numbers when it doesn't know
* (initial write), so just make sure we have a reasonable number */
- if ( s->d1->mtu < dtls1_min_mtu())
+ if (s->d1->mtu < dtls1_min_mtu())
{
s->d1->mtu = 0;
s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 5776671..02fc704 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -260,7 +260,6 @@
if (ret <= 0) goto end;
else
{
- dtls1_stop_timer(s);
if (s->hit)
s->state=SSL3_ST_CR_FINISHED_A;
else
@@ -354,6 +353,7 @@
case SSL3_ST_CR_SRVR_DONE_B:
ret=ssl3_get_server_done(s);
if (ret <= 0) goto end;
+ dtls1_stop_timer(s);
if (s->s3->tmp.cert_req)
s->state=SSL3_ST_CW_CERT_A;
else
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index c3b77c8..8479932 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -381,6 +381,7 @@
void dtls1_stop_timer(SSL *s)
{
/* Reset everything */
+ memset(&(s->d1->timeout), 0, sizeof(struct dtls1_timeout_st));
memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
s->d1->timeout_duration = 1;
BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, &(s->d1->next_timeout));
@@ -388,10 +389,28 @@
dtls1_clear_record_buffer(s);
}
+int dtls1_check_timeout_num(SSL *s)
+ {
+ s->d1->timeout.num_alerts++;
+
+ /* Reduce MTU after 2 unsuccessful retransmissions */
+ if (s->d1->timeout.num_alerts > 2)
+ {
+ s->d1->mtu = BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);
+ }
+
+ if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT)
+ {
+ /* fail the connection, enough alerts have been sent */
+ SSLerr(SSL_F_DTLS1_CHECK_TIMEOUT_NUM,SSL_R_READ_TIMEOUT_EXPIRED);
+ return -1;
+ }
+
+ return 0;
+ }
+
int dtls1_handle_timeout(SSL *s)
{
- DTLS1_STATE *state;
-
/* if no timer is expired, don't do anything */
if (!dtls1_is_timer_expired(s))
{
@@ -399,19 +418,14 @@
}
dtls1_double_timeout(s);
- state = s->d1;
- state->timeout.num_alerts++;
- if ( state->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT)
- {
- /* fail the connection, enough alerts have been sent */
- SSLerr(SSL_F_DTLS1_HANDLE_TIMEOUT,SSL_R_READ_TIMEOUT_EXPIRED);
- return -1;
- }
- state->timeout.read_timeouts++;
- if ( state->timeout.read_timeouts > DTLS1_TMO_READ_COUNT)
+ if (dtls1_check_timeout_num(s) < 0)
+ return -1;
+
+ s->d1->timeout.read_timeouts++;
+ if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT)
{
- state->timeout.read_timeouts = 1;
+ s->d1->timeout.read_timeouts = 1;
}
dtls1_start_timer(s);
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index b6266d8..7cc6973 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -179,7 +179,6 @@
static int dtls1_buffer_record(SSL *s, record_pqueue *q,
unsigned char *priority);
static int dtls1_process_record(SSL *s);
-static void dtls1_clear_timeouts(SSL *s);
/* copy buffered record into SSL structure */
static int
@@ -700,7 +699,6 @@
goto again; /* get another record */
}
- dtls1_clear_timeouts(s); /* done waiting */
return(1);
}
@@ -1170,6 +1168,9 @@
*/
if (msg_hdr.type == SSL3_MT_FINISHED)
{
+ if (dtls1_check_timeout_num(s) < 0)
+ return -1;
+
dtls1_retransmit_buffered_messages(s);
rr->length = 0;
goto start;
@@ -1794,10 +1795,3 @@
memset(seq, 0x00, seq_bytes);
}
-
-
-static void
-dtls1_clear_timeouts(SSL *s)
- {
- memset(&(s->d1->timeout), 0x00, sizeof(struct dtls1_timeout_st));
- }
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 149983b..17cc022 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -485,15 +485,16 @@
ret = ssl3_check_client_hello(s);
if (ret <= 0)
goto end;
- dtls1_stop_timer(s);
if (ret == 2)
+ {
+ dtls1_stop_timer(s);
s->state = SSL3_ST_SR_CLNT_HELLO_C;
+ }
else {
/* could be sent for a DH cert, even if we
* have not asked for it :-) */
ret=ssl3_get_client_certificate(s);
if (ret <= 0) goto end;
- dtls1_stop_timer(s);
s->init_num=0;
s->state=SSL3_ST_SR_KEY_EXCH_A;
}
@@ -503,7 +504,6 @@
case SSL3_ST_SR_KEY_EXCH_B:
ret=ssl3_get_client_key_exchange(s);
if (ret <= 0) goto end;
- dtls1_stop_timer(s);
s->state=SSL3_ST_SR_CERT_VRFY_A;
s->init_num=0;
@@ -540,7 +540,6 @@
/* we should decide if we expected this one */
ret=ssl3_get_cert_verify(s);
if (ret <= 0) goto end;
- dtls1_stop_timer(s);
s->state=SSL3_ST_SR_FINISHED_A;
s->init_num=0;
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 41e597f..ec28588 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -789,14 +789,6 @@
int ok;
long n;
- /* We only allow the client to restart the handshake once per
- * negotiation. */
- if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE)
- {
- SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO, SSL_R_MULTIPLE_SGC_RESTARTS);
- return -1;
- }
-
/* this function is called when we really expect a Certificate message,
* so permit appropriate message length */
n=s->method->ssl_get_message(s,
@@ -809,6 +801,13 @@
s->s3->tmp.reuse_message = 1;
if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
{
+ /* We only allow the client to restart the handshake once per
+ * negotiation. */
+ if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE)
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO, SSL_R_MULTIPLE_SGC_RESTARTS);
+ return -1;
+ }
/* Throw away what we have done so far in the current handshake,
* which will now be aborted. (A full SSL_clear would be too much.) */
#ifndef OPENSSL_NO_DH
diff --git a/ssl/ssl.h b/ssl/ssl.h
index a0a7e0c..d88d22d 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1900,6 +1900,7 @@
#define SSL_F_DTLS1_ACCEPT 246
#define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
#define SSL_F_DTLS1_BUFFER_RECORD 247
+#define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 305
#define SSL_F_DTLS1_CLIENT_HELLO 248
#define SSL_F_DTLS1_CONNECT 249
#define SSL_F_DTLS1_ENC 250
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 4fcd5c0..0b8c127 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -80,6 +80,7 @@
{ERR_FUNC(SSL_F_DTLS1_ACCEPT), "DTLS1_ACCEPT"},
{ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
{ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "DTLS1_BUFFER_RECORD"},
+{ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "DTLS1_CHECK_TIMEOUT_NUM"},
{ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO), "DTLS1_CLIENT_HELLO"},
{ERR_FUNC(SSL_F_DTLS1_CONNECT), "DTLS1_CONNECT"},
{ERR_FUNC(SSL_F_DTLS1_ENC), "DTLS1_ENC"},
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index a00bd13..c78ce64 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -944,6 +944,7 @@
void dtls1_reset_seq_numbers(SSL *s, int rw);
long dtls1_default_timeout(void);
struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
+int dtls1_check_timeout_num(SSL *s);
int dtls1_handle_timeout(SSL *s);
const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
void dtls1_start_timer(SSL *s);