Remove MS SGC
authorDr. Stephen Henson <steve@openssl.org>
Fri, 24 Oct 2014 01:36:13 +0000 (02:36 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 2 Jan 2015 22:56:54 +0000 (22:56 +0000)
MS Server gated cryptography is obsolete and dates from the time of export
restrictions on strong encryption and is only used by ancient versions of
MSIE.
Reviewed-by: Matt Caswell <matt@openssl.org>
doc/crypto/BIO_f_ssl.pod
doc/ssl/SSL_accept.pod
doc/ssl/SSL_do_handshake.pod
ssl/d1_srvr.c
ssl/s3_both.c
ssl/s3_srvr.c
ssl/ssl_locl.h

index bc5861a..a9f23f1 100644 (file)
@@ -108,7 +108,7 @@ SSL BIOs are exceptional in that if the underlying transport
 is non blocking they can still request a retry in exceptional
 circumstances. Specifically this will happen if a session
 renegotiation takes place during a BIO_read() operation, one
-case where this happens is when SGC or step up occurs.
+case where this happens is when step up occurs.
 
 In OpenSSL 0.9.6 and later the SSL flag SSL_AUTO_RETRY can be
 set to disable this behaviour. That is when this flag is set
index 2239444..89ad6bd 100644 (file)
@@ -21,10 +21,7 @@ B<ssl> by setting an underlying B<BIO>.
 The behaviour of SSL_accept() depends on the underlying BIO. 
 
 If the underlying BIO is B<blocking>, SSL_accept() will only return once the
-handshake has been finished or an error occurred, except for SGC (Server
-Gated Cryptography). For SGC, SSL_accept() may return with -1, but
-SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and SSL_accept()
-should be called again.
+handshake has been finished or an error occurred.
 
 If the underlying BIO is B<non-blocking>, SSL_accept() will also return
 when the underlying BIO could not satisfy the needs of SSL_accept()
index b35ddf5..8b590c9 100644 (file)
@@ -23,10 +23,7 @@ L<SSL_set_accept_state(3)|SSL_set_accept_state(3)>.
 The behaviour of SSL_do_handshake() depends on the underlying BIO.
 
 If the underlying BIO is B<blocking>, SSL_do_handshake() will only return
-once the handshake has been finished or an error occurred, except for SGC
-(Server Gated Cryptography). For SGC, SSL_do_handshake() may return with -1,
-but SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and
-SSL_do_handshake() should be called again.
+once the handshake has been finished or an error occurred.
 
 If the underlying BIO is B<non-blocking>, SSL_do_handshake() will also return
 when the underlying BIO could not satisfy the needs of SSL_do_handshake()
index 0cdc51b..bcadd31 100644 (file)
@@ -610,24 +610,13 @@ int dtls1_accept(SSL *s)
 
                case SSL3_ST_SR_CERT_A:
                case SSL3_ST_SR_CERT_B:
-                       /* Check for second client hello (MS SGC) */
-                       ret = ssl3_check_client_hello(s);
-                       if (ret <= 0)
-                               goto end;
-                       if (ret == 2)
+                       if (s->s3->tmp.cert_request)
                                {
-                               dtls1_stop_timer(s);
-                               s->state = SSL3_ST_SR_CLNT_HELLO_C;
+                               ret=ssl3_get_client_certificate(s);
+                               if (ret <= 0) goto end;
                                }
-                       else {
-                               if (s->s3->tmp.cert_request)
-                                       {
-                                       ret=ssl3_get_client_certificate(s);
-                                       if (ret <= 0) goto end;
-                                       }
-                               s->init_num=0;
-                               s->state=SSL3_ST_SR_KEY_EXCH_A;
-                       }
+                       s->init_num=0;
+                       s->state=SSL3_ST_SR_KEY_EXCH_A;
                        break;
 
                case SSL3_ST_SR_KEY_EXCH_A:
index 6c0fb37..845c803 100644 (file)
@@ -412,17 +412,6 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
                        SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
                        goto f_err;
                        }
-               if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
-                                       (st1 == SSL3_ST_SR_CERT_A) &&
-                                       (stn == SSL3_ST_SR_CERT_B))
-                       {
-                       /* At this point we have got an MS SGC second client
-                        * hello (maybe we should always allow the client to
-                        * start a new handshake?). We need to restart the mac.
-                        * Don't increment {num,total}_renegotiations because
-                        * we have not completed the handshake. */
-                       ssl3_init_finished_mac(s);
-                       }
 
                s->s3->tmp.message_type= *(p++);
 
index a308577..6c0bdcf 100644 (file)
@@ -308,7 +308,6 @@ int ssl3_accept(SSL *s)
                                }
 
                        s->init_num=0;
-                       s->s3->flags &= ~SSL3_FLAGS_SGC_RESTART_DONE;
                        s->s3->flags &= ~TLS1_FLAGS_SKIP_CERT_VERIFY;
                        s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
                        /* Should have been reset by ssl3_get_finished, too. */
@@ -592,21 +591,13 @@ int ssl3_accept(SSL *s)
 
                case SSL3_ST_SR_CERT_A:
                case SSL3_ST_SR_CERT_B:
-                       /* Check for second client hello (MS SGC) */
-                       ret = ssl3_check_client_hello(s);
-                       if (ret <= 0)
-                               goto end;
-                       if (ret == 2)
-                               s->state = SSL3_ST_SR_CLNT_HELLO_C;
-                       else {
-                               if (s->s3->tmp.cert_request)
-                                       {
-                                       ret=ssl3_get_client_certificate(s);
-                                       if (ret <= 0) goto end;
-                                       }
-                               s->init_num=0;
-                               s->state=SSL3_ST_SR_KEY_EXCH_A;
-                       }
+                       if (s->s3->tmp.cert_request)
+                               {
+                               ret=ssl3_get_client_certificate(s);
+                               if (ret <= 0) goto end;
+                               }
+                       s->init_num=0;
+                       s->state=SSL3_ST_SR_KEY_EXCH_A;
                        break;
 
                case SSL3_ST_SR_KEY_EXCH_A:
@@ -907,52 +898,6 @@ int ssl3_send_hello_request(SSL *s)
        return ssl_do_write(s);
        }
 
-int ssl3_check_client_hello(SSL *s)
-       {
-       int ok;
-       long n;
-
-       /* this function is called when we really expect a Certificate message,
-        * so permit appropriate message length */
-       n=s->method->ssl_get_message(s,
-               SSL3_ST_SR_CERT_A,
-               SSL3_ST_SR_CERT_B,
-               -1,
-               s->max_cert_list,
-               &ok);
-       if (!ok) return((int)n);
-       s->s3->tmp.reuse_message = 1;
-       if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
-               {
-               /* We only allow the client to restart the handshake once per
-                * negotiation. */
-               if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE)
-                       {
-                       SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO, SSL_R_MULTIPLE_SGC_RESTARTS);
-                       return -1;
-                       }
-               /* Throw away what we have done so far in the current handshake,
-                * which will now be aborted. (A full SSL_clear would be too much.) */
-#ifndef OPENSSL_NO_DH
-               if (s->s3->tmp.dh != NULL)
-                       {
-                       DH_free(s->s3->tmp.dh);
-                       s->s3->tmp.dh = NULL;
-                       }
-#endif
-#ifndef OPENSSL_NO_ECDH
-               if (s->s3->tmp.ecdh != NULL)
-                       {
-                       EC_KEY_free(s->s3->tmp.ecdh);
-                       s->s3->tmp.ecdh = NULL;
-                       }
-#endif
-               s->s3->flags |= SSL3_FLAGS_SGC_RESTART_DONE;
-               return 2;
-               }
-       return 1;
-}
-
 int ssl3_get_client_hello(SSL *s)
        {
        int i,j,ok,al=SSL_AD_INTERNAL_ERROR,ret= -1;
index facfec5..33a55fe 100644 (file)
@@ -1185,7 +1185,6 @@ int ssl3_send_hello_request(SSL *s);
 int ssl3_send_server_key_exchange(SSL *s);
 int ssl3_send_certificate_request(SSL *s);
 int ssl3_send_server_done(SSL *s);
-int ssl3_check_client_hello(SSL *s);
 int ssl3_get_client_certificate(SSL *s);
 int ssl3_get_client_key_exchange(SSL *s);
 int ssl3_get_cert_verify(SSL *s);