Add Kerberos fix which was in 0.9.8-stable but never committed to HEAD and

1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos
ciphersuite bugs introduced with PR:1336."

diff --git a/apps/verify.c b/apps/verify.c
index 4fd6b192e34d6c1a983c0d38d415452e8aa93459..00242fb5ebe21e079cf09e98dbabdccac5d4f604 100644 (file)
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -350,6 +350,9 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
                        case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
                        ok = 1;
 
                        case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
                        ok = 1;
 

+                       case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
+                       ok = 1;
+

                        }
 
                return ok;
                        }
 
                return ok;

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index f84b9de0558da2df80cb56ccd35a12af5c850978..3f87da58c027650d7c88fc1a7e84bd26fec25e30 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -981,7 +981,9 @@ int ssl3_get_server_certificate(SSL *s)
 
        if (!ok) return((int)n);
 
 
        if (!ok) return((int)n);
 

-       if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
+       if ((s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) ||
+               ((s->s3->tmp.new_cipher->algorithms & SSL_aKRB5) && 
+               (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)))

                {
                s->s3->tmp.reuse_message=1;
                return(1);
                {
                s->s3->tmp.reuse_message=1;
                return(1);


@@ -2868,13 +2870,6 @@ int ssl3_check_cert_and_algorithm(SSL *s)
        DH *dh;
 #endif
 
        DH *dh;
 #endif
 

-       sc=s->session->sess_cert;
-       if (sc == NULL)
-               {
-               SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
-               goto err;
-               }
-

        alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
        alg_a=s->s3->tmp.new_cipher->algorithm_auth;
 
        alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
        alg_a=s->s3->tmp.new_cipher->algorithm_auth;
 


@@ -2882,6 +2877,13 @@ int ssl3_check_cert_and_algorithm(SSL *s)
        if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
                return(1);
 
        if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
                return(1);
 

+       sc=s->session->sess_cert;
+       if (sc == NULL)
+               {
+               SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
+               goto err;
+               }
+

 #ifndef OPENSSL_NO_RSA
        rsa=s->session->sess_cert->peer_rsa_tmp;
 #endif
 #ifndef OPENSSL_NO_RSA
        rsa=s->session->sess_cert->peer_rsa_tmp;
 #endif

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 297f79fc1e7fa3ed62493520bcddf339969de0ac..92f73b668102828da9d3dfea2f977a4f7159c494 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2286,7 +2286,7 @@ int ssl3_get_client_key_exchange(SSL *s)
                                SSL_R_DATA_LENGTH_TOO_LONG);
                        goto err;
                        }
                                SSL_R_DATA_LENGTH_TOO_LONG);
                        goto err;
                        }

-               if (!((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
+               if (!((pms[0] == (s->client_version>>8)) && (pms[1] == (s->client_version & 0xff))))

                    {
                    /* The premaster secret must contain the same version number as the
                     * ClientHello to detect version rollback attacks (strangely, the
                    {
                    /* The premaster secret must contain the same version number as the
                     * ClientHello to detect version rollback attacks (strangely, the


@@ -2296,8 +2296,7 @@ int ssl3_get_client_key_exchange(SSL *s)
                     * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. 
                     * (Perhaps we should have a separate BUG value for the Kerberos cipher)
                     */
                     * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. 
                     * (Perhaps we should have a separate BUG value for the Kerberos cipher)
                     */

-                   if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
-                          (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
+                   if (!(s->options & SSL_OP_TLS_ROLLBACK_BUG))

                        {
                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
                               SSL_AD_DECODE_ERROR);
                        {
                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
                               SSL_AD_DECODE_ERROR);