X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs3_lib.c;h=3bc5ce952ad329454759bd207c08603b750c1f55;hp=248bb94df843f63748113c82571c362e9b5a199a;hb=74ecfab401fe65d23d9b297bf396efca3e419e47;hpb=156421a2af4d1295a4c188019bfe2f76af6ec895 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 248bb94df8..3bc5ce952a 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -152,11 +152,6 @@ #include #include "ssl_locl.h" #include "kssl_lcl.h" -#ifndef OPENSSL_NO_TLSEXT -#ifndef OPENSSL_NO_EC -#include "../crypto/ec/ec_lcl.h" -#endif /* OPENSSL_NO_EC */ -#endif /* OPENSSL_NO_TLSEXT */ #include #ifndef OPENSSL_NO_DH #include @@ -1081,7 +1076,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_eNULL, SSL_SHA256, - SSL_SSLV3, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 0, @@ -1097,7 +1092,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1113,7 +1108,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1125,11 +1120,11 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 1, TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, TLS1_CK_DH_DSS_WITH_AES_128_SHA256, - SSL_kDHr, + SSL_kDHd, SSL_aDH, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1145,7 +1140,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDH, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1161,7 +1156,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDSS, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1395,7 +1390,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1407,11 +1402,11 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 1, TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, TLS1_CK_DH_DSS_WITH_AES_256_SHA256, - SSL_kDHr, + SSL_kDHd, SSL_aDH, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1427,7 +1422,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDH, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1443,7 +1438,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aDSS, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1459,7 +1454,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aRSA, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1475,7 +1470,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aNULL, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, @@ -1491,7 +1486,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_aNULL, SSL_AES256, SSL_SHA256, - SSL_TLSV1, + SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, @@ -1958,7 +1953,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 1, TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, - SSL_kDHr, + SSL_kDHd, SSL_aDH, SSL_AES128GCM, SSL_AEAD, @@ -1974,7 +1969,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 1, TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, - SSL_kDHr, + SSL_kDHd, SSL_aDH, SSL_AES256GCM, SSL_AEAD, @@ -2669,7 +2664,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 1, TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, - SSL_kECDHe, + SSL_kECDHr, SSL_aECDH, SSL_AES128, SSL_SHA256, @@ -2685,7 +2680,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 1, TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, - SSL_kECDHe, + SSL_kECDHr, SSL_aECDH, SSL_AES256, SSL_SHA384, @@ -2799,7 +2794,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 1, TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, - SSL_kECDHe, + SSL_kECDHr, SSL_aECDH, SSL_AES128GCM, SSL_AEAD, @@ -2815,7 +2810,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 1, TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, - SSL_kECDHe, + SSL_kECDHr, SSL_aECDH, SSL_AES256GCM, SSL_AEAD, @@ -2993,6 +2988,10 @@ void ssl3_free(SSL *s) if (s->s3->handshake_dgst) ssl3_free_digest_list(s); #ifndef OPENSSL_NO_SRP SSL_SRP_CTX_free(s); +#endif +#ifndef OPENSSL_NO_TLSEXT + if (s->s3->tlsext_authz_client_types != NULL) + OPENSSL_free(s->s3->tlsext_authz_client_types); #endif OPENSSL_cleanse(s->s3,sizeof *s->s3); OPENSSL_free(s->s3); @@ -3037,6 +3036,13 @@ void ssl3_clear(SSL *s) s->s3->tmp.ecdh = NULL; } #endif +#ifndef OPENSSL_NO_TLSEXT + if (s->s3->tlsext_authz_client_types != NULL) + { + OPENSSL_free(s->s3->tlsext_authz_client_types); + s->s3->tlsext_authz_client_types = NULL; + } +#endif rp = s->s3->rbuf.buf; wp = s->s3->wbuf.buf; @@ -3083,6 +3089,8 @@ static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg) } #endif +static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len); + long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) { int ret=0; @@ -3365,7 +3373,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) else return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg); - case SSL_CTRL_GET_CURVELIST: + case SSL_CTRL_GET_CURVES: { unsigned char *clist; size_t clistlen; @@ -3391,6 +3399,65 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return (int)clistlen; } + case SSL_CTRL_SET_CURVES: + return tls1_set_curves(&s->tlsext_ellipticcurvelist, + &s->tlsext_ellipticcurvelist_length, + parg, larg); + + case SSL_CTRL_SET_CURVES_LIST: + return tls1_set_curves_list(&s->tlsext_ellipticcurvelist, + &s->tlsext_ellipticcurvelist_length, + parg); + + case SSL_CTRL_GET_SHARED_CURVE: + return tls1_shared_curve(s, larg); + + case SSL_CTRL_SET_ECDH_AUTO: + s->cert->ecdh_tmp_auto = larg; + break; + + case SSL_CTRL_SET_SIGALGS: + return tls1_set_sigalgs(s->cert, parg, larg, 0); + + case SSL_CTRL_SET_SIGALGS_LIST: + return tls1_set_sigalgs_list(s->cert, parg, 0); + + case SSL_CTRL_SET_CLIENT_SIGALGS: + return tls1_set_sigalgs(s->cert, parg, larg, 1); + + case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: + return tls1_set_sigalgs_list(s->cert, parg, 1); + + case SSL_CTRL_GET_CLIENT_CERT_TYPES: + { + const unsigned char **pctype = parg; + if (s->server || !s->s3->tmp.cert_req) + return 0; + if (s->cert->ctypes) + { + if (pctype) + *pctype = s->cert->ctypes; + return (int)s->cert->ctype_num; + } + if (pctype) + *pctype = (unsigned char *)s->s3->tmp.ctype; + return s->s3->tmp.ctype_num; + } + + case SSL_CTRL_SET_CLIENT_CERT_TYPES: + if (!s->server) + return 0; + return ssl3_set_req_cert_type(s->cert, parg, larg); + + case SSL_CTRL_BUILD_CERT_CHAIN: + return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg); + + case SSL_CTRL_SET_VERIFY_CERT_STORE: + return ssl_cert_set_cert_store(s->cert, parg, 0, larg); + + case SSL_CTRL_SET_CHAIN_CERT_STORE: + return ssl_cert_set_cert_store(s->cert, parg, 1, larg); + default: break; } @@ -3659,6 +3726,48 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) ctx->srp_ctx.strength=larg; break; #endif + + case SSL_CTRL_SET_CURVES: + return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, + &ctx->tlsext_ellipticcurvelist_length, + parg, larg); + + case SSL_CTRL_SET_CURVES_LIST: + return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist, + &ctx->tlsext_ellipticcurvelist_length, + parg); + case SSL_CTRL_SET_ECDH_AUTO: + ctx->cert->ecdh_tmp_auto = larg; + break; + + case SSL_CTRL_SET_SIGALGS: + return tls1_set_sigalgs(ctx->cert, parg, larg, 0); + + case SSL_CTRL_SET_SIGALGS_LIST: + return tls1_set_sigalgs_list(ctx->cert, parg, 0); + + case SSL_CTRL_SET_CLIENT_SIGALGS: + return tls1_set_sigalgs(ctx->cert, parg, larg, 1); + + case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: + return tls1_set_sigalgs_list(ctx->cert, parg, 1); + + case SSL_CTRL_SET_CLIENT_CERT_TYPES: + return ssl3_set_req_cert_type(ctx->cert, parg, larg); + + case SSL_CTRL_BUILD_CERT_CHAIN: + return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg); + + case SSL_CTRL_SET_VERIFY_CERT_STORE: + return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg); + + case SSL_CTRL_SET_CHAIN_CERT_STORE: + return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg); + + case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG: + ctx->tlsext_authz_server_audit_proof_cb_arg = parg; + break; + #endif /* !OPENSSL_NO_TLSEXT */ /* A Thawte special :-) */ @@ -3768,6 +3877,12 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp; break; #endif + + case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB: + ctx->tlsext_authz_server_audit_proof_cb = + (int (*)(SSL *, void *))fp; + break; + #endif case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB: { @@ -3820,11 +3935,6 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, SSL_CIPHER *c,*ret=NULL; STACK_OF(SSL_CIPHER) *prio, *allow; int i,ii,ok; -#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC) - unsigned int j; - int ec_ok, ec_nid; - unsigned char ec_search1 = 0, ec_search2 = 0; -#endif CERT *cert; unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a; @@ -3867,6 +3977,8 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, allow = srvr; } + tls1_set_cert_validity(s); + for (i=0; icert->pkeys[SSL_PKEY_ECC].x509 != NULL) - /* and the client specified a Supported Point Formats extension */ - && ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL)) - /* and our certificate's point is compressed */ - && ( - (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL) - && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL) - && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL) - && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL) - && ( - (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED) - || (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1) - ) - ) - ) - { - ec_ok = 0; - /* if our certificate's curve is over a field type that the client does not support - * then do not allow this cipher suite to be negotiated */ - if ( - (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) - && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL) - && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL) - && (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field) - ) - { - for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) - { - if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime) - { - ec_ok = 1; - break; - } - } - } - else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) - { - for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) - { - if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2) - { - ec_ok = 1; - break; - } - } - } - ok = ok && ec_ok; - } - if ( - /* if we are considering an ECC cipher suite that uses our certificate */ - (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) - /* and we have an ECC certificate */ - && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) - /* and the client specified an EllipticCurves extension */ - && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL)) - ) - { - ec_ok = 0; - if ( - (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) - && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL) - ) - { - ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group); - if ((ec_nid == 0) - && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL) - ) - { - if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field) - { - ec_search1 = 0xFF; - ec_search2 = 0x01; - } - else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) - { - ec_search1 = 0xFF; - ec_search2 = 0x02; - } - } - else - { - ec_search1 = 0x00; - ec_search2 = tls1_ec_nid2curve_id(ec_nid); - } - if ((ec_search1 != 0) || (ec_search2 != 0)) - { - for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) - { - if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2)) - { - ec_ok = 1; - break; - } - } - } - } - ok = ok && ec_ok; - } - if ( - /* if we are considering an ECC cipher suite that uses an ephemeral EC key */ - (alg_k & SSL_kEECDH) - /* and we have an ephemeral EC key */ - && (s->cert->ecdh_tmp != NULL) - /* and the client specified an EllipticCurves extension */ - && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL)) - ) - { - ec_ok = 0; - if (s->cert->ecdh_tmp->group != NULL) - { - ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group); - if ((ec_nid == 0) - && (s->cert->ecdh_tmp->group->meth != NULL) - ) - { - if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field) - { - ec_search1 = 0xFF; - ec_search2 = 0x01; - } - else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field) - { - ec_search1 = 0xFF; - ec_search2 = 0x02; - } - } - else - { - ec_search1 = 0x00; - ec_search2 = tls1_ec_nid2curve_id(ec_nid); - } - if ((ec_search1 != 0) || (ec_search2 != 0)) - { - for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) - { - if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2)) - { - ec_ok = 1; - break; - } - } - } - } - ok = ok && ec_ok; - } + /* if we are considering an ECC cipher suite that uses + * an ephemeral EC key check it */ + if (alg_k & SSL_kEECDH) + ok = ok && tls1_check_ec_tmp_key(s); #endif /* OPENSSL_NO_EC */ #endif /* OPENSSL_NO_TLSEXT */ @@ -4091,8 +4058,61 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, int ssl3_get_req_cert_type(SSL *s, unsigned char *p) { int ret=0; + const unsigned char *sig; + size_t siglen; + int have_rsa_sign = 0, have_dsa_sign = 0, have_ecdsa_sign = 0; + int nostrict = 1; unsigned long alg_k; + /* If we have custom certificate types set, use them */ + if (s->cert->ctypes) + { + memcpy(p, s->cert->ctypes, s->cert->ctype_num); + return (int)s->cert->ctype_num; + } + /* Else see if we have any signature algorithms configured */ + if (s->cert->client_sigalgs) + { + sig = s->cert->client_sigalgs; + siglen = s->cert->client_sigalgslen; + } + else + { + sig = s->cert->conf_sigalgs; + siglen = s->cert->conf_sigalgslen; + } + /* If we have sigalgs work out if we can sign with RSA, DSA, ECDSA */ + if (sig) + { + size_t i; + if (s->cert->cert_flags & SSL_CERT_FLAG_TLS_STRICT) + nostrict = 0; + for (i = 0; i < siglen; i+=2, sig+=2) + { + switch(sig[1]) + { + case TLSEXT_signature_rsa: + have_rsa_sign = 1; + break; + + case TLSEXT_signature_dsa: + have_dsa_sign = 1; + break; + + case TLSEXT_signature_ecdsa: + have_ecdsa_sign = 1; + break; + } + } + } + /* Otherwise allow anything */ + else + { + have_rsa_sign = 1; + have_dsa_sign = 1; + have_ecdsa_sign = 1; + } + alg_k = s->s3->tmp.new_cipher->algorithm_mkey; #ifndef OPENSSL_NO_GOST @@ -4111,10 +4131,15 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) if (alg_k & (SSL_kDHr|SSL_kEDH)) { # ifndef OPENSSL_NO_RSA - p[ret++]=SSL3_CT_RSA_FIXED_DH; + /* Since this refers to a certificate signed with an RSA + * algorithm, only check for rsa signing in strict mode. + */ + if (nostrict || have_rsa_sign) + p[ret++]=SSL3_CT_RSA_FIXED_DH; # endif # ifndef OPENSSL_NO_DSA - p[ret++]=SSL3_CT_DSS_FIXED_DH; + if (nostrict || have_dsa_sign) + p[ret++]=SSL3_CT_DSS_FIXED_DH; # endif } if ((s->version == SSL3_VERSION) && @@ -4129,16 +4154,20 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) } #endif /* !OPENSSL_NO_DH */ #ifndef OPENSSL_NO_RSA - p[ret++]=SSL3_CT_RSA_SIGN; + if (have_rsa_sign) + p[ret++]=SSL3_CT_RSA_SIGN; #endif #ifndef OPENSSL_NO_DSA - p[ret++]=SSL3_CT_DSS_SIGN; + if (have_dsa_sign) + p[ret++]=SSL3_CT_DSS_SIGN; #endif #ifndef OPENSSL_NO_ECDH if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { - p[ret++]=TLS_CT_RSA_FIXED_ECDH; - p[ret++]=TLS_CT_ECDSA_FIXED_ECDH; + if (nostrict || have_rsa_sign) + p[ret++]=TLS_CT_RSA_FIXED_ECDH; + if (nostrict || have_ecdsa_sign) + p[ret++]=TLS_CT_ECDSA_FIXED_ECDH; } #endif @@ -4148,12 +4177,32 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) */ if (s->version >= TLS1_VERSION) { - p[ret++]=TLS_CT_ECDSA_SIGN; + if (have_ecdsa_sign) + p[ret++]=TLS_CT_ECDSA_SIGN; } #endif return(ret); } +static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len) + { + if (c->ctypes) + { + OPENSSL_free(c->ctypes); + c->ctypes = NULL; + } + if (!p || !len) + return 1; + if (len > 0xff) + return 0; + c->ctypes = OPENSSL_malloc(len); + if (!c->ctypes) + return 0; + memcpy(c->ctypes, p, len); + c->ctype_num = len; + return 1; + } + int ssl3_shutdown(SSL *s) { int ret;