X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs3_lib.c;h=6504487c45ea428c832b05f047e04adb299a1d0e;hp=2f822bd6d1dfd76fa812573a03621e1cef613afa;hb=96208cb1821f92dd6e94c3aa2882bc9cc47904f9;hpb=889f39c70ffd2971de9bf076fa0c11bca49aa581 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 2f822bd6d1..6504487c45 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -162,7 +162,7 @@ const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT; #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) /* list of available SSLv3 ciphers (sorted by id) */ -OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ +OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[]={ /* The RSA ciphers */ /* Cipher 01 */ @@ -323,7 +323,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -372,7 +372,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -420,7 +420,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -428,7 +428,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ /* Cipher 11 */ { 1, - SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, + SSL3_TXT_DHE_DSS_DES_40_CBC_SHA, SSL3_CK_DHE_DSS_DES_40_CBC_SHA, SSL_kDHE, SSL_aDSS, @@ -444,7 +444,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ /* Cipher 12 */ { 1, - SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, + SSL3_TXT_DHE_DSS_DES_64_CBC_SHA, SSL3_CK_DHE_DSS_DES_64_CBC_SHA, SSL_kDHE, SSL_aDSS, @@ -460,7 +460,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ /* Cipher 13 */ { 1, - SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, + SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA, SSL3_CK_DHE_DSS_DES_192_CBC3_SHA, SSL_kDHE, SSL_aDSS, @@ -469,14 +469,14 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, /* Cipher 14 */ { 1, - SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, + SSL3_TXT_DHE_RSA_DES_40_CBC_SHA, SSL3_CK_DHE_RSA_DES_40_CBC_SHA, SSL_kDHE, SSL_aRSA, @@ -492,7 +492,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ /* Cipher 15 */ { 1, - SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, + SSL3_TXT_DHE_RSA_DES_64_CBC_SHA, SSL3_CK_DHE_RSA_DES_64_CBC_SHA, SSL_kDHE, SSL_aRSA, @@ -508,7 +508,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ /* Cipher 16 */ { 1, - SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, + SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA, SSL3_CK_DHE_RSA_DES_192_CBC3_SHA, SSL_kDHE, SSL_aRSA, @@ -517,7 +517,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -597,7 +597,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -682,7 +682,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -746,7 +746,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -1680,7 +1680,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2028,6 +2028,202 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ }, #endif +#ifndef OPENSSL_NO_CAMELLIA + /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ + + /* Cipher BA */ + { + 1, + TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kRSA, + SSL_aRSA, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128, + }, + + /* Cipher BB */ + { + 1, + TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kDHd, + SSL_aDH, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128, + }, + + /* Cipher BC */ + { + 1, + TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kDHr, + SSL_aDH, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128, + }, + + /* Cipher BD */ + { + 1, + TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kEDH, + SSL_aDSS, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128, + }, + + /* Cipher BE */ + { + 1, + TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kEDH, + SSL_aRSA, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128, + }, + + /* Cipher BF */ + { + 1, + TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kEDH, + SSL_aNULL, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128, + }, + + /* Cipher C0 */ + { + 1, + TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256, + TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256, + SSL_kRSA, + SSL_aRSA, + SSL_CAMELLIA256, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 256, + 256, + }, + + /* Cipher C1 */ + { + 1, + TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256, + TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256, + SSL_kDHd, + SSL_aDH, + SSL_CAMELLIA256, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 256, + 256, + }, + + /* Cipher C2 */ + { + 1, + TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256, + TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256, + SSL_kDHr, + SSL_aDH, + SSL_CAMELLIA256, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 256, + 256, + }, + + /* Cipher C3 */ + { + 1, + TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, + TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, + SSL_kEDH, + SSL_aDSS, + SSL_CAMELLIA256, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 256, + 256, + }, + + /* Cipher C4 */ + { + 1, + TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, + TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, + SSL_kEDH, + SSL_aRSA, + SSL_CAMELLIA256, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 256, + 256, + }, + + /* Cipher C5 */ + { + 1, + TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256, + TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256, + SSL_kEDH, + SSL_aNULL, + SSL_CAMELLIA256, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 256, + 256, + }, +#endif + #ifndef OPENSSL_NO_ECDH /* Cipher C001 */ { @@ -2073,7 +2269,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2153,7 +2349,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2233,7 +2429,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2313,7 +2509,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2393,7 +2589,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2437,13 +2633,13 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_3DES, SSL_SHA1, SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2459,7 +2655,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2475,7 +2671,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_TLSV1, SSL_NOT_EXP|SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - 168, + 112, 168, }, @@ -2485,7 +2681,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_AES128, SSL_SHA1, SSL_TLSV1, @@ -2533,7 +2729,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_AES256, SSL_SHA1, SSL_TLSV1, @@ -2837,6 +3033,127 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 256, }, +#ifndef OPENSSL_NO_CAMELLIA + { /* Cipher C072 */ + 1, + TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kECDHE, + SSL_aECDSA, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128 + }, + + { /* Cipher C073 */ + 1, + TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + SSL_kECDHE, + SSL_aECDSA, + SSL_CAMELLIA256, + SSL_SHA384, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 256, + 256 + }, + + { /* Cipher C074 */ + 1, + TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kECDHe, + SSL_aECDH, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128 + }, + + { /* Cipher C075 */ + 1, + TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + SSL_kECDHe, + SSL_aECDH, + SSL_CAMELLIA256, + SSL_SHA384, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 256, + 256 + }, + + { /* Cipher C076 */ + 1, + TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kECDHE, + SSL_aRSA, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128 + }, + + { /* Cipher C077 */ + 1, + TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, + TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, + SSL_kECDHE, + SSL_aRSA, + SSL_CAMELLIA256, + SSL_SHA384, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 256, + 256 + }, + + { /* Cipher C078 */ + 1, + TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kECDHr, + SSL_aECDH, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128 + }, + + { /* Cipher C079 */ + 1, + TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, + TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, + SSL_kECDHr, + SSL_aECDH, + SSL_CAMELLIA256, + SSL_SHA384, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 256, + 256 + }, +#endif /* OPENSSL_NO_CAMELLIA */ #endif /* OPENSSL_NO_ECDH */ @@ -2903,7 +3220,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ /* end of list */ }; -SSL3_ENC_METHOD SSLv3_enc_data={ +const SSL3_ENC_METHOD SSLv3_enc_data={ ssl3_enc, n_ssl3_mac, ssl3_setup_key_block, @@ -3029,8 +3346,8 @@ void ssl3_free(SSL *s) SSL_SRP_CTX_free(s); #endif #ifndef OPENSSL_NO_TLSEXT - if (s->s3->tlsext_custom_types != NULL) - OPENSSL_free(s->s3->tlsext_custom_types); + if (s->s3->serverinfo_client_tlsext_custom_types != NULL) + OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types); #endif OPENSSL_cleanse(s->s3,sizeof *s->s3); OPENSSL_free(s->s3); @@ -3076,12 +3393,12 @@ void ssl3_clear(SSL *s) } #endif #ifndef OPENSSL_NO_TLSEXT - if (s->s3->tlsext_custom_types != NULL) + if (s->s3->serverinfo_client_tlsext_custom_types != NULL) { - OPENSSL_free(s->s3->tlsext_custom_types); - s->s3->tlsext_custom_types = NULL; + OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types); + s->s3->serverinfo_client_tlsext_custom_types = NULL; } - s->s3->tlsext_custom_types_count = 0; + s->s3->serverinfo_client_tlsext_custom_types_count = 0; #ifndef OPENSSL_NO_EC s->s3->is_probably_safari = 0; #endif /* !OPENSSL_NO_EC */ @@ -3228,6 +3545,12 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); return(ret); } + if (!ssl_security(s, SSL_SECOP_TMP_DH, + DH_security_bits(dh), 0, dh)) + { + SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL); + return(ret); + } if ((dh = DHparams_dup(dh)) == NULL) { SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); @@ -3254,6 +3577,9 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return(ret); } break; + case SSL_CTRL_SET_DH_AUTO: + s->cert->dh_tmp_auto = larg; + return 1; #endif #ifndef OPENSSL_NO_ECDH case SSL_CTRL_SET_TMP_ECDH: @@ -3412,17 +3738,17 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_CHAIN: if (larg) - return ssl_cert_set1_chain(s->cert, + return ssl_cert_set1_chain(s, NULL, (STACK_OF (X509) *)parg); else - return ssl_cert_set0_chain(s->cert, + return ssl_cert_set0_chain(s, NULL, (STACK_OF (X509) *)parg); case SSL_CTRL_CHAIN_CERT: if (larg) - return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg); + return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg); else - return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg); + return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg); case SSL_CTRL_GET_CHAIN_CERTS: *(STACK_OF(X509) **)parg = s->cert->key->chain; @@ -3431,6 +3757,29 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_SELECT_CURRENT_CERT: return ssl_cert_select_current(s->cert, (X509 *)parg); + case SSL_CTRL_SET_CURRENT_CERT: + if (larg == SSL_CERT_SET_SERVER) + { + CERT_PKEY *cpk; + const SSL_CIPHER *cipher; + if (!s->server) + return 0; + cipher = s->s3->tmp.new_cipher; + if (!cipher) + return 0; + /* No certificate for unauthenticated ciphersuites + * or using SRP authentication + */ + if (cipher->algorithm_auth & (SSL_aNULL|SSL_aSRP)) + return 2; + cpk = ssl_get_server_send_pkey(s); + if (!cpk) + return 0; + s->cert->key = cpk; + return 1; + } + return ssl_cert_set_current(s->cert, larg); + #ifndef OPENSSL_NO_EC case SSL_CTRL_GET_CURVES: { @@ -3509,7 +3858,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return ssl3_set_req_cert_type(s->cert, parg, larg); case SSL_CTRL_BUILD_CERT_CHAIN: - return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg); + return ssl_build_cert_chain(s, NULL, larg); case SSL_CTRL_SET_VERIFY_CERT_STORE: return ssl_cert_set_cert_store(s->cert, parg, 0, larg); @@ -3712,6 +4061,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) DH *new=NULL,*dh; dh=(DH *)parg; + if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, + DH_security_bits(dh), 0, dh)) + { + SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); + return 0; + } if ((new=DHparams_dup(dh)) == NULL) { SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); @@ -3738,6 +4093,9 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) return(0); } break; + case SSL_CTRL_SET_DH_AUTO: + ctx->cert->dh_tmp_auto = larg; + return 1; #endif #ifndef OPENSSL_NO_ECDH case SSL_CTRL_SET_TMP_ECDH: @@ -3884,7 +4242,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) return ssl3_set_req_cert_type(ctx->cert, parg, larg); case SSL_CTRL_BUILD_CERT_CHAIN: - return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg); + return ssl_build_cert_chain(NULL, ctx, larg); case SSL_CTRL_SET_VERIFY_CERT_STORE: return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg); @@ -3905,7 +4263,10 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) break; case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: - *(STACK_OF(X509) **)parg = ctx->extra_certs; + if (ctx->extra_certs == NULL && larg == 0) + *(STACK_OF(X509) **)parg = ctx->cert->key->chain; + else + *(STACK_OF(X509) **)parg = ctx->extra_certs; break; case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: @@ -3918,17 +4279,17 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_CHAIN: if (larg) - return ssl_cert_set1_chain(ctx->cert, + return ssl_cert_set1_chain(NULL, ctx, (STACK_OF (X509) *)parg); else - return ssl_cert_set0_chain(ctx->cert, + return ssl_cert_set0_chain(NULL, ctx, (STACK_OF (X509) *)parg); case SSL_CTRL_CHAIN_CERT: if (larg) - return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg); + return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg); else - return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg); + return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg); case SSL_CTRL_GET_CHAIN_CERTS: *(STACK_OF(X509) **)parg = ctx->cert->key->chain; @@ -3937,6 +4298,9 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_SELECT_CURRENT_CERT: return ssl_cert_select_current(ctx->cert, (X509 *)parg); + case SSL_CTRL_SET_CURRENT_CERT: + return ssl_cert_set_current(ctx->cert, larg); + default: return(0); } @@ -4116,8 +4480,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, emask_k = cert->export_mask_k; emask_a = cert->export_mask_a; #ifndef OPENSSL_NO_SRP - mask_k=cert->mask_k | s->srp_ctx.srp_Mask; - emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask; + if (s->srp_ctx.srp_Mask & SSL_kSRP) + { + mask_k |= SSL_kSRP; + emask_k |= SSL_kSRP; + mask_a |= SSL_aSRP; + emask_a |= SSL_aSRP; + } #endif #ifdef KSSL_DEBUG @@ -4170,6 +4539,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, ii=sk_SSL_CIPHER_find(allow,c); if (ii >= 0) { + /* Check security callback permits this cipher */ + if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED, + c->strength_bits, 0, c)) + continue; #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) { @@ -4187,14 +4560,8 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, int ssl3_get_req_cert_type(SSL *s, unsigned char *p) { int ret=0; - const unsigned char *sig; - size_t i, siglen; - int have_rsa_sign = 0, have_dsa_sign = 0; -#ifndef OPENSSL_NO_ECDSA - int have_ecdsa_sign = 0; -#endif int nostrict = 1; - unsigned long alg_k; + unsigned long alg_k, alg_a = 0; /* If we have custom certificate types set, use them */ if (s->cert->ctypes) @@ -4202,28 +4569,10 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) memcpy(p, s->cert->ctypes, s->cert->ctype_num); return (int)s->cert->ctype_num; } - /* get configured sigalgs */ - siglen = tls12_get_psigalgs(s, &sig); + /* Get mask of algorithms disabled by signature list */ + ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK); if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT) nostrict = 0; - for (i = 0; i < siglen; i+=2, sig+=2) - { - switch(sig[1]) - { - case TLSEXT_signature_rsa: - have_rsa_sign = 1; - break; - - case TLSEXT_signature_dsa: - have_dsa_sign = 1; - break; -#ifndef OPENSSL_NO_ECDSA - case TLSEXT_signature_ecdsa: - have_ecdsa_sign = 1; - break; -#endif - } - } alg_k = s->s3->tmp.new_cipher->algorithm_mkey; @@ -4246,11 +4595,11 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) /* Since this refers to a certificate signed with an RSA * algorithm, only check for rsa signing in strict mode. */ - if (nostrict || have_rsa_sign) + if (nostrict || !(alg_a & SSL_aRSA)) p[ret++]=SSL3_CT_RSA_FIXED_DH; # endif # ifndef OPENSSL_NO_DSA - if (nostrict || have_dsa_sign) + if (nostrict || !(alg_a & SSL_aDSS)) p[ret++]=SSL3_CT_DSS_FIXED_DH; # endif } @@ -4266,19 +4615,19 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) } #endif /* !OPENSSL_NO_DH */ #ifndef OPENSSL_NO_RSA - if (have_rsa_sign) + if (!(alg_a & SSL_aRSA)) p[ret++]=SSL3_CT_RSA_SIGN; #endif #ifndef OPENSSL_NO_DSA - if (have_dsa_sign) + if (!(alg_a & SSL_aDSS)) p[ret++]=SSL3_CT_DSS_SIGN; #endif #ifndef OPENSSL_NO_ECDH if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { - if (nostrict || have_rsa_sign) + if (nostrict || !(alg_a & SSL_aRSA)) p[ret++]=TLS_CT_RSA_FIXED_ECDH; - if (nostrict || have_ecdsa_sign) + if (nostrict || !(alg_a & SSL_aECDSA)) p[ret++]=TLS_CT_ECDSA_FIXED_ECDH; } #endif @@ -4289,7 +4638,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p) */ if (s->version >= TLS1_VERSION) { - if (have_ecdsa_sign) + if (!(alg_a & SSL_aECDSA)) p[ret++]=TLS_CT_ECDSA_SIGN; } #endif