get rid of OpenSSLDie
authorBodo Möller <bodo@openssl.org>
Fri, 2 Aug 2002 11:48:15 +0000 (11:48 +0000)
committerBodo Möller <bodo@openssl.org>
Fri, 2 Aug 2002 11:48:15 +0000 (11:48 +0000)
14 files changed:
CHANGES
crypto/cryptlib.c
crypto/cryptlib.h
ssl/s2_clnt.c
ssl/s2_enc.c
ssl/s2_lib.c
ssl/s2_srvr.c
ssl/s3_clnt.c
ssl/s3_srvr.c
ssl/ssl.h
ssl/ssl_asn1.c
ssl/ssl_err.c
ssl/ssl_locl.h
ssl/ssl_sess.c

diff --git a/CHANGES b/CHANGES
index 3881e91..1e876fc 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1764,6 +1764,13 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Clean old EAY MD5 hack from e_os.h.
      [Richard Levitte]
 
+ Changes between 0.9.6e and 0.9.6f  [XX xxx XXXX]
+
+  *) Use proper error handling instead of 'assertions' in buffer
+     overflow checks added in 0.9.6e.  This prevents DoS (the
+     assertions could call abort()).
+     [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]
+  
  Changes between 0.9.6d and 0.9.6e  [30 Jul 2002]
 
   *) Add various sanity checks to asn1_get_length() to reject
index 3bceddf..9a7ed2c 100644 (file)
@@ -494,11 +494,3 @@ BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason,
 #endif
 
 #endif
-
-void OpenSSLDie(const char *file,int line,const char *assertion)
-    {
-    fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n",
-           file,line,assertion);
-    abort();
-    }
-
index 985a6d3..88e4ae5 100644 (file)
@@ -93,10 +93,6 @@ extern "C" {
 #define DECIMAL_SIZE(type)     ((sizeof(type)*8+2)/3+1)
 #define HEX_SIZE(type)         ((sizeof(type)*2)
 
-/* die if we have to */
-void OpenSSLDie(const char *file,int line,const char *assertion);
-#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
-
 #ifdef  __cplusplus
 }
 #endif
index 26efe53..570d066 100644 (file)
@@ -536,7 +536,12 @@ static int get_server_hello(SSL *s)
                }
                
        s->s2->conn_id_length=s->s2->tmp.conn_id_length;
-       die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
+       if (s->s2->conn_id_length > sizeof s->s2->conn_id)
+               {
+               ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+               SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
+               return -1;
+               }
        memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
        return(1);
        }
@@ -638,7 +643,12 @@ static int client_master_key(SSL *s)
                /* make key_arg data */
                i=EVP_CIPHER_iv_length(c);
                sess->key_arg_length=i;
-               die(i <= SSL_MAX_KEY_ARG_LENGTH);
+               if (i > SSL_MAX_KEY_ARG_LENGTH)
+                       {
+                       ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                       SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+                       return -1;
+                       }
                if (i > 0) RAND_pseudo_bytes(sess->key_arg,i);
 
                /* make a master key */
@@ -646,7 +656,12 @@ static int client_master_key(SSL *s)
                sess->master_key_length=i;
                if (i > 0)
                        {
-                       die(i <= sizeof sess->master_key);
+                       if (i > sizeof sess->master_key)
+                               {
+                               ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                               SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+                               return -1;
+                               }
                        if (RAND_bytes(sess->master_key,i) <= 0)
                                {
                                ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
@@ -690,7 +705,12 @@ static int client_master_key(SSL *s)
                d+=enc;
                karg=sess->key_arg_length;      
                s2n(karg,p); /* key arg size */
-               die(karg <= sizeof sess->key_arg);
+               if (karg > sizeof sess->key_arg)
+                       {
+                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+                       SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+                       return -1;
+                       }
                memcpy(d,sess->key_arg,(unsigned int)karg);
                d+=karg;
 
@@ -711,7 +731,11 @@ static int client_finished(SSL *s)
                {
                p=(unsigned char *)s->init_buf->data;
                *(p++)=SSL2_MT_CLIENT_FINISHED;
-               die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
+               if (s->s2->conn_id_length > sizeof s->s2->conn_id)
+                       {
+                       SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
+                       return -1;
+                       }
                memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
 
                s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
@@ -984,10 +1008,9 @@ static int get_server_finished(SSL *s)
                {
                if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
                        {
-                       die(s->session->session_id_length
-                           <= sizeof s->session->session_id);
-                       if (memcmp(buf,s->session->session_id,
-                               (unsigned int)s->session->session_id_length) != 0)
+                       if ((s->session->session_id_length > sizeof s->session->session_id)
+                           || (0 != memcmp(buf, s->session->session_id,
+                                           (unsigned int)s->session->session_id_length)))
                                {
                                ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
                                SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
index a28e747..690252e 100644 (file)
@@ -96,7 +96,8 @@ int ssl2_enc_init(SSL *s, int client)
        num=c->key_len;
        s->s2->key_material_length=num*2;
 
-       ssl2_generate_key_material(s);
+       if (ssl2_generate_key_material(s) <= 0)
+               return 0;
 
        EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),
                s->session->key_arg);
index 9bf5526..554f4fd 100644 (file)
@@ -416,12 +416,15 @@ int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
        return(3);
        }
 
-void ssl2_generate_key_material(SSL *s)
+int ssl2_generate_key_material(SSL *s)
        {
        unsigned int i;
        EVP_MD_CTX ctx;
        unsigned char *km;
        unsigned char c='0';
+       const EVP_MD *md5;
+
+       md5 = EVP_md5();
 
 #ifdef CHARSET_EBCDIC
        c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0',
@@ -429,23 +432,35 @@ void ssl2_generate_key_material(SSL *s)
 #endif
        EVP_MD_CTX_init(&ctx);
        km=s->s2->key_material;
-       die(s->s2->key_material_length <= sizeof s->s2->key_material);
-       for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
+
+       if (s->session->master_key_length < 0 || s->session->master_key_length > sizeof s->session->master_key)
+               {
+               SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
+               return 0;
+               }
+
+       for (i=0; i<s->s2->key_material_length; i += EVP_MD_block_size(md5))
                {
-               EVP_DigestInit_ex(&ctx,EVP_md5(), NULL);
+               if (((km - s->s2->key_material) + EVP_MD_block_size(md5)) > sizeof s->s2->key_material)
+                       {
+                       /* EVP_DigestFinal_ex() below would write beyond buffer */
+                       SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
+                       return 0;
+                       }
+
+               EVP_DigestInit_ex(&ctx, md5, NULL);
 
-               die(s->session->master_key_length >= 0
-                   && s->session->master_key_length
-                   < sizeof s->session->master_key);
                EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
                EVP_DigestUpdate(&ctx,&c,1);
                c++;
                EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length);
                EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length);
                EVP_DigestFinal_ex(&ctx,km,NULL);
-               km+=MD5_DIGEST_LENGTH;
+               km += EVP_MD_block_size(md5);
                }
+
        EVP_MD_CTX_cleanup(&ctx);
+       return 1;
        }
 
 void ssl2_return_error(SSL *s, int err)
@@ -470,10 +485,14 @@ void ssl2_write_error(SSL *s)
        buf[2]=(s->error_code)&0xff;
 
 /*     state=s->rwstate;*/
-       error=s->error;
+
+       error=s->error; /* number of bytes left to write */
        s->error=0;
-       die(error >= 0 && error <= 3);
+       if (error < 0 || error > sizeof buf) /* can't happen */
+               return;
+  
        i=ssl2_write(s,&(buf[3-error]),error);
+
 /*     if (i == error) s->rwstate=state; */
 
        if (i < 0)
index 391287b..2d3b667 100644 (file)
@@ -399,8 +399,7 @@ static int get_client_master_key(SSL *s)
                                SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE);
                                }
                        else
-                               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
-                                       SSL_R_PEER_ERROR);
+                               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
                        return(-1);
                        }
 
@@ -408,8 +407,7 @@ static int get_client_master_key(SSL *s)
                if (cp == NULL)
                        {
                        ssl2_return_error(s,SSL2_PE_NO_CIPHER);
-                       SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
-                               SSL_R_NO_CIPHER_MATCH);
+                       SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
                        return(-1);
                        }
                s->session->cipher= cp;
@@ -420,8 +418,8 @@ static int get_client_master_key(SSL *s)
                n2s(p,i); s->session->key_arg_length=i;
                if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH)
                        {
-                       SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
-                                  SSL_R_KEY_ARG_TOO_LONG);
+                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+                       SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
                        return -1;
                        }
                s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
@@ -429,11 +427,17 @@ static int get_client_master_key(SSL *s)
 
        /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
        p=(unsigned char *)s->init_buf->data;
-       die(s->init_buf->length >= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER);
+       if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
+               {
+               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+               return -1;
+               }
        keya=s->session->key_arg_length;
        len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
        if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
                {
+               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
                SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_MESSAGE_TOO_LONG);
                return -1;
                }
@@ -512,7 +516,13 @@ static int get_client_master_key(SSL *s)
 #endif
 
        if (is_export) i+=s->s2->tmp.clear;
-       die(i <= SSL_MAX_MASTER_KEY_LENGTH);
+
+       if (i > SSL_MAX_MASTER_KEY_LENGTH)
+               {
+               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+               SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+               return -1;
+               }
        s->session->master_key_length=i;
        memcpy(s->session->master_key,p,(unsigned int)i);
        return(1);
@@ -563,6 +573,7 @@ static int get_client_hello(SSL *s)
                if (    (i < SSL2_MIN_CHALLENGE_LENGTH) ||
                        (i > SSL2_MAX_CHALLENGE_LENGTH))
                        {
+                       ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
                        SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH);
                        return(-1);
                        }
@@ -574,6 +585,7 @@ static int get_client_hello(SSL *s)
        len = 9 + (unsigned long)s->s2->tmp.cipher_spec_length + (unsigned long)s->s2->challenge_length + (unsigned long)s->s2->tmp.session_id_length;
        if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
                {
+               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
                SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_MESSAGE_TOO_LONG);
                return -1;
                }
@@ -679,7 +691,12 @@ static int get_client_hello(SSL *s)
        p+=s->s2->tmp.session_id_length;
 
        /* challenge */
-       die(s->s2->challenge_length <= sizeof s->s2->challenge);
+       if (s->s2->challenge_length > sizeof s->s2->challenge)
+               {
+               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+               SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+               return -1;
+               }
        memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
        return(1);
 mem_err:
@@ -836,7 +853,12 @@ static int get_client_finished(SSL *s)
                }
 
        /* SSL2_ST_GET_CLIENT_FINISHED_B */
-       die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
+       if (s->s2->conn_id_length > sizeof s->s2->conn_id)
+               {
+               ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+               SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
+               return -1;
+               }
        len = 1 + (unsigned long)s->s2->conn_id_length;
        n = (int)len - s->init_num;
        i = ssl2_read(s,(char *)&(p[s->init_num]),n);
@@ -864,7 +886,11 @@ static int server_verify(SSL *s)
                {
                p=(unsigned char *)s->init_buf->data;
                *(p++)=SSL2_MT_SERVER_VERIFY;
-               die(s->s2->challenge_length <= sizeof s->s2->challenge);
+               if (s->s2->challenge_length > sizeof s->s2->challenge)
+                       {
+                       SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
+                       return -1;
+                       }
                memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length);
                /* p+=s->s2->challenge_length; */
 
@@ -884,10 +910,12 @@ static int server_finish(SSL *s)
                p=(unsigned char *)s->init_buf->data;
                *(p++)=SSL2_MT_SERVER_FINISHED;
 
-               die(s->session->session_id_length
-                   <= sizeof s->session->session_id);
-               memcpy(p,s->session->session_id,
-                       (unsigned int)s->session->session_id_length);
+               if (s->session->session_id_length > sizeof s->session->session_id)
+                       {
+                       SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
+                       return -1;
+                       }
+               memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length);
                /* p+=s->session->session_id_length; */
 
                s->state=SSL2_ST_SEND_SERVER_FINISHED_B;
index 2699b58..2b58482 100644 (file)
@@ -546,7 +546,11 @@ static int ssl3_client_hello(SSL *s)
                *(p++)=i;
                if (i != 0)
                        {
-                       die(i <= sizeof s->session->session_id);
+                       if (i > sizeof s->session->session_id)
+                               {
+                               SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+                               goto err;
+                               }
                        memcpy(p,s->session->session_id,i);
                        p+=i;
                        }
@@ -1598,7 +1602,11 @@ static int ssl3_send_client_key_exchange(SSL *s)
                                SSL_MAX_MASTER_KEY_LENGTH);
                        EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
                        outl += padl;
-                       die(outl <= sizeof epms);
+                       if (outl > sizeof epms)
+                               {
+                               SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+                               goto err;
+                               }
                        EVP_CIPHER_CTX_cleanup(&ciph_ctx);
 
                        /*  KerberosWrapper.EncryptedPreMasterSecret    */
index 827fd12..20d716f 100644 (file)
@@ -965,7 +965,11 @@ static int ssl3_send_server_hello(SSL *s)
                        s->session->session_id_length=0;
 
                sl=s->session->session_id_length;
-               die(sl <= sizeof s->session->session_id);
+               if (sl > sizeof s->session->session_id)
+                       {
+                       SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+                       return -1;
+                       }
                *(p++)=sl;
                memcpy(p,s->session->session_id,sl);
                p+=sl;
index d9949e8..e9d1e89 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1462,6 +1462,7 @@ void ERR_load_SSL_strings(void);
 
 /* Function codes. */
 #define SSL_F_CLIENT_CERTIFICATE                        100
+#define SSL_F_CLIENT_FINISHED                           238
 #define SSL_F_CLIENT_HELLO                              101
 #define SSL_F_CLIENT_MASTER_KEY                                 102
 #define SSL_F_D2I_SSL_SESSION                           103
@@ -1475,7 +1476,9 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_I2D_SSL_SESSION                           111
 #define SSL_F_READ_N                                    112
 #define SSL_F_REQUEST_CERTIFICATE                       113
+#define SSL_F_SERVER_FINISH                             239
 #define SSL_F_SERVER_HELLO                              114
+#define SSL_F_SERVER_VERIFY                             240
 #define SSL_F_SSL23_ACCEPT                              115
 #define SSL_F_SSL23_CLIENT_HELLO                        116
 #define SSL_F_SSL23_CONNECT                             117
@@ -1487,6 +1490,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL2_ACCEPT                               122
 #define SSL_F_SSL2_CONNECT                              123
 #define SSL_F_SSL2_ENC_INIT                             124
+#define SSL_F_SSL2_GENERATE_KEY_MATERIAL                241
 #define SSL_F_SSL2_PEEK                                         234
 #define SSL_F_SSL2_READ                                         125
 #define SSL_F_SSL2_READ_INTERNAL                        236
@@ -1523,6 +1527,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE             152
 #define SSL_F_SSL3_SEND_CLIENT_VERIFY                   153
 #define SSL_F_SSL3_SEND_SERVER_CERTIFICATE              154
+#define SSL_F_SSL3_SEND_SERVER_HELLO                    242
 #define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE             155
 #define SSL_F_SSL3_SETUP_BUFFERS                        156
 #define SSL_F_SSL3_SETUP_KEY_BLOCK                      157
@@ -1747,6 +1752,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_SHORT_READ                                219
 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE     220
 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE              221
+#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG               1114
 #define SSL_R_SSL3_SESSION_ID_TOO_LONG                  1113
 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT                         222
 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE               1042
index 1638c6b..3723fc2 100644 (file)
@@ -294,10 +294,11 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
                i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
 
        if (os.length > i)
-               os.length=i;
+               os.length = i;
+       if (os.length > sizeof ret->session_id) /* can't happen */
+               os.length = sizeof ret->session_id;
 
        ret->session_id_length=os.length;
-       die(os.length <= sizeof ret->session_id);
        memcpy(ret->session_id,os.data,os.length);
 
        M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
index 0cad32c..7067a74 100644 (file)
@@ -67,6 +67,7 @@
 static ERR_STRING_DATA SSL_str_functs[]=
        {
 {ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0),       "CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_CLIENT_FINISHED,0),  "CLIENT_FINISHED"},
 {ERR_PACK(0,SSL_F_CLIENT_HELLO,0),     "CLIENT_HELLO"},
 {ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0),        "CLIENT_MASTER_KEY"},
 {ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0),  "d2i_SSL_SESSION"},
@@ -80,7 +81,9 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0),  "i2d_SSL_SESSION"},
 {ERR_PACK(0,SSL_F_READ_N,0),   "READ_N"},
 {ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0),      "REQUEST_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SERVER_FINISH,0),    "SERVER_FINISH"},
 {ERR_PACK(0,SSL_F_SERVER_HELLO,0),     "SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SERVER_VERIFY,0),    "SERVER_VERIFY"},
 {ERR_PACK(0,SSL_F_SSL23_ACCEPT,0),     "SSL23_ACCEPT"},
 {ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0),       "SSL23_CLIENT_HELLO"},
 {ERR_PACK(0,SSL_F_SSL23_CONNECT,0),    "SSL23_CONNECT"},
@@ -92,6 +95,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_PACK(0,SSL_F_SSL2_ACCEPT,0),      "SSL2_ACCEPT"},
 {ERR_PACK(0,SSL_F_SSL2_CONNECT,0),     "SSL2_CONNECT"},
 {ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0),    "SSL2_ENC_INIT"},
+{ERR_PACK(0,SSL_F_SSL2_GENERATE_KEY_MATERIAL,0),       "SSL2_GENERATE_KEY_MATERIAL"},
 {ERR_PACK(0,SSL_F_SSL2_PEEK,0),        "SSL2_PEEK"},
 {ERR_PACK(0,SSL_F_SSL2_READ,0),        "SSL2_READ"},
 {ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0),       "SSL2_READ_INTERNAL"},
@@ -128,6 +132,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0),    "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
 {ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0),  "SSL3_SEND_CLIENT_VERIFY"},
 {ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0),     "SSL3_SEND_SERVER_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_HELLO,0),   "SSL3_SEND_SERVER_HELLO"},
 {ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0),    "SSL3_SEND_SERVER_KEY_EXCHANGE"},
 {ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0),       "SSL3_SETUP_BUFFERS"},
 {ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0),     "SSL3_SETUP_KEY_BLOCK"},
@@ -355,6 +360,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_SHORT_READ                        ,"short read"},
 {SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
 {SSL_R_SSL23_DOING_SESSION_ID_REUSE      ,"ssl23 doing session id reuse"},
+{SSL_R_SSL2_CONNECTION_ID_TOO_LONG       ,"ssl2 connection id too long"},
 {SSL_R_SSL3_SESSION_ID_TOO_LONG          ,"ssl3 session id too long"},
 {SSL_R_SSL3_SESSION_ID_TOO_SHORT         ,"ssl3 session id too short"},
 {SSL_R_SSLV3_ALERT_BAD_CERTIFICATE       ,"sslv3 alert bad certificate"},
index fe4ac83..dd6c7a7 100644 (file)
@@ -510,7 +510,7 @@ STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
 int ssl_verify_alarm_type(long type);
 
 int ssl2_enc_init(SSL *s, int client);
-void ssl2_generate_key_material(SSL *s);
+int ssl2_generate_key_material(SSL *s);
 void ssl2_enc(SSL *s,int send_data);
 void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
 SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
index 8bfc382..ca1a742 100644 (file)
@@ -251,7 +251,12 @@ int ssl_get_new_session(SSL *s, int session)
                ss->session_id_length=0;
                }
 
-       die(s->sid_ctx_length <= sizeof ss->sid_ctx);
+       if (s->sid_ctx_length > sizeof ss->sid_ctx)
+               {
+               SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
+               SSL_SESSION_free(ss);
+               return 0;
+               }
        memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
        ss->sid_ctx_length=s->sid_ctx_length;
        s->session=ss;