diff options
| author | cperciva <cperciva@FreeBSD.org> | 2009-12-03 09:18:40 +0000 |
|---|---|---|
| committer | cperciva <cperciva@FreeBSD.org> | 2009-12-03 09:18:40 +0000 |
| commit | e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94 (patch) | |
| tree | 634486f3b4fdeff7825df168fb7cdfa087556d06 /crypto/openssl | |
| parent | 3cb9e82d646d4d75b9d93dd39dc387aac8732e8c (diff) | |
| download | FreeBSD-src-e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94.zip FreeBSD-src-e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94.tar.gz | |
Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]
Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]
Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]
Approved by: so (cperciva)
Security: FreeBSD-SA-09:15.ssl
Security: FreeBSD-SA-09:16.rtld
Security: FreeBSD-SA-09:17.freebsd-udpate
Diffstat (limited to 'crypto/openssl')
| -rw-r--r-- | crypto/openssl/ssl/s3_lib.c | 3 | ||||
| -rw-r--r-- | crypto/openssl/ssl/s3_pkt.c | 7 | ||||
| -rw-r--r-- | crypto/openssl/ssl/s3_srvr.c | 7 |
3 files changed, 12 insertions, 5 deletions
diff --git a/crypto/openssl/ssl/s3_lib.c b/crypto/openssl/ssl/s3_lib.c index 8916a0b..1b38f72 100644 --- a/crypto/openssl/ssl/s3_lib.c +++ b/crypto/openssl/ssl/s3_lib.c @@ -2592,6 +2592,9 @@ int ssl3_renegotiate(SSL *s) if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) return(0); + if (1) + return(0); + s->s3->renegotiate=1; return(1); } diff --git a/crypto/openssl/ssl/s3_pkt.c b/crypto/openssl/ssl/s3_pkt.c index 9476dcd..1644f19 100644 --- a/crypto/openssl/ssl/s3_pkt.c +++ b/crypto/openssl/ssl/s3_pkt.c @@ -983,9 +983,7 @@ start: if (s->msg_callback) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg); - if (SSL_is_init_finished(s) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && - !s->s3->renegotiate) + if (0) { ssl3_renegotiate(s); if (ssl3_renegotiate_check(s)) @@ -1116,8 +1114,7 @@ start: /* Unexpected handshake message (Client Hello, or protocol violation) */ if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) { - if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) + if (0) { #if 0 /* worked only because C operator preferences are not as expected (and * because this is not really needed for clients except for detecting diff --git a/crypto/openssl/ssl/s3_srvr.c b/crypto/openssl/ssl/s3_srvr.c index 80b45eb..b2ba9ff 100644 --- a/crypto/openssl/ssl/s3_srvr.c +++ b/crypto/openssl/ssl/s3_srvr.c @@ -718,6 +718,13 @@ int ssl3_get_client_hello(SSL *s) #endif STACK_OF(SSL_CIPHER) *ciphers=NULL; + if (s->new_session) + { + al=SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); + goto f_err; + } + /* We do this so that we will respond with our native type. * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, * This down switching should be handled by a different method. |
