Enclosed a second patch to make ssl conformant to rfc 5054.
patch is to the stable snapshot of 11/14
Changes are:
- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.
have fun
diff -r -c openssl-1.0.1-stable-SNAP-20111114/include/openssl/ssl3.h openssl-1.0.1-stable-SNAP-20111114PS/include/openssl/ssl3.h
*** openssl-1.0.1-stable-SNAP-20111114/include/openssl/ssl3.h 2011-11-13 23:00:19.000000000 +0100
--- openssl-1.0.1-stable-SNAP-20111114PS/include/openssl/ssl3.h 2011-11-15 17:14:49.427741000 +0100
***************
*** 581,588 ****
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
- /* a new state to remember that we have already receive a ClientHello without srp username extension */
- #define SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME (0x1E2|SSL_ST_ACCEPT)
/* write to client */
#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
--- 581,586 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/include/openssl/ssl.h openssl-1.0.1-stable-SNAP-20111114PS/include/openssl/ssl.h
*** openssl-1.0.1-stable-SNAP-20111114/include/openssl/ssl.h 2011-11-13 23:00:19.000000000 +0100
--- openssl-1.0.1-stable-SNAP-20111114PS/include/openssl/ssl.h 2011-11-14 18:08:23.751741000 +0100
***************
*** 1468,1475 ****
#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
- #define SSL_AD_UNKNOWN_SRP_USERNAME TLS1_AD_UNKNOWN_SRP_USERNAME
- #define SSL_AD_MISSING_SRP_USERNAME TLS1_AD_MISSING_SRP_USERNAME
#define SSL_ERROR_NONE 0
#define SSL_ERROR_SSL 1
--- 1468,1473 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/include/openssl/tls1.h openssl-1.0.1-stable-SNAP-20111114PS/include/openssl/tls1.h
*** openssl-1.0.1-stable-SNAP-20111114/include/openssl/tls1.h 2011-11-13 23:00:19.000000000 +0100
--- openssl-1.0.1-stable-SNAP-20111114PS/include/openssl/tls1.h 2011-11-14 18:20:29.071741000 +0100
***************
*** 196,203 ****
#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
- #define TLS1_AD_UNKNOWN_SRP_USERNAME 120 /* fatal */
- #define TLS1_AD_MISSING_SRP_USERNAME 121
/* ExtensionType values from RFC3546 / RFC4366 */
#define TLSEXT_TYPE_server_name 0
--- 196,201 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/ssl/s3_clnt.c openssl-1.0.1-stable-SNAP-20111114PS/ssl/s3_clnt.c
*** openssl-1.0.1-stable-SNAP-20111114/ssl/s3_clnt.c 2011-11-13 23:00:19.000000000 +0100
--- openssl-1.0.1-stable-SNAP-20111114PS/ssl/s3_clnt.c 2011-11-15 17:26:16.731741000 +0100
***************
*** 280,299 ****
case SSL3_ST_CR_SRVR_HELLO_A:
case SSL3_ST_CR_SRVR_HELLO_B:
ret=ssl3_get_server_hello(s);
- #ifndef OPENSSL_NO_SRP
- if (ret == 0 && s->s3->warn_alert == SSL_AD_MISSING_SRP_USERNAME)
- {
- if (!SRP_have_to_put_srp_username(s))
- {
- SSLerr(SSL_F_SSL3_CONNECT,SSL_R_MISSING_SRP_USERNAME);
- ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_USER_CANCELLED);
- goto end;
- }
- s->state=SSL3_ST_CW_CLNT_HELLO_A;
- if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
- break;
- }
- #endif
if (ret <= 0) goto end;
if (s->hit)
--- 280,285 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/ssl/s3_srvr.c openssl-1.0.1-stable-SNAP-20111114PS/ssl/s3_srvr.c
*** openssl-1.0.1-stable-SNAP-20111114/ssl/s3_srvr.c 2011-11-13 23:00:19.000000000 +0100
--- openssl-1.0.1-stable-SNAP-20111114PS/ssl/s3_srvr.c 2011-11-15 17:13:55.327741000 +0100
***************
*** 180,190 ****
}
#ifndef OPENSSL_NO_SRP
! static int SSL_check_srp_ext_ClientHello(SSL *s, int *ad)
{
int ret = SSL_ERROR_NONE;
! *ad = SSL_AD_UNRECOGNIZED_NAME;
if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
(s->srp_ctx.TLS_ext_srp_username_callback != NULL))
--- 180,190 ----
}
#ifndef OPENSSL_NO_SRP
! static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
{
int ret = SSL_ERROR_NONE;
! *al = SSL_AD_UNRECOGNIZED_NAME;
if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
(s->srp_ctx.TLS_ext_srp_username_callback != NULL))
***************
*** 192,203 ****
if(s->srp_ctx.login == NULL)
{
/* There isn't any srp login extension !!! */
! ret = SSL3_AL_WARNING;
! *ad = SSL_AD_MISSING_SRP_USERNAME;
}
else
{
! ret = SSL_srp_server_param_with_username(s,ad);
}
}
return ret;
--- 192,203 ----
if(s->srp_ctx.login == NULL)
{
/* There isn't any srp login extension !!! */
! ret = SSL3_AL_FATAL;
! *al = SSL_AD_UNKNOWN_PSK_IDENTITY;
}
else
{
! ret = SSL_srp_server_param_with_username(s,al);
}
}
return ret;
***************
*** 217,224 ****
int ret= -1;
int new_state,state,skip=0;
#ifndef OPENSSL_NO_SRP
! int srp_no_username=0;
! int extension_error,al;
#endif
RAND_add(&Time,sizeof(Time),0);
--- 217,223 ----
int ret= -1;
int new_state,state,skip=0;
#ifndef OPENSSL_NO_SRP
! int al;
#endif
RAND_add(&Time,sizeof(Time),0);
***************
*** 340,374 ****
case SSL3_ST_SR_CLNT_HELLO_A:
case SSL3_ST_SR_CLNT_HELLO_B:
case SSL3_ST_SR_CLNT_HELLO_C:
- #ifndef OPENSSL_NO_SRP
- case SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME:
- #endif
s->shutdown=0;
ret=ssl3_get_client_hello(s);
if (ret <= 0) goto end;
#ifndef OPENSSL_NO_SRP
! extension_error = 0;
! if ((al = SSL_check_srp_ext_ClientHello(s,&extension_error)) != SSL_ERROR_NONE)
{
! ssl3_send_alert(s,al,extension_error);
! if (extension_error == SSL_AD_MISSING_SRP_USERNAME)
! {
! if (srp_no_username) goto end;
! ERR_clear_error();
! srp_no_username = 1;
! s->state=SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME;
! if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
! if ((ret=BIO_flush(s->wbio)) <= 0) goto end;
! s->init_num=0;
! break;
! }
! ret = -1;
! SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_CLIENTHELLO_TLSEXT);
! goto end;
}
! #endif
!
s->renegotiate = 2;
s->state=SSL3_ST_SW_SRVR_HELLO_A;
s->init_num=0;
--- 339,359 ----
case SSL3_ST_SR_CLNT_HELLO_A:
case SSL3_ST_SR_CLNT_HELLO_B:
case SSL3_ST_SR_CLNT_HELLO_C:
s->shutdown=0;
+
ret=ssl3_get_client_hello(s);
if (ret <= 0) goto end;
#ifndef OPENSSL_NO_SRP
! if ((ret = ssl_check_srp_ext_ClientHello(s,&al)) != SSL_ERROR_NONE)
{
! ssl3_send_alert(s,SSL3_AL_FATAL,al);
! SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_CLIENTHELLO_TLSEXT);
! ret = SSL_TLSEXT_ERR_ALERT_FATAL;
! ret= -1;
! goto end;
}
! #endif
s->renegotiate = 2;
s->state=SSL3_ST_SW_SRVR_HELLO_A;
s->init_num=0;
***************
*** 914,922 ****
* TLSv1.
*/
if (s->state == SSL3_ST_SR_CLNT_HELLO_A
- #ifndef OPENSSL_NO_SRP
- || (s->state == SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME)
- #endif
)
{
s->state=SSL3_ST_SR_CLNT_HELLO_B;
--- 899,904 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/ssl/ssl3.h openssl-1.0.1-stable-SNAP-20111114PS/ssl/ssl3.h
*** openssl-1.0.1-stable-SNAP-20111114/ssl/ssl3.h 2011-11-13 23:00:19.000000000 +0100
--- openssl-1.0.1-stable-SNAP-20111114PS/ssl/ssl3.h 2011-11-15 17:14:49.427741000 +0100
***************
*** 581,588 ****
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
- /* a new state to remember that we have already receive a ClientHello without srp username extension */
- #define SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME (0x1E2|SSL_ST_ACCEPT)
/* write to client */
#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
--- 581,586 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/ssl/ssl.h openssl-1.0.1-stable-SNAP-20111114PS/ssl/ssl.h
*** openssl-1.0.1-stable-SNAP-20111114/ssl/ssl.h 2011-11-13 23:00:19.000000000 +0100
--- openssl-1.0.1-stable-SNAP-20111114PS/ssl/ssl.h 2011-11-14 18:08:23.751741000 +0100
***************
*** 1468,1475 ****
#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
- #define SSL_AD_UNKNOWN_SRP_USERNAME TLS1_AD_UNKNOWN_SRP_USERNAME
- #define SSL_AD_MISSING_SRP_USERNAME TLS1_AD_MISSING_SRP_USERNAME
#define SSL_ERROR_NONE 0
#define SSL_ERROR_SSL 1
--- 1468,1473 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/ssl/ssl_stat.c openssl-1.0.1-stable-SNAP-20111114PS/ssl/ssl_stat.c
*** openssl-1.0.1-stable-SNAP-20111114/ssl/ssl_stat.c 2011-11-13 15:00:20.000000000 +0100
--- openssl-1.0.1-stable-SNAP-20111114PS/ssl/ssl_stat.c 2011-11-15 17:14:30.175741000 +0100
***************
*** 210,218 ****
case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break;
case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
- #ifndef OPENSSL_NO_SRP
- case SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME: str="SSLv3 waiting for a SRP username"; break;
- #endif
#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
--- 210,215 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/ssl/t1_enc.c openssl-1.0.1-stable-SNAP-20111114PS/ssl/t1_enc.c
*** openssl-1.0.1-stable-SNAP-20111114/ssl/t1_enc.c 2011-08-04 14:00:20.000000000 +0200
--- openssl-1.0.1-stable-SNAP-20111114PS/ssl/t1_enc.c 2011-11-15 17:24:26.067741000 +0100
***************
*** 1153,1161 ****
case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY);
- #ifndef OPENSSL_NO_SRP
- case SSL_AD_MISSING_SRP_USERNAME:return(TLS1_AD_MISSING_SRP_USERNAME);
- #endif
#if 0 /* not appropriate for TLS, not used for DTLS */
case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return
(DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
--- 1153,1158 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/ssl/tls1.h openssl-1.0.1-stable-SNAP-20111114PS/ssl/tls1.h
*** openssl-1.0.1-stable-SNAP-20111114/ssl/tls1.h 2011-11-13 23:00:19.000000000 +0100
--- openssl-1.0.1-stable-SNAP-20111114PS/ssl/tls1.h 2011-11-14 18:20:29.071741000 +0100
***************
*** 196,203 ****
#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
- #define TLS1_AD_UNKNOWN_SRP_USERNAME 120 /* fatal */
- #define TLS1_AD_MISSING_SRP_USERNAME 121
/* ExtensionType values from RFC3546 / RFC4366 */
#define TLSEXT_TYPE_server_name 0
--- 196,201 ----
diff -r -c openssl-1.0.1-stable-SNAP-20111114/ssl/tls_srp.c openssl-1.0.1-stable-SNAP-20111114PS/ssl/tls_srp.c
*** openssl-1.0.1-stable-SNAP-20111114/ssl/tls_srp.c 2011-05-12 16:00:17.000000000 +0200
--- openssl-1.0.1-stable-SNAP-20111114PS/ssl/tls_srp.c 2011-11-14 18:47:18.975741001 +0100
***************
*** 234,240 ****
unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
int al;
! *ad = SSL_AD_UNKNOWN_SRP_USERNAME;
if ((s->srp_ctx.TLS_ext_srp_username_callback !=NULL) &&
((al = s->srp_ctx.TLS_ext_srp_username_callback(s, ad, s->srp_ctx.SRP_cb_arg))!=SSL_ERROR_NONE))
return al;
--- 234,240 ----
unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
int al;
! *ad = SSL_AD_UNKNOWN_PSK_IDENTITY;
if ((s->srp_ctx.TLS_ext_srp_username_callback !=NULL) &&
((al = s->srp_ctx.TLS_ext_srp_username_callback(s, ad, s->srp_ctx.SRP_cb_arg))!=SSL_ERROR_NONE))
return al;
