Re: FIPS_mode_set(1) always returns false
Thanks Steve. Appreciate it. I will build 2.0 Module for iOS 5.1. On Fri, Sep 7, 2012 at 1:57 PM, Steve Marquess < marqu...@opensslfoundation.com> wrote: > On 09/07/2012 01:32 PM, Taraniteja Vishwanatha wrote: > > I did not see any build instructions in > > http://openssl.org/docs/fips/UserGuide-2.0.pdf > > These queries would more appropriately directed to the openssl-users list. > > Check the latest draft of the User Guide that hasn't been posted to > openssl.org yet: > > > http://opensslfoundation.com/testing/validation-2.0/docs/UserGuide-2.0.pdf > > The instructions are essentially the same as for the 1.2.x module. > > -Steve M. > > -- > Steve Marquess > OpenSSL Software Foundation, Inc. > 1829 Mount Ephraim Road > Adamstown, MD 21710 > USA > +1 877 673 6775 s/b > +1 301 874 2571 direct > marqu...@opensslfoundation.com > marqu...@openssl.com >
Re: FIPS_mode_set(1) always returns false
On 09/07/2012 01:32 PM, Taraniteja Vishwanatha wrote: > I did not see any build instructions in > http://openssl.org/docs/fips/UserGuide-2.0.pdf These queries would more appropriately directed to the openssl-users list. Check the latest draft of the User Guide that hasn't been posted to openssl.org yet: http://opensslfoundation.com/testing/validation-2.0/docs/UserGuide-2.0.pdf The instructions are essentially the same as for the 1.2.x module. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com marqu...@openssl.com __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS_mode_set(1) always returns false
I did not see any build instructions in http://openssl.org/docs/fips/UserGuide-2.0.pdf to build the FIPS module for iOS. The instructions are given only in 1.2 User guide. http://openssl.org/docs/fips/UserGuide-1.2.pdf This is what I am confused about. How did you build the FIPS2.0 module for iOS? On Fri, Sep 7, 2012 at 1:26 PM, Ken Montagna wrote: > Shouldn’t you be using FIPS 2.0 object module with openssl 1.01c ? That is > what I am using > > ** ** > > *From:* owner-openssl-...@openssl.org [mailto: > owner-openssl-...@openssl.org] *On Behalf Of *Taraniteja Vishwanatha > *Sent:* Friday, September 07, 2012 7:21 AM > *To:* openssl-dev@openssl.org > *Subject:* FIPS_mode_set(1) always returns false > > ** ** > > Hey guys, > > ** ** > > I have built openssl-FIPS module (1.2.4) for iOS as per the instructions > in the user guide 1.2. I have included the headers and libraries in my test > app. I call FIPS_mode_set(1) in the app and it always returns false. > > Is it because 1.2.4 module supports iOS 5.0 and I am using iOS 5.1? > > Also, are 1.2.4 User guide instructions valid to build 2.0 module which > supports iOS 5.1? > > ** ** > > Thank you, > > Tarani >
RE: FIPS_mode_set(1) always returns false
Shouldn't you be using FIPS 2.0 object module with openssl 1.01c ? That is what I am using From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Taraniteja Vishwanatha Sent: Friday, September 07, 2012 7:21 AM To: openssl-dev@openssl.org Subject: FIPS_mode_set(1) always returns false Hey guys, I have built openssl-FIPS module (1.2.4) for iOS as per the instructions in the user guide 1.2. I have included the headers and libraries in my test app. I call FIPS_mode_set(1) in the app and it always returns false. Is it because 1.2.4 module supports iOS 5.0 and I am using iOS 5.1? Also, are 1.2.4 User guide instructions valid to build 2.0 module which supports iOS 5.1? Thank you, Tarani
Re: MIPS linux support patch
On 09/07/2012 11:55 AM, Brad House wrote: This patchset is against OpenSSL 1.0.1c. It does 2 things very minor things. First, it adds a linux-mipsel target to Configure. Second, it fixes the MIPS perlasm, it appears as though at some point AES_set_encrypt_key and AES_set_decrypt_key in the ASM needed to be renamed to private_AES_set_encrypt_key and private_AES_set_decrypt_key, respectively and MIPS got missed. Here's a second patch which updates the "config" os guess script as well, it should be applied along with the previous patch, as well as the patch I provided for the Configure script for supporting --sysroot. Example usage for my cross-development environment: export PATH=$PATH:/opt/uclibc/usr/bin export MACHINE=mips export CROSS_COMPILE=mipsel-linux- export ARCH=4ksd export SYSTEM=Linux export RELEASE=2.6 export options="--sysroot=/opt/uclibc -D_FILE_OFFSET_BITS=32" ./config -t Operating system: mips-whatever-linux2 Configuring for linux-mipsel /usr/bin/perl ./Configure linux-mipsel --sysroot=/opt/uclibc -D_FILE_OFFSET_BITS=32 -march=4ksd -Wa,--noexecstack Thanks. -Brad --- openssl-1.0.1c.old/config 2011-11-14 16:12:53.0 -0500 +++ openssl-1.0.1c/config 2012-09-07 12:35:37.843453817 -0400 @@ -644,6 +644,11 @@ armv[1-3]*-*-linux2) OUT="linux-generic32" ;; armv[7-9]*-*-linux2) OUT="linux-armv4"; options="$options -march=armv7-a" ;; arm*-*-linux2) OUT="linux-armv4" ;; + mips*-*-linux2) + OUT="linux-mipsel" + [ "$ARCH" ] || ARCH="mips2" + options="$options -march=$ARCH" + ;; sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;; sh*-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;; m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
[patch] fix Configure to allow --sysroot to be passed through to compiler
It appears if you pass something like:
./Configure linux-mips --sysroot=/opt/uclibc
because the Configure script doesn't expect compiler options
to begin with 2 hyphens, it errors out.
The attached patch against OpenSSL 1.0.1c fixes that.
Thanks.
-Brad
diff -ruN openssl-1.0.1c.old/Configure openssl-1.0.1c/Configure
--- openssl-1.0.1c.old/Configure2012-03-14 18:20:40.0 -0400
+++ openssl-1.0.1c/Configure2012-09-07 12:25:47.628436677 -0400
@@ -869,11 +869,6 @@
{
$libs.=$_." ";
}
- elsif (/^-[^-]/ or /^\+/)
- {
- $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
- $flags.=$_." ";
- }
elsif (/^--prefix=(.*)$/)
{
$prefix=$1;
@@ -918,6 +913,11 @@
{
$cross_compile_prefix=$1;
}
+ elsif (/^-/ or /^\+/)
+ {
+ $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
+ $flags.=$_." ";
+ }
else
{
print STDERR $usage;
MIPS linux support patch
This patchset is against OpenSSL 1.0.1c.
It does 2 things very minor things.
First, it adds a linux-mipsel target to Configure.
Second, it fixes the MIPS perlasm, it appears as though at some point
AES_set_encrypt_key and AES_set_decrypt_key in the ASM needed to be
renamed to private_AES_set_encrypt_key and private_AES_set_decrypt_key,
respectively and MIPS got missed.
Thanks.
-Brad
diff -ruN openssl-1.0.1c/Configure openssl-1.0.1c.mips/Configure
--- openssl-1.0.1c/Configure2012-03-14 18:20:40.0 -0400
+++ openssl-1.0.1c.mips/Configure 2012-09-07 09:00:15.0 -0400
@@ -401,6 +401,14 @@
"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN
-DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR
DES_RISC1 DES_UNROLL:${alpha_asm}",
"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN
-DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR
DES_RISC1 DES_UNROLL:${alpha_asm}",
+ MIPS Linux with GNU C
+# Special notes:
+# - in order for the assembly instructions to be usable, must be mips2 or
higher
+# as specified with the -march command line argument.
+# An example cross-compile command line might be:
+# CROSS_COMPILE=mipsel-linux- ./Configure "-march=4ksd
--sysroot=/opt/uclibc" linux-mipsel
+"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3
-Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
DES_RISC2:${mips32_asm}:elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
# Android: linux-* but without -DTERMIO and pointers to headers and libs.
"android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3
-fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK
DES_INT DES_UNROLL
BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib
-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des}
${x86_gcc_opts}:".eval{my
$asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff -ruN openssl-1.0.1c/crypto/aes/asm/aes-mips.pl
openssl-1.0.1c.mips/crypto/aes/asm/aes-mips.pl
--- openssl-1.0.1c/crypto/aes/asm/aes-mips.pl 2011-11-14 15:55:23.0
-0500
+++ openssl-1.0.1c.mips/crypto/aes/asm/aes-mips.pl 2012-09-07
08:22:30.0 -0400
@@ -1036,9 +1036,9 @@
nop
.end _mips_AES_set_encrypt_key
-.globl AES_set_encrypt_key
-.ent AES_set_encrypt_key
-AES_set_encrypt_key:
+.globl private_AES_set_encrypt_key
+.ent private_AES_set_encrypt_key
+private_AES_set_encrypt_key:
.frame $sp,$FRAMESIZE,$ra
.mask $SAVED_REGS_MASK,-$SZREG
.setnoreorder
@@ -1060,7 +1060,7 @@
___
$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
.cplocal$Tbl
- .cpsetup$pf,$zero,AES_set_encrypt_key
+ .cpsetup$pf,$zero,private_AES_set_encrypt_key
___
$code.=<<___;
.setreorder
@@ -1083,7 +1083,7 @@
$code.=<<___;
jr $ra
$PTR_ADD $sp,$FRAMESIZE
-.end AES_set_encrypt_key
+.end private_AES_set_encrypt_key
___
my ($head,$tail)=($inp,$bits);
@@ -1091,9 +1091,9 @@
my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2);
$code.=<<___;
.align 5
-.globl AES_set_decrypt_key
-.ent AES_set_decrypt_key
-AES_set_decrypt_key:
+.globl private_AES_set_decrypt_key
+.ent private_AES_set_decrypt_key
+private_AES_set_decrypt_key:
.frame $sp,$FRAMESIZE,$ra
.mask $SAVED_REGS_MASK,-$SZREG
.setnoreorder
@@ -1115,7 +1115,7 @@
___
$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
.cplocal$Tbl
- .cpsetup$pf,$zero,AES_set_decrypt_key
+ .cpsetup$pf,$zero,private_AES_set_decrypt_key
___
$code.=<<___;
.setreorder
@@ -1226,7 +1226,7 @@
$code.=<<___;
jr $ra
$PTR_ADD $sp,$FRAMESIZE
-.end AES_set_decrypt_key
+.end private_AES_set_decrypt_key
___
}}}
FIPS_mode_set(1) always returns false
Hey guys, I have built openssl-FIPS module (1.2.4) for iOS as per the instructions in the user guide 1.2. I have included the headers and libraries in my test app. I call FIPS_mode_set(1) in the app and it always returns false. Is it because 1.2.4 module supports iOS 5.0 and I am using iOS 5.1? Also, are 1.2.4 User guide instructions valid to build 2.0 module which supports iOS 5.1? Thank you, Tarani
Re: FIPS validation process
On 09/07/2012 03:14 AM, V.Ravikumar wrote: > Hello All, > I would be so thankful if somebody explains the application fips validation > process in details. > Also need purpose of below files and how they will be used in validation > process. > > fipscanister.o > > fipscanister.o.sha1 > > fips_premain.c: > > fips_premain.c.sha1 > > fipsld. > > Also what is process that is taking place in linking with fipsld. > > Thanks in advance. > > Regards, > > Ravi > This question would be more appropriate for the openssl-users list. See http://www.openssl.org/docs/fips/UserGuide-2.0.pdf -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com marqu...@openssl.com __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2836] [PATCH] Staple the correct OCSP Response when multiple certs are configured
Attached is an updated patch for CVS HEAD, plus a patch for the 1.0.2
branch.
Are you still accepting patches for 1.0.1?
Any chance of reviewing these patches soon?
Thanks.
On 19/06/12 21:15, Rob Stradling via RT wrote:
> The OCSP Stapling Callback function (s->ctx->tlsext_status_cb) is called
> during the parsing of the ClientHello message, before the server has
> decided which cipher to use. However, since the choice of cipher can
> influence which server certificate is sent, this means that the wrong
> OCSP Response may be sent in cases where multiple server certificates
> are configured.
>
> The attached patch against CVS HEAD makes the following changes:
> - Moves the s->ctx->tlsext_status_cb() call to just after the cipher
> has been chosen. This involves splitting ssl_check_clienthello_tlsext()
> into two functions: "early" and "late".
> - Updates SSL_get_certificate() so that it returns the server
> certificate that actually gets sent. (This is the function that Apache
> httpd's OCSP Stapling code calls in order to determine which OCSP
> Response to send).
>
> I've tested this patch successfully with an installation of httpd 2.4.2
> that has both an RSA cert and an ECC cert configured.
>
> If this patch is OK, I'd like to backport it to the OpenSSL 1.0.x branch
> as well.
>
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
Index: ssl/s3_srvr.c
===
RCS file: /v/openssl/cvs/openssl/ssl/s3_srvr.c,v
retrieving revision 1.239
diff -u -r1.239 s3_srvr.c
--- ssl/s3_srvr.c 15 Aug 2012 15:15:05 - 1.239
+++ ssl/s3_srvr.c 7 Sep 2012 10:00:12 -
@@ -1432,6 +1432,16 @@
* s->tmp.new_cipher- the new cipher to use.
*/
+ /* Handles TLS extensions that we couldn't check earlier */
+ if (s->version >= SSL3_VERSION)
+ {
+ if (ssl_check_clienthello_tlsext_late(s) <= 0)
+ {
+
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
+ goto err;
+ }
+ }
+
if (ret < 0) ret=1;
if (0)
{
Index: ssl/ssl_lib.c
===
RCS file: /v/openssl/cvs/openssl/ssl/ssl_lib.c,v
retrieving revision 1.242
diff -u -r1.242 ssl_lib.c
--- ssl/ssl_lib.c 31 Aug 2012 11:18:54 - 1.242
+++ ssl/ssl_lib.c 7 Sep 2012 10:00:12 -
@@ -2336,7 +2336,7 @@
#endif
-static int ssl_get_server_cert_index(SSL *s)
+static int ssl_get_server_cert_index(const SSL *s)
{
int idx;
idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
@@ -2347,7 +2347,7 @@
return idx;
}
-CERT_PKEY *ssl_get_server_send_pkey(SSL *s)
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
{
CERT *c;
int i;
@@ -2833,6 +2833,14 @@
/* Fix this function so that it takes an optional type parameter */
X509 *SSL_get_certificate(const SSL *s)
{
+ if (s->server)
+ {
+ CERT_PKEY *certpkey;
+ certpkey = ssl_get_server_send_pkey(s);
+ if (certpkey && certpkey->x509)
+ return certpkey->x509;
+ }
+
if (s->cert != NULL)
return(s->cert->key->x509);
else
Index: ssl/ssl_locl.h
===
RCS file: /v/openssl/cvs/openssl/ssl/ssl_locl.h,v
retrieving revision 1.155
diff -u -r1.155 ssl_locl.h
--- ssl/ssl_locl.h 31 Aug 2012 11:18:54 - 1.155
+++ ssl/ssl_locl.h 7 Sep 2012 10:00:12 -
@@ -934,7 +934,7 @@
int ssl_undefined_function(SSL *s);
int ssl_undefined_void_function(void);
int ssl_undefined_const_function(const SSL *s);
-CERT_PKEY *ssl_get_server_send_pkey(SSL *);
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
unsigned char *ssl_get_authz_data(SSL *s, size_t *authz_length);
EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *c, const EVP_MD **pmd);
int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
@@ -1201,6 +1201,7 @@
unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned
char *limit);
unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned
char *limit);
int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char
*d, int n);
+int ssl_check_clienthello_tlsext_late(SSL *s);
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char
*d, int n);
int ssl_prepare_clienthello_tlsext(SSL *s);
int ssl_prepare_serverhello_tlsext(SSL *s);
Index: ssl/t1_lib.c
===
RCS file: /v/openssl/cvs/openssl/ssl/t1_lib.c,v
retrieving revision 1.139
diff -u -r1.139 t1_lib.c
--- ssl/t1_lib.c29 Aug 2012 13:18:34 - 1.139
+++ ssl/t1_lib.c7 Sep 2012 10:0
[openssl.org #2873] [Bug] -noemailDN only affects Subject DN
When the -noemailDN flag is used with the openssl ca command, the email address is only removed from the Subject DN, but not the Issuer DN. This leaves self-signed CA certs created with this flag unverifiable, because the DNs do not match. -- Stefan H. Holek ste...@epy.co.at __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2872] Bug Report
Hello there Good Morning I need to report a bug and also need a clarification on the same. My name is Santhosh working in Bangalore. I have downloaded your library for testing purpose and found two issue.Please confirm me whether its an issue Or the feature of the open ssl library itself. 1. In case 1 I am using a TCP connection between client and server. They have gone through the necessary handshakes Of exchanging the keys .Now I am trying to send only the alternate packet from the client to the server ,But the decryption is returning a junk value. The Encrypted string sent from the client to server is something like this "12345678" and every time I am sending a different String with same length. Now if I send all the packets(not the alternate) from client to the server ,packets are decrypted properly at the server end. Please be noted Its just a simple string and packets are not dependent on each other. The problem occurs when I send the alternate packets. Is it known issue or this issue has been fixed already kindly confirm. 1. In the second case I am using UDP connection where in the packets can arrive out of sequence and when the packets arrive in wrong sequence The decryption fails at the server end. So is there is any requirement from the library that the packets should arrive in sequence ,then only decryption will happen properly Again be noted that packets have no dependency on each other and they are independent small sized packets May be I am assuming something wrong.Kindly throw some light on the same Response will be highly appreciated Thankyou Santhosh.k Hello there Good Morning I need to report a bug and also need a clarification on the same. My name is Santhosh working in Bangalore. I have downloaded your library for testing purpose and found two issue.Please confirm me whether its an issue Or the feature of the open ssl library itself. In case 1 I am using a TCP connection between client and server. They have gone through the necessary handshakes Of exchanging the keys .Now I am trying to send only the alternate packet from the client to the server ,But the decryption is returning a junk value. The Encrypted string sent from the client to server is something like this “12345678” and every time I am sending a different String with same length. Now if I send all the packets(not the alternate) from client to the server ,packets are decrypted properly at the server end. Please be noted Its just a simple string and packets are not dependent on each other. The problem occurs when I send the alternate packets. Is it known issue or this issue has been fixed already kindly confirm. In the second case I am using UDP connection where in the packets can arrive out of sequence and when the packets arrive in wrong sequence The decryption fails at the server end. So is there is any requirement from the library that the packets should arrive in sequence ,then only decryption will happen properly Again be noted that packets have no dependency on each other and they are independent small sized packets May be I am assuming something wrong.Kindly throw some light on the same Response will be highly appreciated Thankyou Santhosh.k
[openssl.org #2871] bug report
Hello OpenSSL team!
There is a bug in the session resume (server side, when SSL_OP_NO_TICKET
option specified) code.
This is hash function for session id:
static unsigned long ssl_session_hash(const SSL_SESSION *a)
{
unsigned long l;
l=(unsigned long)
((unsigned int) a->session_id[0] )|
((unsigned int) a->session_id[1]<< 8L)|
((unsigned long)a->session_id[2]<<16L)|
((unsigned long)a->session_id[3]<<24L);
return(l);
}
But in session finding function
int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, const
unsigned char *limit)
we have session_id copying.
SSL_SESSION data;
data.ssl_version=s->version;
data.session_id_length=len;
if (len == 0)
return 0;
memcpy(data.session_id,session_id,len);<--- *problem is here*
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
ret=lh_SSL_SESSION_retrieve(s->session_ctx->sessions,&data);
So, for session_id length == 3 (so, any length below 4)
("The length of the session id is 16 bytes for SSLv2 sessions and between 1
and 32 bytes for SSLv3/TLSv1.",
http://www.openssl.org/docs/ssl/SSL_CTX_set_generate_session_id.html)
we will have *garbage *in the "a->session_id[3]" in
ssl_session_hash
function.
*Solution*: add
memset(data.session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); // is needed
when we have session_id < 4 bytes (Hash sum is calculated from the first 4
bytes!)
before
memcpy(data.session_id,session_id,len);<--- problem code
code line.
I have found this bug in 0.9.8m version, but code analyzing show this
problem in the "openssl-1.0.1c" version too.
Hello OpenSSL team!There is a bug ?in the session resume (server side, when SSL_OP_NO_TICKET option specified) code.This is hash function for session id:static unsigned long ssl_session_hash(const SSL_SESSION *a)
{ unsigned long l; l=(unsigned long)
((unsigned int) a->session_id[0] ? ? )| ((unsigned int) a->session_id[1]<< 8L)|
((unsigned long)a->session_id[2]<<16L)| ((unsigned long)a->session_id[3]<<24L);
return(l); }But in session finding function?
int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,?const unsigned char *limit)we have session_id copying. SSL_SESSION data;
data.ssl_version=s->version; data.session_id_length=len; if (len == 0)
return 0; memcpy(data.session_id,session_id,len); ? ?<--- problem is here
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); ret=lh_SSL_SESSION_retrieve(s->session_ctx->sessions,&data);
So, for session_id length == 3 (so, any length below 4)("The length of the session id is 16 bytes for SSLv2 sessions and between 1 and 32 bytes for SSLv3/TLSv1.",?http://www.openssl.org/docs/ssl/SSL_CTX_set_generate_session_id.html)
we will have garbage in the "a->session_id[3]" in?ssl_session_hashfunction.Solution: add?? memset(data.session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); // is needed when we have session_id < 4 bytes (Hash sum is calculated from the first 4 bytes!)
before?memcpy(data.session_id,session_id,len); ? ?<--- problem code
code line.I have found this bug in 0.9.8m version, but code analyzing show this problem in the "openssl-1.0.1c" ?version too.
[openssl.org #2870] OpenSSL 0.9.8o 01 Jun 2010 configuration file dir bug
OpenSSL 0.9.8o 01 Jun 2010 In configuration file, [ CA_default ] dir = ~/demoCA This will cause problem loading the private key for CA(fopen cannot find file or directory but I can actually use more to view that file). Changing this to absolute path fixes this problem. Yang __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
