packages/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!171 backport some upstream patches

Browse Source 
From: @flysubmarine 
Reviewed-by: @zcfsite 
Signed-off-by: @zcfsite
This commit is contained in:
openeuler-ci-bot 2022-11-07 09:33:16 +00:00 committed by Gitee
commit 0e6b5f9981
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
5 changed files with 721 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

440
backport-Fix-a-DTLS-server-hangup-due-to-TLS13_AD_MISSING_EXT.patch Normal file
View File

@ -0,0 +1,440 @@
From 6e73a0a0bd608daecb8e2c1e46de9d1014194c84 Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Tue, 12 Apr 2022 08:27:21 +0200
Subject: [PATCH] Fix a DTLS server hangup due to TLS13_AD_MISSING_EXTENSION
This causes the DTLS server to enter an error state:
./openssl s_server -dtls
./openssl s_client -dtls -maxfraglen 512 -sess_out s1.txt
[...]
Q
./openssl s_client -dtls -sess_in s1.txt
CONNECTED(00000003)
^C
./openssl s_client -dtls
CONNECTED(00000003)
140335537067840:error:14102410:SSL routines:dtls1_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_d1.c:614:SSL alert number 40
At this point the dtls server needs to be restarted,
because verify_cookie_callback always fails, because
the previous cookie is checked against the current one.
The reason for this is not fully understood.
In wireshark we see the following each time:
c->s Client Hello (without cookie)
s->c Hello Verify Request (with new cookie)
s->c Alert (Level: Fatal, Description: Handshake Failure)
c->s Client Hello (echoes new cookie)
The client gives up when the Alert arrives.
The Alert is triggered because the server calls
verify_cookie_callback with the previous cookie,
although it just sent the current cookie in the
Hello Verify Request.
However this does only happen because no Alert message
is sent when the client re-connects the session with
the missing -maxfraglen option.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18094)
---
ssl/s3_enc.c | 2 +
ssl/t1_enc.c | 2 +
test/ssl-tests/10-resumption.conf | 121 +++++++++++++++++++++++-
test/ssl-tests/11-dtls_resumption.conf | 124 ++++++++++++++++++++++++-
test/ssl-tests/protocol_version.pm | 63 +++++++++++++
5 files changed, 310 insertions(+), 2 deletions(-)
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 8a89f512fe..eb1f36ac7e 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -589,6 +589,8 @@ int ssl3_alert_code(int code)
return TLS1_AD_NO_APPLICATION_PROTOCOL;
case SSL_AD_CERTIFICATE_REQUIRED:
return SSL_AD_HANDSHAKE_FAILURE;
+ case SSL_AD_MISSING_EXTENSION:
+ return SSL_AD_HANDSHAKE_FAILURE;
default:
return -1;
}
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index c85c0b0310..2087b274d1 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -672,6 +672,8 @@ int tls1_alert_code(int code)
return TLS1_AD_NO_APPLICATION_PROTOCOL;
case SSL_AD_CERTIFICATE_REQUIRED:
return SSL_AD_HANDSHAKE_FAILURE;
+ case SSL_AD_MISSING_EXTENSION:
+ return SSL_AD_HANDSHAKE_FAILURE;
default:
return -1;
}
diff --git a/test/ssl-tests/10-resumption.conf b/test/ssl-tests/10-resumption.conf
index 73de974ab0..a33a1d80e4 100644
--- a/test/ssl-tests/10-resumption.conf
+++ b/test/ssl-tests/10-resumption.conf
@@ -1,6 +1,6 @@
# Generated with generate_ssl_tests.pl
-num_tests = 65
+num_tests = 68
test-0 = 0-resumption
test-1 = 1-resumption
@@ -67,6 +67,9 @@ test-61 = 61-resumption
test-62 = 62-resumption
test-63 = 63-resumption
test-64 = 64-resumption-with-hrr
+test-65 = 65-resumption-when-mfl-ext-is-missing
+test-66 = 66-resumption-when-mfl-ext-is-different
+test-67 = 67-resumption-when-mfl-ext-is-correct
# ===========================================================
[0-resumption]
@@ -2437,3 +2440,119 @@ Method = TLS
ResumptionExpected = Yes
+# ===========================================================
+
+[65-resumption-when-mfl-ext-is-missing]
+ssl_conf = 65-resumption-when-mfl-ext-is-missing-ssl
+
+[65-resumption-when-mfl-ext-is-missing-ssl]
+server = 65-resumption-when-mfl-ext-is-missing-server
+client = 65-resumption-when-mfl-ext-is-missing-client
+resume-server = 65-resumption-when-mfl-ext-is-missing-server
+resume-client = 65-resumption-when-mfl-ext-is-missing-resume-client
+
+[65-resumption-when-mfl-ext-is-missing-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[65-resumption-when-mfl-ext-is-missing-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[65-resumption-when-mfl-ext-is-missing-resume-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-65]
+ExpectedResult = ServerFail
+HandshakeMode = Resume
+ResumptionExpected = No
+client = 65-resumption-when-mfl-ext-is-missing-client-extra
+
+[65-resumption-when-mfl-ext-is-missing-client-extra]
+MaxFragmentLenExt = 512
+
+
+# ===========================================================
+
+[66-resumption-when-mfl-ext-is-different]
+ssl_conf = 66-resumption-when-mfl-ext-is-different-ssl
+
+[66-resumption-when-mfl-ext-is-different-ssl]
+server = 66-resumption-when-mfl-ext-is-different-server
+client = 66-resumption-when-mfl-ext-is-different-client
+resume-server = 66-resumption-when-mfl-ext-is-different-server
+resume-client = 66-resumption-when-mfl-ext-is-different-resume-client
+
+[66-resumption-when-mfl-ext-is-different-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[66-resumption-when-mfl-ext-is-different-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[66-resumption-when-mfl-ext-is-different-resume-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-66]
+ExpectedResult = ServerFail
+HandshakeMode = Resume
+ResumptionExpected = No
+client = 66-resumption-when-mfl-ext-is-different-client-extra
+resume-client = 66-resumption-when-mfl-ext-is-different-resume-client-extra
+
+[66-resumption-when-mfl-ext-is-different-client-extra]
+MaxFragmentLenExt = 512
+
+[66-resumption-when-mfl-ext-is-different-resume-client-extra]
+MaxFragmentLenExt = 1024
+
+
+# ===========================================================
+
+[67-resumption-when-mfl-ext-is-correct]
+ssl_conf = 67-resumption-when-mfl-ext-is-correct-ssl
+
+[67-resumption-when-mfl-ext-is-correct-ssl]
+server = 67-resumption-when-mfl-ext-is-correct-server
+client = 67-resumption-when-mfl-ext-is-correct-client
+resume-server = 67-resumption-when-mfl-ext-is-correct-server
+resume-client = 67-resumption-when-mfl-ext-is-correct-resume-client
+
+[67-resumption-when-mfl-ext-is-correct-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[67-resumption-when-mfl-ext-is-correct-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[67-resumption-when-mfl-ext-is-correct-resume-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-67]
+ExpectedResult = Success
+HandshakeMode = Resume
+ResumptionExpected = Yes
+client = 67-resumption-when-mfl-ext-is-correct-client-extra
+resume-client = 67-resumption-when-mfl-ext-is-correct-resume-client-extra
+
+[67-resumption-when-mfl-ext-is-correct-client-extra]
+MaxFragmentLenExt = 512
+
+[67-resumption-when-mfl-ext-is-correct-resume-client-extra]
+MaxFragmentLenExt = 512
+
+
diff --git a/test/ssl-tests/11-dtls_resumption.conf b/test/ssl-tests/11-dtls_resumption.conf
index a981fa51df..635279a30f 100644
--- a/test/ssl-tests/11-dtls_resumption.conf
+++ b/test/ssl-tests/11-dtls_resumption.conf
@@ -1,6 +1,6 @@
# Generated with generate_ssl_tests.pl
-num_tests = 16
+num_tests = 19
test-0 = 0-resumption
test-1 = 1-resumption
@@ -18,6 +18,9 @@ test-12 = 12-resumption
test-13 = 13-resumption
test-14 = 14-resumption
test-15 = 15-resumption
+test-16 = 16-resumption-when-mfl-ext-is-missing
+test-17 = 17-resumption-when-mfl-ext-is-different
+test-18 = 18-resumption-when-mfl-ext-is-correct
# ===========================================================
[0-resumption]
@@ -618,3 +621,122 @@ Method = DTLS
ResumptionExpected = Yes
+# ===========================================================
+
+[16-resumption-when-mfl-ext-is-missing]
+ssl_conf = 16-resumption-when-mfl-ext-is-missing-ssl
+
+[16-resumption-when-mfl-ext-is-missing-ssl]
+server = 16-resumption-when-mfl-ext-is-missing-server
+client = 16-resumption-when-mfl-ext-is-missing-client
+resume-server = 16-resumption-when-mfl-ext-is-missing-server
+resume-client = 16-resumption-when-mfl-ext-is-missing-resume-client
+
+[16-resumption-when-mfl-ext-is-missing-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[16-resumption-when-mfl-ext-is-missing-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[16-resumption-when-mfl-ext-is-missing-resume-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-16]
+ExpectedResult = ServerFail
+HandshakeMode = Resume
+Method = DTLS
+ResumptionExpected = No
+client = 16-resumption-when-mfl-ext-is-missing-client-extra
+
+[16-resumption-when-mfl-ext-is-missing-client-extra]
+MaxFragmentLenExt = 512
+
+
+# ===========================================================
+
+[17-resumption-when-mfl-ext-is-different]
+ssl_conf = 17-resumption-when-mfl-ext-is-different-ssl
+
+[17-resumption-when-mfl-ext-is-different-ssl]
+server = 17-resumption-when-mfl-ext-is-different-server
+client = 17-resumption-when-mfl-ext-is-different-client
+resume-server = 17-resumption-when-mfl-ext-is-different-server
+resume-client = 17-resumption-when-mfl-ext-is-different-resume-client
+
+[17-resumption-when-mfl-ext-is-different-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[17-resumption-when-mfl-ext-is-different-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[17-resumption-when-mfl-ext-is-different-resume-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-17]
+ExpectedResult = ServerFail
+HandshakeMode = Resume
+Method = DTLS
+ResumptionExpected = No
+client = 17-resumption-when-mfl-ext-is-different-client-extra
+resume-client = 17-resumption-when-mfl-ext-is-different-resume-client-extra
+
+[17-resumption-when-mfl-ext-is-different-client-extra]
+MaxFragmentLenExt = 512
+
+[17-resumption-when-mfl-ext-is-different-resume-client-extra]
+MaxFragmentLenExt = 1024
+
+
+# ===========================================================
+
+[18-resumption-when-mfl-ext-is-correct]
+ssl_conf = 18-resumption-when-mfl-ext-is-correct-ssl
+
+[18-resumption-when-mfl-ext-is-correct-ssl]
+server = 18-resumption-when-mfl-ext-is-correct-server
+client = 18-resumption-when-mfl-ext-is-correct-client
+resume-server = 18-resumption-when-mfl-ext-is-correct-server
+resume-client = 18-resumption-when-mfl-ext-is-correct-resume-client
+
+[18-resumption-when-mfl-ext-is-correct-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[18-resumption-when-mfl-ext-is-correct-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[18-resumption-when-mfl-ext-is-correct-resume-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-18]
+ExpectedResult = Success
+HandshakeMode = Resume
+Method = DTLS
+ResumptionExpected = Yes
+client = 18-resumption-when-mfl-ext-is-correct-client-extra
+resume-client = 18-resumption-when-mfl-ext-is-correct-resume-client-extra
+
+[18-resumption-when-mfl-ext-is-correct-client-extra]
+MaxFragmentLenExt = 512
+
+[18-resumption-when-mfl-ext-is-correct-resume-client-extra]
+MaxFragmentLenExt = 512
+
+
diff --git a/test/ssl-tests/protocol_version.pm b/test/ssl-tests/protocol_version.pm
index 943719e84a..039d782b73 100644
--- a/test/ssl-tests/protocol_version.pm
+++ b/test/ssl-tests/protocol_version.pm
@@ -265,6 +265,69 @@ sub generate_resumption_tests {
};
}
+ push @client_tests, {
+ "name" => "resumption-when-mfl-ext-is-missing",
+ "server" => {
+ },
+ "client" => {
+ "extra" => {
+ "MaxFragmentLenExt" => 512,
+ },
+ },
+ "resume_client" => {
+ },
+ "test" => {
+ "Method" => $method,
+ "HandshakeMode" => "Resume",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "ServerFail",
+ }
+ };
+
+ push @client_tests, {
+ "name" => "resumption-when-mfl-ext-is-different",
+ "server" => {
+ },
+ "client" => {
+ "extra" => {
+ "MaxFragmentLenExt" => 512,
+ },
+ },
+ "resume_client" => {
+ "extra" => {
+ "MaxFragmentLenExt" => 1024,
+ },
+ },
+ "test" => {
+ "Method" => $method,
+ "HandshakeMode" => "Resume",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "ServerFail",
+ }
+ };
+
+ push @client_tests, {
+ "name" => "resumption-when-mfl-ext-is-correct",
+ "server" => {
+ },
+ "client" => {
+ "extra" => {
+ "MaxFragmentLenExt" => 512,
+ },
+ },
+ "resume_client" => {
+ "extra" => {
+ "MaxFragmentLenExt" => 512,
+ },
+ },
+ "test" => {
+ "Method" => $method,
+ "HandshakeMode" => "Resume",
+ "ResumptionExpected" => "Yes",
+ "ExpectedResult" => "Success",
+ }
+ };
+
return (@server_tests, @client_tests);
}
--
2.17.1

74
backport-Fix-a-memory-leak-in-X509_issuer_and_serial_hash.patch Normal file
View File

@ -0,0 +1,74 @@
From 59b8eca400d9ea7b77dc98fe08a91bbfe35d025a Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Sat, 21 May 2022 15:41:46 +0200
Subject: [PATCH] Fix a memory leak in X509_issuer_and_serial_hash
This is reproducible with my error injection patch:
$ ERROR_INJECT=1653267699 ../util/shlib_wrap.sh ./x509-test ./corpora/x509/5f4034ae85d6587dcad4da3e812e80f3d312894d
ERROR_INJECT=1653267699
#0 0x7fd485a6ad4f in __sanitizer_print_stack_trace ../../../../src/libsanitizer/asan/asan_stack.cc:36
#1 0x55c12d268724 in my_malloc fuzz/test-corpus.c:114
#2 0x7fd484f51a75 in CRYPTO_zalloc crypto/mem.c:230
#3 0x7fd484ed778d in EVP_DigestInit_ex crypto/evp/digest.c:139
#4 0x7fd4850a9849 in X509_issuer_and_serial_hash crypto/x509/x509_cmp.c:44
#5 0x55c12d268951 in FuzzerTestOneInput fuzz/x509.c:44
#6 0x55c12d268239 in testfile fuzz/test-corpus.c:182
#7 0x55c12d267c7f in main fuzz/test-corpus.c:226
#8 0x7fd483a42082 in __libc_start_main ../csu/libc-start.c:308
#9 0x55c12d267e5d in _start (/home/ed/OPCToolboxV5/Source/Core/OpenSSL/openssl/fuzz/x509-test+0x3e5d)
=================================================================
==1058475==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 268 byte(s) in 1 object(s) allocated from:
#0 0x7fd485a5dc3e in __interceptor_realloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:163
#1 0x7fd484d2eb9b in BUF_MEM_grow crypto/buffer/buffer.c:97
#2 0x7fd4850b2913 in X509_NAME_oneline crypto/x509/x509_obj.c:43
#3 0x7fd4850a982f in X509_issuer_and_serial_hash crypto/x509/x509_cmp.c:41
#4 0x55c12d268951 in FuzzerTestOneInput fuzz/x509.c:44
#5 0x55c12d268239 in testfile fuzz/test-corpus.c:182
#6 0x55c12d267c7f in main fuzz/test-corpus.c:226
#7 0x7fd483a42082 in __libc_start_main ../csu/libc-start.c:308
SUMMARY: AddressSanitizer: 268 byte(s) leaked in 1 allocation(s).
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18370)
---
crypto/x509/x509_cmp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 1d8d2d7b28..1661cac634 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -34,7 +34,7 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
unsigned long ret = 0;
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
unsigned char md[16];
- char *f;
+ char *f = NULL;
if (ctx == NULL)
goto err;
@@ -45,7 +45,6 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
goto err;
if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f)))
goto err;
- OPENSSL_free(f);
if (!EVP_DigestUpdate
(ctx, (unsigned char *)a->cert_info.serialNumber.data,
(unsigned long)a->cert_info.serialNumber.length))
@@ -56,6 +55,7 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
) & 0xffffffffL;
err:
+ OPENSSL_free(f);
EVP_MD_CTX_free(ctx);
return ret;
}
--
2.17.1

145
backport-Fix-an-assertion-in-the-DTLS-server-code.patch Normal file
View File

@ -0,0 +1,145 @@
From 564a8d442cbd8ce68d452ff2e8a58c0aea6b0632 Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Mon, 11 Apr 2022 10:12:48 +0200
Subject: [PATCH] Fix an assertion in the DTLS server code
This fixes an internal error alert from the server and
an unexpected connection failure in the release version,
but a failed assertion and a server crash in the
debug version.
Reproduce this issue with a DTLS server/client like that:
./openssl s_server -dtls -mtu 1500
./openssl s_client -dtls -maxfraglen 512
In the debug version a crash happens in the Server now:
./openssl s_server -dtls -mtu 1500
Using default temp DH parameters
ACCEPT
ssl/statem/statem_dtls.c:269: OpenSSL internal error: Assertion failed: len == written
Aborted (core dumped)
While in the release version the handshake exceeds the
negotiated max fragment size, and fails because of this:
$ ./openssl s_server -dtls -mtu 1500
Using default temp DH parameters
ACCEPT
ERROR
4057152ADA7F0000:error:0A0000C2:SSL routines:do_dtls1_write:exceeds max fragment size:ssl/record/rec_layer_d1.c:826:
shutting down SSL
CONNECTION CLOSED
From the client's point of view the connection fails
with an Internal Error Alert:
$ ./openssl s_client -dtls -maxfraglen 512
Connecting to ::1
CONNECTED(00000003)
40B76343377F0000:error:0A000438:SSL routines:dtls1_read_bytes:tlsv1 alert internal error:ssl/record/rec_layer_d1.c:613:SSL alert number 80
and now the connection attempt fails unexpectedly.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18093)
(cherry picked from commit e915c3f5381cd38ebdc1824c3ba9896ea7160103)
---
ssl/statem/statem_dtls.c | 6 ++---
test/dtls_mtu_test.c | 48 +++++++++++++++++++++++++++++++++++++++-
2 files changed, 50 insertions(+), 4 deletions(-)
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index 8e3fb686ee..620367ace4 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -218,8 +218,8 @@ int dtls1_do_write(SSL *s, int type)
else
len = s->init_num;
- if (len > s->max_send_fragment)
- len = s->max_send_fragment;
+ if (len > ssl_get_max_send_fragment(s))
+ len = ssl_get_max_send_fragment(s);
/*
* XDTLS: this function is too long. split out the CCS part
@@ -241,7 +241,7 @@ int dtls1_do_write(SSL *s, int type)
ret = dtls1_write_bytes(s, type, &s->init_buf->data[s->init_off], len,
&written);
- if (ret < 0) {
+ if (ret <= 0) {
/*
* might need to update MTU here, but we don't know which
* previous packet caused the failure -- so can't really
diff --git a/test/dtls_mtu_test.c b/test/dtls_mtu_test.c
index f20edf02d2..9b69e80a62 100644
--- a/test/dtls_mtu_test.c
+++ b/test/dtls_mtu_test.c
@@ -185,12 +185,58 @@ static int run_mtu_tests(void)
end:
SSL_CTX_free(ctx);
- bio_s_mempacket_test_free();
return ret;
}
+static int test_server_mtu_larger_than_max_fragment_length(void)
+{
+ SSL_CTX *ctx = NULL;
+ SSL *srvr_ssl = NULL, *clnt_ssl = NULL;
+ int rv = 0;
+
+ if (!TEST_ptr(ctx = SSL_CTX_new(DTLS_method())))
+ goto end;
+
+ SSL_CTX_set_psk_server_callback(ctx, srvr_psk_callback);
+ SSL_CTX_set_psk_client_callback(ctx, clnt_psk_callback);
+
+#ifndef OPENSSL_NO_DH
+ if (!TEST_true(SSL_CTX_set_dh_auto(ctx, 1)))
+ goto end;
+#endif
+
+ if (!TEST_true(create_ssl_objects(ctx, ctx, &srvr_ssl, &clnt_ssl,
+ NULL, NULL)))
+ goto end;
+
+ SSL_set_options(srvr_ssl, SSL_OP_NO_QUERY_MTU);
+ if (!TEST_true(DTLS_set_link_mtu(srvr_ssl, 1500)))
+ goto end;
+
+ SSL_set_tlsext_max_fragment_length(clnt_ssl,
+ TLSEXT_max_fragment_length_512);
+
+ if (!TEST_true(create_ssl_connection(srvr_ssl, clnt_ssl,
+ SSL_ERROR_NONE)))
+ goto end;
+
+ rv = 1;
+
+ end:
+ SSL_free(clnt_ssl);
+ SSL_free(srvr_ssl);
+ SSL_CTX_free(ctx);
+ return rv;
+}
+
int setup_tests(void)
{
ADD_TEST(run_mtu_tests);
+ ADD_TEST(test_server_mtu_larger_than_max_fragment_length);
return 1;
}
+
+void cleanup_tests(void)
+{
+ bio_s_mempacket_test_free();
+}
--
2.17.1

54
backport-Fix-strict-client-chain-check-with-TLS-1.3.patch Normal file
View File

@ -0,0 +1,54 @@
From 3bd976551e549c030bdbd150c7aa8a1980cb00fe Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Tue, 29 Mar 2022 13:31:34 +0200
Subject: [PATCH] Fix strict client chain check with TLS-1.3
When TLS-1.3 is used and the server does not send any CA names
the ca_dn will be NULL. sk_X509_NAME_num() returns -1 on null
argument.
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17986)
(cherry picked from commit 89dd85430770d39cbfb15eb586c921958ca7687f)
---
ssl/t1_lib.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4de4623a49..5fcb40eaff 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2369,22 +2369,20 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
ca_dn = s->s3->tmp.peer_ca_names;
- if (!sk_X509_NAME_num(ca_dn))
+ if (ca_dn == NULL
+ || sk_X509_NAME_num(ca_dn) == 0
+ || ssl_check_ca_name(ca_dn, x))
rv |= CERT_PKEY_ISSUER_NAME;
-
- if (!(rv & CERT_PKEY_ISSUER_NAME)) {
- if (ssl_check_ca_name(ca_dn, x))
- rv |= CERT_PKEY_ISSUER_NAME;
- }
- if (!(rv & CERT_PKEY_ISSUER_NAME)) {
+ else
for (i = 0; i < sk_X509_num(chain); i++) {
X509 *xtmp = sk_X509_value(chain, i);
+
if (ssl_check_ca_name(ca_dn, xtmp)) {
rv |= CERT_PKEY_ISSUER_NAME;
break;
}
}
- }
+
if (!check_flags && !(rv & CERT_PKEY_ISSUER_NAME))
goto end;
} else
--
2.17.1

9
openssl.spec
View File

@ -2,7 +2,7 @@
Name: openssl
Epoch: 1
Version: 1.1.1m
Release: 15
Release: 16
Summary: Cryptography and SSL/TLS Toolkit
License: OpenSSL and SSLeay
URL: https://www.openssl.org/
@ -63,6 +63,10 @@ Patch52: backport-Do-not-send-an-empty-supported-groups-extension.patch
Patch53: backport-x509-use-actual-issuer-name-if-a-CA-is-used.patch
Patch54: backport-ticket_lifetime_hint-may-exceed-1-week-in-TLSv1.3.patch
Patch55: backport-Fix-a-memory-leak-in-crl_set_issuers.patch
Patch56: backport-Fix-a-DTLS-server-hangup-due-to-TLS13_AD_MISSING_EXT.patch
Patch57: backport-Fix-an-assertion-in-the-DTLS-server-code.patch
Patch58: backport-Fix-a-memory-leak-in-X509_issuer_and_serial_hash.patch
Patch59: backport-Fix-strict-client-chain-check-with-TLS-1.3.patch
BuildRequires: gcc perl make lksctp-tools-devel coreutils util-linux zlib-devel
Requires: coreutils %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
@ -265,6 +269,9 @@ make test || :
%ldconfig_scriptlets libs
%changelog
* Mon Nov 7 2022 steven.ygui<steven_ygui@163.com> - 1:1.1.1m-16
- backport some patches
* Mon Nov 7 2022 fangxiuning<fangxiuning@huawei.com> - 1:1.1.1m-15
- backport some patches