[openssl-commits] [openssl] OpenSSL source code branch master updated. 95275599399e277e71d064790a1f828a99fc661a

Dr. Stephen Henson steve at openssl.org
Fri Jan 2 23:01:01 UTC 2015


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".

The branch, master has been updated
       via  95275599399e277e71d064790a1f828a99fc661a (commit)
       via  63eab8a620944a990ab3985620966ccd9f48d681 (commit)
      from  4f605ccb779e32a770093d687e0554e0bbb137d3 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 95275599399e277e71d064790a1f828a99fc661a
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Fri Jan 2 22:40:41 2015 +0000

    Remove SGC restart flag.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>

commit 63eab8a620944a990ab3985620966ccd9f48d681
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Fri Oct 24 02:36:13 2014 +0100

    Remove MS SGC
    
    MS Server gated cryptography is obsolete and dates from the time of export
    restrictions on strong encryption and is only used by ancient versions of
    MSIE.
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 doc/crypto/BIO_f_ssl.pod     |    2 +-
 doc/ssl/SSL_accept.pod       |    5 +--
 doc/ssl/SSL_do_handshake.pod |    5 +--
 ssl/d1_srvr.c                |   21 +++----------
 ssl/s3_both.c                |   11 -------
 ssl/s3_srvr.c                |   69 +++++-------------------------------------
 ssl/ssl3.h                   |   10 ------
 ssl/ssl_locl.h               |    1 -
 8 files changed, 15 insertions(+), 109 deletions(-)

diff --git a/doc/crypto/BIO_f_ssl.pod b/doc/crypto/BIO_f_ssl.pod
index bc5861a..a9f23f1 100644
--- a/doc/crypto/BIO_f_ssl.pod
+++ b/doc/crypto/BIO_f_ssl.pod
@@ -108,7 +108,7 @@ SSL BIOs are exceptional in that if the underlying transport
 is non blocking they can still request a retry in exceptional
 circumstances. Specifically this will happen if a session
 renegotiation takes place during a BIO_read() operation, one
-case where this happens is when SGC or step up occurs.
+case where this happens is when step up occurs.
 
 In OpenSSL 0.9.6 and later the SSL flag SSL_AUTO_RETRY can be
 set to disable this behaviour. That is when this flag is set
diff --git a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod
index 2239444..89ad6bd 100644
--- a/doc/ssl/SSL_accept.pod
+++ b/doc/ssl/SSL_accept.pod
@@ -21,10 +21,7 @@ B<ssl> by setting an underlying B<BIO>.
 The behaviour of SSL_accept() depends on the underlying BIO. 
 
 If the underlying BIO is B<blocking>, SSL_accept() will only return once the
-handshake has been finished or an error occurred, except for SGC (Server
-Gated Cryptography). For SGC, SSL_accept() may return with -1, but
-SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and SSL_accept()
-should be called again.
+handshake has been finished or an error occurred.
 
 If the underlying BIO is B<non-blocking>, SSL_accept() will also return
 when the underlying BIO could not satisfy the needs of SSL_accept()
diff --git a/doc/ssl/SSL_do_handshake.pod b/doc/ssl/SSL_do_handshake.pod
index b35ddf5..8b590c9 100644
--- a/doc/ssl/SSL_do_handshake.pod
+++ b/doc/ssl/SSL_do_handshake.pod
@@ -23,10 +23,7 @@ L<SSL_set_accept_state(3)|SSL_set_accept_state(3)>.
 The behaviour of SSL_do_handshake() depends on the underlying BIO.
 
 If the underlying BIO is B<blocking>, SSL_do_handshake() will only return
-once the handshake has been finished or an error occurred, except for SGC
-(Server Gated Cryptography). For SGC, SSL_do_handshake() may return with -1,
-but SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and
-SSL_do_handshake() should be called again.
+once the handshake has been finished or an error occurred.
 
 If the underlying BIO is B<non-blocking>, SSL_do_handshake() will also return
 when the underlying BIO could not satisfy the needs of SSL_do_handshake()
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 0cdc51b..bcadd31 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -610,24 +610,13 @@ int dtls1_accept(SSL *s)
 
 		case SSL3_ST_SR_CERT_A:
 		case SSL3_ST_SR_CERT_B:
-			/* Check for second client hello (MS SGC) */
-			ret = ssl3_check_client_hello(s);
-			if (ret <= 0)
-				goto end;
-			if (ret == 2)
+			if (s->s3->tmp.cert_request)
 				{
-				dtls1_stop_timer(s);
-				s->state = SSL3_ST_SR_CLNT_HELLO_C;
+				ret=ssl3_get_client_certificate(s);
+				if (ret <= 0) goto end;
 				}
-			else {
-				if (s->s3->tmp.cert_request)
-					{
-					ret=ssl3_get_client_certificate(s);
-					if (ret <= 0) goto end;
-					}
-				s->init_num=0;
-				s->state=SSL3_ST_SR_KEY_EXCH_A;
-			}
+			s->init_num=0;
+			s->state=SSL3_ST_SR_KEY_EXCH_A;
 			break;
 
 		case SSL3_ST_SR_KEY_EXCH_A:
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 6c0fb37..845c803 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -412,17 +412,6 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
 			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
 			goto f_err;
 			}
-		if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) &&
-					(st1 == SSL3_ST_SR_CERT_A) &&
-					(stn == SSL3_ST_SR_CERT_B))
-			{
-			/* At this point we have got an MS SGC second client
-			 * hello (maybe we should always allow the client to
-			 * start a new handshake?). We need to restart the mac.
-			 * Don't increment {num,total}_renegotiations because
-			 * we have not completed the handshake. */
-			ssl3_init_finished_mac(s);
-			}
 
 		s->s3->tmp.message_type= *(p++);
 
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index a308577..6c0bdcf 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -308,7 +308,6 @@ int ssl3_accept(SSL *s)
 				}
 
 			s->init_num=0;
-			s->s3->flags &= ~SSL3_FLAGS_SGC_RESTART_DONE;
 			s->s3->flags &= ~TLS1_FLAGS_SKIP_CERT_VERIFY;
 			s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
 			/* Should have been reset by ssl3_get_finished, too. */
@@ -592,21 +591,13 @@ int ssl3_accept(SSL *s)
 
 		case SSL3_ST_SR_CERT_A:
 		case SSL3_ST_SR_CERT_B:
-			/* Check for second client hello (MS SGC) */
-			ret = ssl3_check_client_hello(s);
-			if (ret <= 0)
-				goto end;
-			if (ret == 2)
-				s->state = SSL3_ST_SR_CLNT_HELLO_C;
-			else {
-				if (s->s3->tmp.cert_request)
-					{
-					ret=ssl3_get_client_certificate(s);
-					if (ret <= 0) goto end;
-					}
-				s->init_num=0;
-				s->state=SSL3_ST_SR_KEY_EXCH_A;
-			}
+			if (s->s3->tmp.cert_request)
+				{
+				ret=ssl3_get_client_certificate(s);
+				if (ret <= 0) goto end;
+				}
+			s->init_num=0;
+			s->state=SSL3_ST_SR_KEY_EXCH_A;
 			break;
 
 		case SSL3_ST_SR_KEY_EXCH_A:
@@ -907,52 +898,6 @@ int ssl3_send_hello_request(SSL *s)
 	return ssl_do_write(s);
 	}
 
-int ssl3_check_client_hello(SSL *s)
-	{
-	int ok;
-	long n;
-
-	/* this function is called when we really expect a Certificate message,
-	 * so permit appropriate message length */
-	n=s->method->ssl_get_message(s,
-		SSL3_ST_SR_CERT_A,
-		SSL3_ST_SR_CERT_B,
-		-1,
-		s->max_cert_list,
-		&ok);
-	if (!ok) return((int)n);
-	s->s3->tmp.reuse_message = 1;
-	if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
-		{
-		/* We only allow the client to restart the handshake once per
-		 * negotiation. */
-		if (s->s3->flags & SSL3_FLAGS_SGC_RESTART_DONE)
-			{
-			SSLerr(SSL_F_SSL3_CHECK_CLIENT_HELLO, SSL_R_MULTIPLE_SGC_RESTARTS);
-			return -1;
-			}
-		/* Throw away what we have done so far in the current handshake,
-		 * which will now be aborted. (A full SSL_clear would be too much.) */
-#ifndef OPENSSL_NO_DH
-		if (s->s3->tmp.dh != NULL)
-			{
-			DH_free(s->s3->tmp.dh);
-			s->s3->tmp.dh = NULL;
-			}
-#endif
-#ifndef OPENSSL_NO_ECDH
-		if (s->s3->tmp.ecdh != NULL)
-			{
-			EC_KEY_free(s->s3->tmp.ecdh);
-			s->s3->tmp.ecdh = NULL;
-			}
-#endif
-		s->s3->flags |= SSL3_FLAGS_SGC_RESTART_DONE;
-		return 2;
-		}
-	return 1;
-}
-
 int ssl3_get_client_hello(SSL *s)
 	{
 	int i,j,ok,al=SSL_AD_INTERNAL_ERROR,ret= -1;
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index efff233..24e6faa 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -439,16 +439,6 @@ typedef struct ssl3_buffer_st
  */
 #define SSL3_FLAGS_CCS_OK			0x0080
 
-/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
- * restart a handshake because of MS SGC and so prevents us
- * from restarting the handshake in a loop. It's reset on a
- * renegotiation, so effectively limits the client to one restart
- * per negotiation. This limits the possibility of a DDoS
- * attack where the client handshakes in a loop using SGC to
- * restart. Servers which permit renegotiation can still be
- * effected, but we can't prevent that.
- */
-#define SSL3_FLAGS_SGC_RESTART_DONE		0x0040
 /* Set if we encrypt then mac instead of usual mac then encrypt */
 #define TLS1_FLAGS_ENCRYPT_THEN_MAC		0x0100
 
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index facfec5..33a55fe 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1185,7 +1185,6 @@ int ssl3_send_hello_request(SSL *s);
 int ssl3_send_server_key_exchange(SSL *s);
 int ssl3_send_certificate_request(SSL *s);
 int ssl3_send_server_done(SSL *s);
-int ssl3_check_client_hello(SSL *s);
 int ssl3_get_client_certificate(SSL *s);
 int ssl3_get_client_key_exchange(SSL *s);
 int ssl3_get_cert_verify(SSL *s);


hooks/post-receive
-- 
OpenSSL source code


More information about the openssl-commits mailing list