[openssl-commits] [openssl] OpenSSL_0_9_8-stable update
Matt Caswell
matt at openssl.org
Thu Jan 8 15:23:39 UTC 2015
The branch OpenSSL_0_9_8-stable has been updated
via bc253b0902b171895b93ab2e63971ce6f32e9c51 (commit)
via b873409efee1731171f78d8eb456b57aa4b7d0ff (commit)
via f89250f2f2017e2627a9cf5b2c468e78e78bdf49 (commit)
via 1dc6a5441a2759e7e17995ef61ba7fc9011920a7 (commit)
via a4aa18879917d9bd45f52ac110c69303a852b7db (commit)
via 50befdb659585b9840264c77708d2dc638624137 (commit)
via 46bf0ba87665c5aa215673d87e9ee7dd4ce28359 (commit)
via 4b4c0a19211bf73d81de52de697a1a9dc60aed82 (commit)
from df70302441a507da88d1761c47e80295247521a8 (commit)
- Log -----------------------------------------------------------------
commit bc253b0902b171895b93ab2e63971ce6f32e9c51
Author: Matt Caswell <matt at openssl.org>
Date: Thu Jan 8 14:36:15 2015 +0000
Prepare for 0.9.8ze-dev
Reviewed-by: Stephen Henson <steve at openssl.org>
commit b873409efee1731171f78d8eb456b57aa4b7d0ff
Author: Matt Caswell <matt at openssl.org>
Date: Thu Jan 8 14:33:47 2015 +0000
Prepare for 0.9.8zd release
Reviewed-by: Stephen Henson <steve at openssl.org>
commit f89250f2f2017e2627a9cf5b2c468e78e78bdf49
Author: Matt Caswell <matt at openssl.org>
Date: Thu Jan 8 14:33:47 2015 +0000
make update
Reviewed-by: Stephen Henson <steve at openssl.org>
commit 1dc6a5441a2759e7e17995ef61ba7fc9011920a7
Author: Matt Caswell <matt at openssl.org>
Date: Thu Jan 8 13:37:28 2015 +0000
CHANGES and NEWS updates for release
Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Steve Henson <steve at openssl.org>
commit a4aa18879917d9bd45f52ac110c69303a852b7db
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue Jan 6 14:28:34 2015 +0000
Fix typo.
Fix typo in ssl3_get_cert_verify: we can only skip certificate verify
message if certificate is absent.
NB: OpenSSL 0.9.8 is NOT vulnerable to CVE-2015-0205 as it doesn't
support DH certificates and this typo prohibits skipping of
certificate verify message for sign only certificates anyway.
Reviewed-by: Matt Caswell <matt at openssl.org>
commit 50befdb659585b9840264c77708d2dc638624137
Author: Matt Caswell <matt at openssl.org>
Date: Sat Jan 3 00:54:35 2015 +0000
Follow on from CVE-2014-3571. This fixes the code that was the original source
of the crash due to p being NULL. Steve's fix prevents this situation from
occuring - however this is by no means obvious by looking at the code for
dtls1_get_record. This fix just makes things look a bit more sane.
Conflicts:
ssl/d1_pkt.c
Reviewed-by: Dr Stephen Henson <steve at openssl.org>
commit 46bf0ba87665c5aa215673d87e9ee7dd4ce28359
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Sat Jan 3 00:45:13 2015 +0000
Fix crash in dtls1_get_record whilst in the listen state where you get two
separate reads performed - one for the header and one for the body of the
handshake record.
CVE-2014-3571
Reviewed-by: Matt Caswell <matt at openssl.org>
Conflicts:
ssl/s3_pkt.c
commit 4b4c0a19211bf73d81de52de697a1a9dc60aed82
Author: Andy Polyakov <appro at openssl.org>
Date: Mon Jan 5 14:52:56 2015 +0100
Fix for CVE-2014-3570.
Reviewed-by: Emilia Kasper <emilia at openssl.org>
(cherry picked from commit e793809ba50c1e90ab592fb640a856168e50f3de)
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 31 ++-
NEWS | 11 +-
README | 2 +-
crypto/bn/asm/mips3.s | 514 ++++++++++++++++++++++----------------------
crypto/bn/asm/x86_64-gcc.c | 34 ++-
crypto/bn/bn_asm.c | 16 +-
crypto/bn/bntest.c | 102 ++++++---
crypto/ecdsa/Makefile | 13 +-
crypto/opensslv.h | 6 +-
openssl.spec | 2 +-
ssl/d1_pkt.c | 5 +-
ssl/s3_pkt.c | 2 +
ssl/s3_srvr.c | 2 +-
13 files changed, 417 insertions(+), 323 deletions(-)
diff --git a/CHANGES b/CHANGES
index 573f2b7..5779dfc 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,25 @@
OpenSSL CHANGES
_______________
- Changes between 0.9.8zc and 0.9.8zd [xx XXX xxxx]
+ Changes between 0.9.8zd and 0.9.8ze [xx XXX xxxx]
+
+ *)
+
+ Changes between 0.9.8zc and 0.9.8zd [8 Jan 2015]
+
+ *) Fix DTLS segmentation fault in dtls1_get_record. A carefully crafted DTLS
+ message can cause a segmentation fault in OpenSSL due to a NULL pointer
+ dereference. This could lead to a Denial Of Service attack. Thanks to
+ Markus Stenberg of Cisco Systems, Inc. for reporting this issue.
+ (CVE-2014-3571)
+ [Steve Henson]
+
+ *) Fix issue where no-ssl3 configuration sets method to NULL. When openssl is
+ built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl
+ method would be set to NULL which could later result in a NULL pointer
+ dereference. Thanks to Frank Schmirler for reporting this issue.
+ (CVE-2014-3569)
+ [Kurt Roeckx]
*) Abort handshake if server key exchange message is omitted for ephemeral
ECDH ciphersuites.
@@ -58,6 +76,17 @@
(CVE-2014-8275)
[Steve Henson]
+ *) Correct Bignum squaring. Bignum squaring (BN_sqr) may produce incorrect
+ results on some platforms, including x86_64. This bug occurs at random
+ with a very low probability, and is not known to be exploitable in any
+ way, though its exact impact is difficult to determine. Thanks to Pieter
+ Wuille (Blockstream) who reported this issue and also suggested an initial
+ fix. Further analysis was conducted by the OpenSSL development team and
+ Adam Langley of Google. The final fix was developed by Andy Polyakov of
+ the OpenSSL core team.
+ (CVE-2014-3570)
+ [Andy Polyakov]
+
Changes between 0.9.8zb and 0.9.8zc [15 Oct 2014]
*) Session Ticket Memory Leak.
diff --git a/NEWS b/NEWS
index 45ae0f5..19ba9d4 100644
--- a/NEWS
+++ b/NEWS
@@ -5,10 +5,19 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Major changes between OpenSSL 0.9.8zc and OpenSSL 0.9.8zd [under development]
+ Major changes between OpenSSL 0.9.8zd and OpenSSL 0.9.8ze [under development]
o
+ Major changes between OpenSSL 0.9.8zc and OpenSSL 0.9.8zd [8 Jan 2015]
+
+ o Fix for CVE-2014-3571
+ o Fix for CVE-2014-3569
+ o Fix for CVE-2014-3572
+ o Fix for CVE-2015-0204
+ o Fix for CVE-2014-8275
+ o Fix for CVE-2014-3570
+
Major changes between OpenSSL 0.9.8zb and OpenSSL 0.9.8zc [15 Oct 2014]:
o Fix for CVE-2014-3513
diff --git a/README b/README
index 4032362..e3f71f7 100644
--- a/README
+++ b/README
@@ -1,5 +1,5 @@
- OpenSSL 0.9.8zd-dev
+ OpenSSL 0.9.8ze-dev
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff --git a/crypto/bn/asm/mips3.s b/crypto/bn/asm/mips3.s
index dca4105..8ced51b 100644
--- a/crypto/bn/asm/mips3.s
+++ b/crypto/bn/asm/mips3.s
@@ -1584,17 +1584,17 @@ LEAF(bn_sqr_comba8)
dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu c_2,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
mflo t_1
mfhi t_2
@@ -1609,63 +1609,63 @@ LEAF(bn_sqr_comba8)
dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu c_3,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
dmultu a_1,a_2 /* mul_add_c2(a[1],b[2],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu AT,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
sd c_1,24(a0)
dmultu a_4,a_0 /* mul_add_c2(a[4],b[0],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu c_1,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu AT,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
dmultu a_2,a_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
mflo t_1
mfhi t_2
@@ -1680,93 +1680,93 @@ LEAF(bn_sqr_comba8)
dmultu a_0,a_5 /* mul_add_c2(a[0],b[5],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu c_2,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
dmultu a_1,a_4 /* mul_add_c2(a[1],b[4],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu AT,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu AT,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
sd c_3,40(a0)
dmultu a_6,a_0 /* mul_add_c2(a[6],b[0],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu c_3,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
dmultu a_5,a_1 /* mul_add_c2(a[5],b[1],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu AT,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
dmultu a_4,a_2 /* mul_add_c2(a[4],b[2],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu AT,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
dmultu a_3,a_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
mflo t_1
mfhi t_2
@@ -1781,108 +1781,108 @@ LEAF(bn_sqr_comba8)
dmultu a_0,a_7 /* mul_add_c2(a[0],b[7],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu c_1,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
dmultu a_1,a_6 /* mul_add_c2(a[1],b[6],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu AT,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
dmultu a_2,a_5 /* mul_add_c2(a[2],b[5],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu AT,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
dmultu a_3,a_4 /* mul_add_c2(a[3],b[4],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu AT,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
sd c_2,56(a0)
dmultu a_7,a_1 /* mul_add_c2(a[7],b[1],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu c_2,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
dmultu a_6,a_2 /* mul_add_c2(a[6],b[2],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu AT,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
dmultu a_5,a_3 /* mul_add_c2(a[5],b[3],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu AT,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
dmultu a_4,a_4 /* mul_add_c(a[4],b[4],c3,c1,c2); */
mflo t_1
mfhi t_2
@@ -1897,78 +1897,78 @@ LEAF(bn_sqr_comba8)
dmultu a_2,a_7 /* mul_add_c2(a[2],b[7],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu c_3,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
dmultu a_3,a_6 /* mul_add_c2(a[3],b[6],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu AT,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
dmultu a_4,a_5 /* mul_add_c2(a[4],b[5],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu AT,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
sd c_1,72(a0)
dmultu a_7,a_3 /* mul_add_c2(a[7],b[3],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu c_1,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
dmultu a_6,a_4 /* mul_add_c2(a[6],b[4],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_1,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu AT,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
dmultu a_5,a_5 /* mul_add_c(a[5],b[5],c2,c3,c1); */
mflo t_1
mfhi t_2
@@ -1983,48 +1983,48 @@ LEAF(bn_sqr_comba8)
dmultu a_4,a_7 /* mul_add_c2(a[4],b[7],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu c_2,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
dmultu a_5,a_6 /* mul_add_c2(a[5],b[6],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_2,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu AT,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
sd c_3,88(a0)
dmultu a_7,a_5 /* mul_add_c2(a[7],b[5],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu c_3,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
dmultu a_6,a_6 /* mul_add_c(a[6],b[6],c1,c2,c3); */
mflo t_1
mfhi t_2
@@ -2039,17 +2039,17 @@ LEAF(bn_sqr_comba8)
dmultu a_6,a_7 /* mul_add_c2(a[6],b[7],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu c_1,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
sd c_2,104(a0)
dmultu a_7,a_7 /* mul_add_c(a[7],b[7],c3,c1,c2); */
@@ -2070,9 +2070,9 @@ LEAF(bn_sqr_comba4)
.set reorder
ld a_0,0(a1)
ld a_1,8(a1)
+ dmultu a_0,a_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
ld a_2,16(a1)
ld a_3,24(a1)
- dmultu a_0,a_0 /* mul_add_c(a[0],b[0],c1,c2,c3); */
mflo c_1
mfhi c_2
sd c_1,0(a0)
@@ -2093,17 +2093,17 @@ LEAF(bn_sqr_comba4)
dmultu a_2,a_0 /* mul_add_c2(a[2],b[0],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu c_2,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
dmultu a_1,a_1 /* mul_add_c(a[1],b[1],c3,c1,c2); */
mflo t_1
mfhi t_2
@@ -2118,48 +2118,48 @@ LEAF(bn_sqr_comba4)
dmultu a_0,a_3 /* mul_add_c2(a[0],b[3],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt c_3,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu c_3,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
- daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
dmultu a_1,a_2 /* mul_add_c(a2[1],b[2],c1,c2,c3); */
mflo t_1
mfhi t_2
- slt AT,t_2,zero
- daddu c_3,AT
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_1,t_1
sltu AT,c_1,t_1
- daddu t_2,AT
+ daddu c_1,t_1
+ daddu AT,t_2
+ sltu t_1,c_1,t_1
+ daddu c_2,AT
+ daddu t_2,t_1
+ sltu AT,c_2,AT
daddu c_2,t_2
- sltu AT,c_2,t_2
daddu c_3,AT
+ sltu t_2,c_2,t_2
+ daddu c_3,t_2
sd c_1,24(a0)
dmultu a_3,a_1 /* mul_add_c2(a[3],b[1],c2,c3,c1); */
mflo t_1
mfhi t_2
- slt c_1,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_2,t_1
sltu AT,c_2,t_1
- daddu t_2,AT
+ daddu c_2,t_1
+ daddu AT,t_2
+ sltu t_1,c_2,t_1
+ daddu c_3,AT
+ daddu t_2,t_1
+ sltu c_1,c_3,AT
daddu c_3,t_2
- sltu AT,c_3,t_2
- daddu c_1,AT
+ sltu t_2,c_3,t_2
+ daddu c_1,t_2
dmultu a_2,a_2 /* mul_add_c(a[2],b[2],c2,c3,c1); */
mflo t_1
mfhi t_2
@@ -2174,17 +2174,17 @@ LEAF(bn_sqr_comba4)
dmultu a_2,a_3 /* mul_add_c2(a[2],b[3],c3,c1,c2); */
mflo t_1
mfhi t_2
- slt c_2,t_2,zero
- dsll t_2,1
- slt a2,t_1,zero
- daddu t_2,a2
- dsll t_1,1
daddu c_3,t_1
sltu AT,c_3,t_1
- daddu t_2,AT
+ daddu c_3,t_1
+ daddu AT,t_2
+ sltu t_1,c_3,t_1
+ daddu c_1,AT
+ daddu t_2,t_1
+ sltu c_2,c_1,AT
daddu c_1,t_2
- sltu AT,c_1,t_2
- daddu c_2,AT
+ sltu t_2,c_1,t_2
+ daddu c_2,t_2
sd c_3,40(a0)
dmultu a_3,a_3 /* mul_add_c(a[3],b[3],c1,c2,c3); */
diff --git a/crypto/bn/asm/x86_64-gcc.c b/crypto/bn/asm/x86_64-gcc.c
index 2d80f19..eba8304 100644
--- a/crypto/bn/asm/x86_64-gcc.c
+++ b/crypto/bn/asm/x86_64-gcc.c
@@ -269,6 +269,10 @@ BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
/* sqr_add_c(a,i,c0,c1,c2) -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
+/*
+ * Keep in mind that carrying into high part of multiplication result
+ * can not overflow, because it cannot be all-ones.
+ */
#if 0
/* original macros are kept for reference purposes */
#define mul_add_c(a,b,c0,c1,c2) { \
@@ -283,10 +287,10 @@ BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
BN_ULONG ta=(a),tb=(b),t0; \
t1 = BN_UMULT_HIGH(ta,tb); \
t0 = ta * tb; \
- t2 = t1+t1; c2 += (t2<t1)?1:0; \
- t1 = t0+t0; t2 += (t1<t0)?1:0; \
- c0 += t1; t2 += (c0<t1)?1:0; \
+ c0 += t0; t2 = t1+((c0<t0)?1:0);\
c1 += t2; c2 += (c1<t2)?1:0; \
+ c0 += t0; t1 += (c0<t0)?1:0; \
+ c1 += t1; c2 += (c1<t1)?1:0; \
}
#else
#define mul_add_c(a,b,c0,c1,c2) do { \
@@ -324,22 +328,14 @@ BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
: "=a"(t1),"=d"(t2) \
: "a"(a),"m"(b) \
: "cc"); \
- asm ("addq %0,%0; adcq %2,%1" \
- : "+d"(t2),"+r"(c2) \
- : "g"(0) \
- : "cc"); \
- asm ("addq %0,%0; adcq %2,%1" \
- : "+a"(t1),"+d"(t2) \
- : "g"(0) \
- : "cc"); \
- asm ("addq %2,%0; adcq %3,%1" \
- : "+r"(c0),"+d"(t2) \
- : "a"(t1),"g"(0) \
- : "cc"); \
- asm ("addq %2,%0; adcq %3,%1" \
- : "+r"(c1),"+r"(c2) \
- : "d"(t2),"g"(0) \
- : "cc"); \
+ asm ("addq %3,%0; adcq %4,%1; adcq %5,%2" \
+ : "+r"(c0),"+r"(c1),"+r"(c2) \
+ : "r"(t1),"r"(t2),"g"(0) \
+ : "cc"); \
+ asm ("addq %3,%0; adcq %4,%1; adcq %5,%2" \
+ : "+r"(c0),"+r"(c1),"+r"(c2) \
+ : "r"(t1),"r"(t2),"g"(0) \
+ : "cc"); \
} while (0)
#endif
diff --git a/crypto/bn/bn_asm.c b/crypto/bn/bn_asm.c
index 99bc2de..b95b003 100644
--- a/crypto/bn/bn_asm.c
+++ b/crypto/bn/bn_asm.c
@@ -431,6 +431,10 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
/* sqr_add_c(a,i,c0,c1,c2) -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
+/*
+ * Keep in mind that carrying into high part of multiplication result
+ * can not overflow, because it cannot be all-ones.
+ */
#ifdef BN_LLONG
#define mul_add_c(a,b,c0,c1,c2) \
t=(BN_ULLONG)a*b; \
@@ -471,10 +475,10 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
#define mul_add_c2(a,b,c0,c1,c2) { \
BN_ULONG ta=(a),tb=(b),t0; \
BN_UMULT_LOHI(t0,t1,ta,tb); \
- t2 = t1+t1; c2 += (t2<t1)?1:0; \
- t1 = t0+t0; t2 += (t1<t0)?1:0; \
- c0 += t1; t2 += (c0<t1)?1:0; \
+ c0 += t0; t2 = t1+((c0<t0)?1:0);\
c1 += t2; c2 += (c1<t2)?1:0; \
+ c0 += t0; t1 += (c0<t0)?1:0; \
+ c1 += t1; c2 += (c1<t1)?1:0; \
}
#define sqr_add_c(a,i,c0,c1,c2) { \
@@ -501,10 +505,10 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
BN_ULONG ta=(a),tb=(b),t0; \
t1 = BN_UMULT_HIGH(ta,tb); \
t0 = ta * tb; \
- t2 = t1+t1; c2 += (t2<t1)?1:0; \
- t1 = t0+t0; t2 += (t1<t0)?1:0; \
- c0 += t1; t2 += (c0<t1)?1:0; \
+ c0 += t0; t2 = t1+((c0<t0)?1:0);\
c1 += t2; c2 += (c1<t2)?1:0; \
+ c0 += t0; t1 += (c0<t0)?1:0; \
+ c1 += t1; c2 += (c1<t1)?1:0; \
}
#define sqr_add_c(a,i,c0,c1,c2) { \
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index d41daac..9138c2f 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -676,44 +676,98 @@ int test_mul(BIO *bp)
int test_sqr(BIO *bp, BN_CTX *ctx)
{
- BIGNUM a,c,d,e;
- int i;
+ BIGNUM *a,*c,*d,*e;
+ int i, ret = 0;
- BN_init(&a);
- BN_init(&c);
- BN_init(&d);
- BN_init(&e);
+ a = BN_new();
+ c = BN_new();
+ d = BN_new();
+ e = BN_new();
+ if (a == NULL || c == NULL || d == NULL || e == NULL)
+ {
+ goto err;
+ }
for (i=0; i<num0; i++)
{
- BN_bntest_rand(&a,40+i*10,0,0);
- a.neg=rand_neg();
- BN_sqr(&c,&a,ctx);
+ BN_bntest_rand(a,40+i*10,0,0);
+ a->neg=rand_neg();
+ BN_sqr(c,a,ctx);
if (bp != NULL)
{
if (!results)
{
- BN_print(bp,&a);
+ BN_print(bp,a);
BIO_puts(bp," * ");
- BN_print(bp,&a);
+ BN_print(bp,a);
BIO_puts(bp," - ");
}
- BN_print(bp,&c);
+ BN_print(bp,c);
BIO_puts(bp,"\n");
}
- BN_div(&d,&e,&c,&a,ctx);
- BN_sub(&d,&d,&a);
- if(!BN_is_zero(&d) || !BN_is_zero(&e))
- {
- fprintf(stderr,"Square test failed!\n");
- return 0;
- }
+ BN_div(d,e,c,a,ctx);
+ BN_sub(d,d,a);
+ if(!BN_is_zero(d) || !BN_is_zero(e))
+ {
+ fprintf(stderr,"Square test failed!\n");
+ goto err;
+ }
}
- BN_free(&a);
- BN_free(&c);
- BN_free(&d);
- BN_free(&e);
- return(1);
+
+ /* Regression test for a BN_sqr overflow bug. */
+ BN_hex2bn(&a,
+ "80000000000000008000000000000001FFFFFFFFFFFFFFFE0000000000000000");
+ BN_sqr(c, a, ctx);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,a);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ BN_mul(d, a, a, ctx);
+ if (BN_cmp(c, d))
+ {
+ fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
+ "different results!\n");
+ goto err;
+ }
+
+ /* Regression test for a BN_sqr overflow bug. */
+ BN_hex2bn(&a,
+ "80000000000000000000000080000001FFFFFFFE000000000000000000000000");
+ BN_sqr(c, a, ctx);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,a);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ BN_mul(d, a, a, ctx);
+ if (BN_cmp(c, d))
+ {
+ fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
+ "different results!\n");
+ goto err;
+ }
+ ret = 1;
+err:
+ if (a != NULL) BN_free(a);
+ if (c != NULL) BN_free(c);
+ if (d != NULL) BN_free(d);
+ if (e != NULL) BN_free(e);
+ return ret;
}
int test_mont(BIO *bp, BN_CTX *ctx)
diff --git a/crypto/ecdsa/Makefile b/crypto/ecdsa/Makefile
index 49e2681..6a1b4ef 100644
--- a/crypto/ecdsa/Makefile
+++ b/crypto/ecdsa/Makefile
@@ -128,11 +128,12 @@ ecs_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
ecs_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecs_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
ecs_sign.o: ecs_locl.h ecs_sign.c
-ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecs_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ecs_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ecs_vrf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
+ecs_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
+ecs_vrf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ecs_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_vrf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ecs_vrf.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+ecs_vrf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
ecs_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
ecs_vrf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
ecs_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@@ -140,4 +141,4 @@ ecs_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
ecs_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
ecs_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecs_vrf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ecs_vrf.o: ecs_locl.h ecs_vrf.c
+ecs_vrf.o: ../cryptlib.h ecs_locl.h ecs_vrf.c
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index 78b46b2..b850c62 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x009081d0L
+#define OPENSSL_VERSION_NUMBER 0x009081e0L
#ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zd-fips-dev xx XXX xxxx"
+#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8ze-fips-dev xx XXX xxxx"
#else
-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zd-dev xx XXX xxxx"
+#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8ze-dev xx XXX xxxx"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/openssl.spec b/openssl.spec
index f233d81..1d77739 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -6,7 +6,7 @@ Release: 1
Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
-Version: 0.9.8zd
+Version: 0.9.8ze
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
License: OpenSSL
Group: System Environment/Libraries
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index d12604e..bc478c2 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -595,8 +595,6 @@ again:
/* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
i=rr->length;
n=ssl3_read_n(s,i,i,1);
- if (n <= 0) return(n); /* error or non-blocking io */
-
/* this packet contained a partial record, dump it */
if ( n != i)
{
@@ -626,7 +624,8 @@ again:
* would be dropped unnecessarily.
*/
if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
- *p == SSL3_MT_CLIENT_HELLO) &&
+ s->packet_length > DTLS1_RT_HEADER_LENGTH &&
+ s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) &&
! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
{
rr->length = 0;
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index a3b45fb..1adc301 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -147,6 +147,8 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
* at once (as long as it fits into the buffer). */
if (SSL_version(s) == DTLS1_VERSION)
{
+ if (s->s3->rbuf.left == 0 && extend)
+ return 0;
if ( s->s3->rbuf.left > 0 && n > s->s3->rbuf.left)
n = s->s3->rbuf.left;
}
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 18832e9..496ae80 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2400,7 +2400,7 @@ int ssl3_get_cert_verify(SSL *s)
if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
{
s->s3->tmp.reuse_message=1;
- if ((peer != NULL) && (type | EVP_PKT_SIGN))
+ if (peer != NULL)
{
al=SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
More information about the openssl-commits
mailing list