← Back to branch summary

~ubuntu-branches/ubuntu/utopic/openssl/utopic

« back to all changes in this revision

Viewing changes to ssl/s3_lib.c

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-10-16 10:56:10 UTC
  • Revision ID: package-import@ubuntu.com-20141016105610-lwozw2ngdc2k5tim
Tags: 1.0.1f-1ubuntu9
* SECURITY UPDATE: denial of service via DTLS SRTP memory leak
  - debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c,
    ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl,
    util/ssleay.num.
  - CVE-2014-3513
* SECURITY UPDATE: denial of service via session ticket integrity check
  memory leak
  - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
  - CVE-2014-3567
* SECURITY UPDATE: fix the no-ssl3 build option
  - debian/patches/CVE-2014-3568.patch: fix conditional code in
    ssl/s23_clnt.c, ssl/s23_srvr.c.
  - CVE-2014-3568
* SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
  protocol downgrade attack to SSLv3 that exposes the POODLE attack.
  - debian/patches/tls_fallback_scsv_support.patch: added support for
    TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
    ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
    ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
    ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h, 
    doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.

Show diffs side-by-side

added added

removed removed

Lines of Context:
ssl/s3_lib.c
3355
3355
#endif
3356
3356
 
3357
3357
#endif /* !OPENSSL_NO_TLSEXT */
 
3358
 
 
3359
        case SSL_CTRL_CHECK_PROTO_VERSION:
 
3360
                /* For library-internal use; checks that the current protocol
 
3361
                 * is the highest enabled version (according to s->ctx->method,
 
3362
                 * as version negotiation may have changed s->method). */
 
3363
                if (s->version == s->ctx->method->version)
 
3364
                        return 1;
 
3365
                /* Apparently we're using a version-flexible SSL_METHOD
 
3366
                 * (not at its highest protocol version). */
 
3367
                if (s->ctx->method->version == SSLv23_method()->version)
 
3368
                        {
 
3369
#if TLS_MAX_VERSION != TLS1_2_VERSION
 
3370
#  error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
 
3371
#endif
 
3372
                        if (!(s->options & SSL_OP_NO_TLSv1_2))
 
3373
                                return s->version == TLS1_2_VERSION;
 
3374
                        if (!(s->options & SSL_OP_NO_TLSv1_1))
 
3375
                                return s->version == TLS1_1_VERSION;
 
3376
                        if (!(s->options & SSL_OP_NO_TLSv1))
 
3377
                                return s->version == TLS1_VERSION;
 
3378
                        if (!(s->options & SSL_OP_NO_SSLv3))
 
3379
                                return s->version == SSL3_VERSION;
 
3380
                        if (!(s->options & SSL_OP_NO_SSLv2))
 
3381
                                return s->version == SSL2_VERSION;
 
3382
                        }
 
3383
                return 0; /* Unexpected state; fail closed. */
 
3384
 
3358
3385
        default:
3359
3386
                break;
3360
3387
                }
3714
3741
                break;
3715
3742
#endif
3716
3743
#endif
 
3744
 
3717
3745
        default:
3718
3746
                return(0);
3719
3747
                }
4291
4319
                return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4292
4320
        return alg2;
4293
4321
        }
4294