Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 8 Sep 2011 16:22:58 +0000 (UTC)
From:      Xin LI <delphij@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org
Subject:   svn commit: r225449 - in stable: 7/crypto/openssl/ssl 8/crypto/openssl/ssl
Message-ID:  <201109081622.p88GMw2R098098@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: delphij
Date: Thu Sep  8 16:22:58 2011
New Revision: 225449
URL: http://svn.freebsd.org/changeset/base/225449

Log:
  MFC r225446:
  
  Fix SSL memory handlig for (EC)DH cipher suites, in particular for
  multi-threaded use of ECDH.
  
  Security:	CVE-2011-3210
  Reviewed by:	stas
  Obtained from:	OpenSSL CVS

Modified:
  stable/8/crypto/openssl/ssl/s3_lib.c
  stable/8/crypto/openssl/ssl/s3_srvr.c
Directory Properties:
  stable/8/crypto/openssl/   (props changed)

Changes in other areas also in this revision:
Modified:
  stable/7/crypto/openssl/ssl/s3_lib.c
  stable/7/crypto/openssl/ssl/s3_srvr.c
Directory Properties:
  stable/7/crypto/openssl/   (props changed)

Modified: stable/8/crypto/openssl/ssl/s3_lib.c
==============================================================================
--- stable/8/crypto/openssl/ssl/s3_lib.c	Thu Sep  8 12:56:26 2011	(r225448)
+++ stable/8/crypto/openssl/ssl/s3_lib.c	Thu Sep  8 16:22:58 2011	(r225449)
@@ -1722,11 +1722,17 @@ void ssl3_clear(SSL *s)
 		}
 #ifndef OPENSSL_NO_DH
 	if (s->s3->tmp.dh != NULL)
+		{
 		DH_free(s->s3->tmp.dh);
+		s->s3->tmp.dh = NULL;
+		}
 #endif
 #ifndef OPENSSL_NO_ECDH
 	if (s->s3->tmp.ecdh != NULL)
+		{
 		EC_KEY_free(s->s3->tmp.ecdh);
+		s->s3->tmp.ecdh = NULL;
+		}
 #endif
 
 	rp = s->s3->rbuf.buf;

Modified: stable/8/crypto/openssl/ssl/s3_srvr.c
==============================================================================
--- stable/8/crypto/openssl/ssl/s3_srvr.c	Thu Sep  8 12:56:26 2011	(r225448)
+++ stable/8/crypto/openssl/ssl/s3_srvr.c	Thu Sep  8 16:22:58 2011	(r225449)
@@ -710,9 +710,7 @@ int ssl3_check_client_hello(SSL *s)
 	if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
 		{
 		/* Throw away what we have done so far in the current handshake,
-		 * which will now be aborted. (A full SSL_clear would be too much.)
-		 * I hope that tmp.dh is the only thing that may need to be cleared
-		 * when a handshake is not completed ... */
+		 * which will now be aborted. (A full SSL_clear would be too much.) */
 #ifndef OPENSSL_NO_DH
 		if (s->s3->tmp.dh != NULL)
 			{
@@ -720,6 +718,13 @@ int ssl3_check_client_hello(SSL *s)
 			s->s3->tmp.dh = NULL;
 			}
 #endif
+#ifndef OPENSSL_NO_ECDH
+		if (s->s3->tmp.ecdh != NULL)
+			{
+			EC_KEY_free(s->s3->tmp.ecdh);
+			s->s3->tmp.ecdh = NULL;
+			}
+#endif
 		return 2;
 		}
 	return 1;
@@ -1329,7 +1334,6 @@ int ssl3_send_server_key_exchange(SSL *s
 
 			if (s->s3->tmp.dh != NULL)
 				{
-				DH_free(dh);
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
 				goto err;
 				}
@@ -1390,7 +1394,6 @@ int ssl3_send_server_key_exchange(SSL *s
 
 			if (s->s3->tmp.ecdh != NULL)
 				{
-				EC_KEY_free(s->s3->tmp.ecdh); 
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
 				goto err;
 				}
@@ -1401,12 +1404,11 @@ int ssl3_send_server_key_exchange(SSL *s
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
 				goto err;
 				}
-			if (!EC_KEY_up_ref(ecdhp))
+			if ((ecdh = EC_KEY_dup(ecdhp)) == NULL)
 				{
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
 				goto err;
 				}
-			ecdh = ecdhp;
 
 			s->s3->tmp.ecdh=ecdh;
 			if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
@@ -2262,6 +2264,12 @@ int ssl3_get_client_key_exchange(SSL *s)
                         /* Get encoded point length */
                         i = *p; 
 			p += 1;
+			if (n != 1 + i)
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				    ERR_R_EC_LIB);
+				goto err;
+				}
                         if (EC_POINT_oct2point(group, 
 			    clnt_ecpoint, p, i, bn_ctx) == 0)
 				{



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201109081622.p88GMw2R098098>