Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15] Correctly handle failures from unsetenv resulting from a corrupt environment in rtld-elf. [09:16] Fix permissions in freebsd-update in order to prevent leakage of sensitive files. [09:17] Approved by: so (cperciva) Security: FreeBSD-SA-09:15.ssl Security: FreeBSD-SA-09:16.rtld Security: FreeBSD-SA-09:17.freebsd-udpate
This commit is contained in:
parent
86439baac2
commit
a235643007
@ -2592,6 +2592,9 @@ int ssl3_renegotiate(SSL *s)
|
|||||||
if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
|
if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
|
||||||
return(0);
|
return(0);
|
||||||
|
|
||||||
|
if (1)
|
||||||
|
return(0);
|
||||||
|
|
||||||
s->s3->renegotiate=1;
|
s->s3->renegotiate=1;
|
||||||
return(1);
|
return(1);
|
||||||
}
|
}
|
||||||
|
@ -983,9 +983,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||||||
if (s->msg_callback)
|
if (s->msg_callback)
|
||||||
s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg);
|
s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg);
|
||||||
|
|
||||||
if (SSL_is_init_finished(s) &&
|
if (0)
|
||||||
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
|
|
||||||
!s->s3->renegotiate)
|
|
||||||
{
|
{
|
||||||
ssl3_renegotiate(s);
|
ssl3_renegotiate(s);
|
||||||
if (ssl3_renegotiate_check(s))
|
if (ssl3_renegotiate_check(s))
|
||||||
@ -1116,8 +1114,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||||||
/* Unexpected handshake message (Client Hello, or protocol violation) */
|
/* Unexpected handshake message (Client Hello, or protocol violation) */
|
||||||
if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake)
|
if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake)
|
||||||
{
|
{
|
||||||
if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
|
if (0)
|
||||||
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
|
|
||||||
{
|
{
|
||||||
#if 0 /* worked only because C operator preferences are not as expected (and
|
#if 0 /* worked only because C operator preferences are not as expected (and
|
||||||
* because this is not really needed for clients except for detecting
|
* because this is not really needed for clients except for detecting
|
||||||
|
@ -718,6 +718,13 @@ int ssl3_get_client_hello(SSL *s)
|
|||||||
#endif
|
#endif
|
||||||
STACK_OF(SSL_CIPHER) *ciphers=NULL;
|
STACK_OF(SSL_CIPHER) *ciphers=NULL;
|
||||||
|
|
||||||
|
if (s->new_session)
|
||||||
|
{
|
||||||
|
al=SSL_AD_HANDSHAKE_FAILURE;
|
||||||
|
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||||
|
goto f_err;
|
||||||
|
}
|
||||||
|
|
||||||
/* We do this so that we will respond with our native type.
|
/* We do this so that we will respond with our native type.
|
||||||
* If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
|
* If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
|
||||||
* This down switching should be handled by a different method.
|
* This down switching should be handled by a different method.
|
||||||
|
@ -32,7 +32,7 @@
|
|||||||
db
|
db
|
||||||
entropy uname=operator gname=operator mode=0700
|
entropy uname=operator gname=operator mode=0700
|
||||||
..
|
..
|
||||||
freebsd-update
|
freebsd-update mode=0700
|
||||||
..
|
..
|
||||||
ipf mode=0700
|
ipf mode=0700
|
||||||
..
|
..
|
||||||
|
@ -603,6 +603,7 @@ fetch_check_params () {
|
|||||||
echo ${WORKDIR}
|
echo ${WORKDIR}
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
chmod 700 ${WORKDIR}
|
||||||
cd ${WORKDIR} || exit 1
|
cd ${WORKDIR} || exit 1
|
||||||
|
|
||||||
# Generate release number. The s/SECURITY/RELEASE/ bit exists
|
# Generate release number. The s/SECURITY/RELEASE/ bit exists
|
||||||
|
Loading…
Reference in New Issue
Block a user