d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch.

Browse Source 
From the OpenSSL advisory:

	Andy Polyakov discovered a flaw in OpenSSL's DTLS
	implementation which could lead to the compromise of clients
	and servers with DTLS enabled.

	DTLS is a datagram variant of TLS specified in RFC 4347 first
	supported in OpenSSL version 0.9.8. Note that the
	vulnerabilities do not affect SSL and TLS so only clients and
	servers explicitly using DTLS are affected.

	We believe this flaw will permit remote code execution.

Security:	CVE-2007-4995
Security:	http://www.openssl.org/news/secadv_20071012.txt
This commit is contained in:
Simon L. B. Nielsen 2007-10-18 20:19:33 +00:00
parent c30e4c6174
commit a0ddfe4e72
4 changed files with 537 additions and 608 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1136
crypto/openssl/ssl/d1_both.c
View File

File diff suppressed because it is too large Load Diff

7
crypto/openssl/ssl/dtls1.h
View File

@ -67,9 +67,8 @@
extern "C" {
#endif
#define DTLS1_VERSION 0x0100
#define DTLS1_VERSION_MAJOR 0x01
#define DTLS1_VERSION_MINOR 0x00
#define DTLS1_VERSION 0xFEFF
#define DTLS1_BAD_VER 0x0100
#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
@ -83,7 +82,7 @@ extern "C" {
#define DTLS1_HM_BAD_FRAGMENT -2
#define DTLS1_HM_FRAGMENT_RETRY -3
#define DTLS1_CCS_HEADER_LENGTH 3
#define DTLS1_CCS_HEADER_LENGTH 1
#define DTLS1_AL_HEADER_LENGTH 7

1
crypto/openssl/ssl/ssl.h
View File

@ -1564,6 +1564,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
#define SSL_F_DTLS1_GET_RECORD 254
#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 277
#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
#define SSL_F_DTLS1_PROCESS_RECORD 257
#define SSL_F_DTLS1_READ_BYTES 258

1
crypto/openssl/ssl/ssl_err.c
View File

@ -87,6 +87,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT), "DTLS1_GET_MESSAGE_FRAGMENT"},
{ERR_FUNC(SSL_F_DTLS1_GET_RECORD), "DTLS1_GET_RECORD"},
{ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN), "DTLS1_OUTPUT_CERT_CHAIN"},
{ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "DTLS1_PREPROCESS_FRAGMENT"},
{ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE), "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
{ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "DTLS1_PROCESS_RECORD"},
{ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "DTLS1_READ_BYTES"},