SHA256
1
0
forked from pool/openssl-1_1

Accepting request 869551 from home:jsikes:branches:security:tls

Small fix. Enjoy!

OBS-URL: https://build.opensuse.org/request/show/869551
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=83
This commit is contained in:
Pedro Monreal Gonzalez 2021-02-05 15:53:45 +00:00 committed by Git OBS Bridge
parent 3d07044ba3
commit 083820900d
3 changed files with 49 additions and 0 deletions

View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Thu Feb 4 18:23:17 UTC 2021 - Jason Sikes <jsikes@suse.com>
- Zero pad the DHE public key in ClientKeyExchange for interoperability with
Windows Server 2019.
* openssl-zero-pad-DHE-public-key.patch
* bsc#1181796
* sourced from https://github.com/openssl/openssl/pull/12331/files
-------------------------------------------------------------------
Wed Jan 20 15:59:01 UTC 2021 - Pedro Monreal <pmonreal@suse.com>

View File

@ -91,6 +91,7 @@ Patch52: openssl-1.1.1-system-cipherlist.patch
Patch53: openssl-1_1-seclevel.patch
Patch54: openssl-1_1-use-seclevel2-in-tests.patch
Patch55: openssl-1_1-disable-test_srp-sslapi.patch
Patch56: openssl-zero-pad-DHE-public-key.patch
BuildRequires: pkgconfig
Conflicts: ssl
Provides: ssl

View File

@ -0,0 +1,39 @@
Index: openssl-1.1.1i/ssl/statem/statem_clnt.c
===================================================================
--- openssl-1.1.1i.orig/ssl/statem/statem_clnt.c
+++ openssl-1.1.1i/ssl/statem/statem_clnt.c
@@ -3057,9 +3057,9 @@ static int tls_construct_cke_dhe(SSL *s,
{
#ifndef OPENSSL_NO_DH
DH *dh_clnt = NULL;
- const BIGNUM *pub_key;
EVP_PKEY *ckey = NULL, *skey = NULL;
unsigned char *keybytes = NULL;
+ int prime_len;
skey = s->s3->peer_tmp;
if (skey == NULL) {
@@ -3089,15 +3089,19 @@ static int tls_construct_cke_dhe(SSL *s,
}
/* send off the data */
- DH_get0_key(dh_clnt, &pub_key, NULL);
- if (!WPACKET_sub_allocate_bytes_u16(pkt, BN_num_bytes(pub_key),
- &keybytes)) {
+ prime_len = BN_num_bytes(DH_get0_p(dh_clnt));
+ /*
+ * For interoperability with some versions of the Microsoft TLS
+ * stack, we need to zero pad the DHE pub key to the same length
+ * as the prime, so use the length of the prime here.
+ */
+ if (!WPACKET_sub_allocate_bytes_u16(pkt, prime_len, &keybytes)
+ || BN_bn2binpad(DH_get0_pub_key(dh_clnt), keybytes, prime_len) < 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_DHE,
ERR_R_INTERNAL_ERROR);
goto err;
}
- BN_bn2bin(pub_key, keybytes);
EVP_PKEY_free(ckey);
return 1;