Commit 30fbe92c authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Fix SRP authentication ciphersuites. 



The addition of SRP authentication needs to be checked in various places
to work properly. Specifically:

A certificate is not sent.
A certificate request must not be sent.
Server key exchange message must not contain a signature.
If appropriate SRP authentication ciphersuites should be chosen.
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(cherry picked from commit 8f5a8805b82d1ae81168b11b7f1506db9e047dec)

Conflicts:

	ssl/s3_clnt.c
	ssl/s3_lib.c
parent 1241e77f

ssl/s3_clnt.c

+4 −4
Original line number Diff line number Diff line
@@ -326,9 +326,9 @@ int ssl3_connect(SSL *s) 
				break;

				}

#endif

			/* Check if it is anon DH/ECDH */

			/* Check if it is anon DH/ECDH, SRP auth */

			/* or PSK */

			if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&

			if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aSRP)) &&

			    !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))

				{

				ret=ssl3_get_server_certificate(s);
@@ -1835,8 +1835,8 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); 
		}

	else

		{

		if (!(alg_a & SSL_aNULL) && !(alg_k & SSL_kPSK))

			/* aNULL or kPSK do not need public keys */

		/* aNULL, aSRP or kPSK do not need public keys */

		if (!(alg_a & (SSL_aNULL|SSL_aSRP)) && !(alg_k & SSL_kPSK))

			{

			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);

			goto err;

ssl/s3_srvr.c

+6 −5
Original line number Diff line number Diff line
@@ -410,9 +410,8 @@ int ssl3_accept(SSL *s) 
		case SSL3_ST_SW_CERT_B:

			/* Check if it is anon DH or anon ECDH, */

			/* normal PSK or KRB5 or SRP */

			if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)

				&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)

				&& !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))

			if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aKRB5|SSL_aSRP))

				&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))

				{

				ret=ssl3_send_server_certificate(s);

				if (ret <= 0) goto end;
@@ -515,7 +514,9 @@ int ssl3_accept(SSL *s) 
				  * (against the specs, but s3_clnt.c accepts this for SSL 3) */

				 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||

				 /* never request cert in Kerberos ciphersuites */

				(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)

				(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) ||

				/* don't request certificate for SRP auth */

				(s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP)

				/* With normal PSK Certificates and

				 * Certificate Requests are omitted */

				|| (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
@@ -1846,7 +1847,7 @@ int ssl3_send_server_key_exchange(SSL *s) 
			n+=2+nr[i];

			}



		if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)

		if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aSRP))

			&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))

			{

			if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher,&md))