Fix for "Record of death" vulnerability CVE-2010-0740. (3e8b6485) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

CHANGES

+17 −8

Original line number	Original line	Diff line number	Diff line
	@@ -99,7 +99,7 @@
	whose return value is often ignored.		whose return value is often ignored.
	[Steve Henson]		[Steve Henson]

	Changes between 0.9.8m and 1.0.0 [25 Feb 2010]		Changes between 0.9.8n and 1.0.0 [xx XXX xxxx]

	*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher		*) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
	context. The operation can be customised via the ctrl mechanism in		context. The operation can be customised via the ctrl mechanism in
	@@ -118,10 +118,6 @@
	it from client hello again. Don't allow server to change algorithm.		it from client hello again. Don't allow server to change algorithm.
	[Steve Henson]		[Steve Henson]

	*) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
	change when encrypting or decrypting.
	[Bodo Moeller]

	*) Add load_crls() function to apps tidying load_certs() too. Add option		*) Add load_crls() function to apps tidying load_certs() too. Add option
	to verify utility to allow additional CRLs to be included.		to verify utility to allow additional CRLs to be included.
	[Steve Henson]		[Steve Henson]
	@@ -944,7 +940,16 @@
	*) Change 'Configure' script to enable Camellia by default.		*) Change 'Configure' script to enable Camellia by default.
	[NTT]		[NTT]

	Changes between 0.9.8m and 0.9.8n [xx XXX xxxx]		Changes between 0.9.8m and 0.9.8n [24 Mar 2010]

			*) When rejecting SSL/TLS records due to an incorrect version number, never
			update s->server with a new major version number. As of
			- OpenSSL 0.9.8m if 'short' is a 16-bit type,
			- OpenSSL 0.9.8f if 'short' is longer than 16 bits,
			the previous behavior could result in a read attempt at NULL when
			receiving specific incorrect SSL/TLS records once record payload
			protection is active. (CVE-2010-####)
			[Bodo Moeller, Adam Langley]

	*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL		*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
	could be crashed if the relevant tables were not present (e.g. chrooted).		could be crashed if the relevant tables were not present (e.g. chrooted).
	@@ -986,6 +991,10 @@
	CVE-2009-4355.		CVE-2009-4355.
	[Steve Henson]		[Steve Henson]

			*) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
			change when encrypting or decrypting.
			[Bodo Moeller]

	*) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to		*) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
	connect and renegotiate with servers which do not support RI.		connect and renegotiate with servers which do not support RI.
	Until RI is more widely deployed this option is enabled by default.		Until RI is more widely deployed this option is enabled by default.

ssl/s3_pkt.c

+3 −3

Original line number	Original line	Diff line number	Diff line
	@@ -337,9 +337,9 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
	if (version != s->version)		if (version != s->version)
	{		{
	SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
	/* Send back error using their		if ((s->version & 0xFF00) == (version & 0xFF00))
	* version number :-) */		/* Send back error using their minor version number :-) */
	s->version=version;		s->version = (unsigned short)version;
	al=SSL_AD_PROTOCOL_VERSION;		al=SSL_AD_PROTOCOL_VERSION;
	goto f_err;		goto f_err;
	}		}