Loading CHANGES +6 −0 Original line number Diff line number Diff line Loading @@ -305,6 +305,12 @@ Changes between 1.0.1h and 1.0.2 [xx XXX xxxx] *) Add support for TLS_FALLBACK_SCSV. Client applications doing fallback retries should call SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV). (CVE-2014-3566) [Adam Langley, Bodo Moeller] *) Accelerated NIST P-256 elliptic curve implementation for x86_64 (other platforms pending). [Shay Gueron (Intel Corp), Andy Polyakov] Loading apps/s_client.c +10 −0 Original line number Diff line number Diff line Loading @@ -341,6 +341,7 @@ static void sc_usage(void) BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n"); BIO_printf(bio_err," -mtu - set the link layer MTU\n"); BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); Loading Loading @@ -650,6 +651,7 @@ int MAIN(int argc, char **argv) char *sess_out = NULL; struct sockaddr peer; int peerlen = sizeof(peer); int fallback_scsv = 0; int enable_timeouts = 0 ; long socket_mtu = 0; #ifndef OPENSSL_NO_JPAKE Loading Loading @@ -940,6 +942,10 @@ static char *jpake_secret = NULL; meth=DTLSv1_2_client_method(); socket_type=SOCK_DGRAM; } else if (strcmp(*argv,"-fallback_scsv") == 0) { fallback_scsv = 1; } else if (strcmp(*argv,"-timeout") == 0) enable_timeouts=1; else if (strcmp(*argv,"-mtu") == 0) Loading Loading @@ -1439,6 +1445,10 @@ bad: SSL_set_session(con, sess); SSL_SESSION_free(sess); } if (fallback_scsv) SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV); #ifndef OPENSSL_NO_TLSEXT if (servername != NULL) { Loading crypto/err/openssl.ec +1 −0 Original line number Diff line number Diff line Loading @@ -74,6 +74,7 @@ R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 R SSL_R_SSLV3_ALERT_INAPPROPRIATE_FALLBACK 1086 R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 Loading ssl/d1_lib.c +19 −0 Original line number Diff line number Diff line Loading @@ -294,6 +294,25 @@ long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg) case DTLS_CTRL_LISTEN: ret = dtls1_listen(s, parg); break; case SSL_CTRL_CHECK_PROTO_VERSION: /* For library-internal use; checks that the current protocol * is the highest enabled version (according to s->ctx->method, * as version negotiation may have changed s->method). */ if (s->version == s->ctx->method->version) return 1; /* Apparently we're using a version-flexible SSL_METHOD * (not at its highest protocol version). */ if (s->ctx->method->version == DTLS_method()->version) { #if DTLS_MAX_VERSION != DTLS1_2_VERSION # error Code needs update for DTLS_method() support beyond DTLS1_2_VERSION. #endif if (!(s->options & SSL_OP_NO_DTLSv1_2)) return s->version == DTLS1_2_VERSION; if (!(s->options & SSL_OP_NO_DTLSv1)) return s->version == DTLS1_VERSION; } return 0; /* Unexpected state; fail closed. */ default: ret = ssl3_ctrl(s, cmd, larg, parg); Loading ssl/dtls1.h +4 −2 Original line number Diff line number Diff line Loading @@ -84,8 +84,11 @@ extern "C" { #endif #define DTLS1_VERSION 0xFEFF #define DTLS1_BAD_VER 0x0100 #define DTLS1_2_VERSION 0xFEFD #define DTLS_MAX_VERSION DTLS1_2_VERSION #define DTLS1_BAD_VER 0x0100 /* Special value for method supporting multiple versions */ #define DTLS_ANY_VERSION 0x1FFFF Loading Loading @@ -287,4 +290,3 @@ typedef struct dtls1_record_data_st } #endif #endif Loading
CHANGES +6 −0 Original line number Diff line number Diff line Loading @@ -305,6 +305,12 @@ Changes between 1.0.1h and 1.0.2 [xx XXX xxxx] *) Add support for TLS_FALLBACK_SCSV. Client applications doing fallback retries should call SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV). (CVE-2014-3566) [Adam Langley, Bodo Moeller] *) Accelerated NIST P-256 elliptic curve implementation for x86_64 (other platforms pending). [Shay Gueron (Intel Corp), Andy Polyakov] Loading
apps/s_client.c +10 −0 Original line number Diff line number Diff line Loading @@ -341,6 +341,7 @@ static void sc_usage(void) BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n"); BIO_printf(bio_err," -mtu - set the link layer MTU\n"); BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); Loading Loading @@ -650,6 +651,7 @@ int MAIN(int argc, char **argv) char *sess_out = NULL; struct sockaddr peer; int peerlen = sizeof(peer); int fallback_scsv = 0; int enable_timeouts = 0 ; long socket_mtu = 0; #ifndef OPENSSL_NO_JPAKE Loading Loading @@ -940,6 +942,10 @@ static char *jpake_secret = NULL; meth=DTLSv1_2_client_method(); socket_type=SOCK_DGRAM; } else if (strcmp(*argv,"-fallback_scsv") == 0) { fallback_scsv = 1; } else if (strcmp(*argv,"-timeout") == 0) enable_timeouts=1; else if (strcmp(*argv,"-mtu") == 0) Loading Loading @@ -1439,6 +1445,10 @@ bad: SSL_set_session(con, sess); SSL_SESSION_free(sess); } if (fallback_scsv) SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV); #ifndef OPENSSL_NO_TLSEXT if (servername != NULL) { Loading
crypto/err/openssl.ec +1 −0 Original line number Diff line number Diff line Loading @@ -74,6 +74,7 @@ R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 R SSL_R_SSLV3_ALERT_INAPPROPRIATE_FALLBACK 1086 R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 Loading
ssl/d1_lib.c +19 −0 Original line number Diff line number Diff line Loading @@ -294,6 +294,25 @@ long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg) case DTLS_CTRL_LISTEN: ret = dtls1_listen(s, parg); break; case SSL_CTRL_CHECK_PROTO_VERSION: /* For library-internal use; checks that the current protocol * is the highest enabled version (according to s->ctx->method, * as version negotiation may have changed s->method). */ if (s->version == s->ctx->method->version) return 1; /* Apparently we're using a version-flexible SSL_METHOD * (not at its highest protocol version). */ if (s->ctx->method->version == DTLS_method()->version) { #if DTLS_MAX_VERSION != DTLS1_2_VERSION # error Code needs update for DTLS_method() support beyond DTLS1_2_VERSION. #endif if (!(s->options & SSL_OP_NO_DTLSv1_2)) return s->version == DTLS1_2_VERSION; if (!(s->options & SSL_OP_NO_DTLSv1)) return s->version == DTLS1_VERSION; } return 0; /* Unexpected state; fail closed. */ default: ret = ssl3_ctrl(s, cmd, larg, parg); Loading
ssl/dtls1.h +4 −2 Original line number Diff line number Diff line Loading @@ -84,8 +84,11 @@ extern "C" { #endif #define DTLS1_VERSION 0xFEFF #define DTLS1_BAD_VER 0x0100 #define DTLS1_2_VERSION 0xFEFD #define DTLS_MAX_VERSION DTLS1_2_VERSION #define DTLS1_BAD_VER 0x0100 /* Special value for method supporting multiple versions */ #define DTLS_ANY_VERSION 0x1FFFF Loading Loading @@ -287,4 +290,3 @@ typedef struct dtls1_record_data_st } #endif #endif
Stephen Henson <steve@openssl.org>Stephen Henson <steve@openssl.org>