[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-cvs
Subject: [CVS] OpenSSL: openssl/ CHANGES openssl/ssl/ ssl_sess.c
From: "Bodo Moeller" <bodo () openssl ! org>
Date: 2007-03-21 14:33:17
Message-ID: 20070321143317.696871AC61FE () master ! openssl ! org
[Download RAW message or body]
OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________________________
Server: cvs.openssl.org Name: Bodo Moeller
Root: /v/openssl/cvs Email: bodo@openssl.org
Module: openssl Date: 21-Mar-2007 15:33:17
Branch: HEAD Handle: 2007032114331501
Modified files:
openssl CHANGES
openssl/ssl ssl_sess.c
Log:
stricter session ID context matching
Summary:
Revision Changes Path
1.1373 +28 -2 openssl/CHANGES
1.66 +23 -21 openssl/ssl/ssl_sess.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openssl/CHANGES
============================================================================
$ cvs diff -u -r1.1372 -r1.1373 CHANGES
--- openssl/CHANGES 26 Feb 2007 10:49:59 -0000 1.1372
+++ openssl/CHANGES 21 Mar 2007 14:33:15 -0000 1.1373
@@ -2,7 +2,7 @@
OpenSSL CHANGES
_______________
- Changes between 0.9.8e and 0.9.9 [xx XXX xxxx]
+ Changes between 0.9.8f and 0.9.9 [xx XXX xxxx]
*) Change ssl_cipher_apply_rule(), the internal function that does
the work each time a ciphersuite string requests enabling
@@ -481,13 +481,26 @@
*) Change 'Configure' script to enable Camellia by default.
[NTT]
- Changes between 0.9.8d and 0.9.8e [23 Feb 2007]
+ Changes between 0.9.8e and 0.9.8f [xx XXX xxxx]
+
+ *) In the SSL/TLS server implementation, be strict about session ID
+ context matching (which matters if an application uses a single
+ external cache for different purposes). Previously,
+ out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
+ set. This did ensure strict client verification, but meant that,
+ with applications using a single external cache for quite
+ different requirements, clients could circumvent ciphersuite
+ restrictions for a given session ID context by starting a session
+ in a different context.
+ [Bodo Moeller]
*) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
a ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.
[Bodo Moeller]
+ Changes between 0.9.8d and 0.9.8e [23 Feb 2007]
+
*) Since AES128 and AES256 (and similarly Camellia128 and
Camellia256) share a single mask bit in the logic of
ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
@@ -1526,6 +1539,19 @@
differing sizes.
[Richard Levitte]
+ Changes between 0.9.7m and 0.9.7n [xx XXX xxxx]
+
+ *) In the SSL/TLS server implementation, be strict about session ID
+ context matching (which matters if an application uses a single
+ external cache for different purposes). Previously,
+ out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
+ set. This did ensure strict client verification, but meant that,
+ with applications using a single external cache for quite
+ different requirements, clients could circumvent ciphersuite
+ restrictions for a given session ID context by starting a session
+ in a different context.
+ [Bodo Moeller]
+
Changes between 0.9.7l and 0.9.7m [23 Feb 2007]
*) Cleanse PEM buffers before freeing them since they may contain
@@ .
patch -p0 <<'@@ .'
Index: openssl/ssl/ssl_sess.c
============================================================================
$ cvs diff -u -r1.65 -r1.66 ssl_sess.c
--- openssl/ssl/ssl_sess.c 10 Feb 2007 10:42:48 -0000 1.65
+++ openssl/ssl/ssl_sess.c 21 Mar 2007 14:33:16 -0000 1.66
@@ -462,33 +462,35 @@
/* Now ret is non-NULL, and we own one of its reference counts. */
- if((s->verify_mode&SSL_VERIFY_PEER)
- && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
- || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
- {
+ if (ret->sid_ctx_length != s->sid_ctx_length
+ || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))
+ {
/* We've found the session named by the client, but we don't
* want to use it in this context. */
-
- if (s->sid_ctx_length == 0)
- {
- /* application should have used SSL[_CTX]_set_session_id_context
- * -- we could tolerate this and just pretend we never heard
- * of this session, but then applications could effectively
- * disable the session cache by accident without anyone noticing */
- SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
- fatal = 1;
- goto err;
- }
- else
- {
#if 0 /* The client cannot always know when a session is not appropriate,
- * so we shouldn't generate an error message. */
+ * so we shouldn't generate an error message. */
- SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+ SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
#endif
- goto err; /* treat like cache miss */
- }
+ goto err; /* treat like cache miss */
+ }
+
+ if((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0)
+ {
+ /* We can't be sure if this session is being used out of
+ * context, which is especially important for SSL_VERIFY_PEER.
+ * The application should have used SSL[_CTX]_set_session_id_context.
+ *
+ * For this error case, we generate an error instead of treating
+ * the event like a cache miss (otherwise it would be easy for
+ * applications to effectively disable the session cache by
+ * accident without anyone noticing).
+ */
+
+ SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
+ fatal = 1;
+ goto err;
}
if (ret->cipher == NULL)
@@ .
______________________________________________________________________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List openssl-cvs@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic