[Pkg-openssl-changes] r671 - openssl/branches/squeeze/debian/patches

Thu Jun 5 19:15:27 UTC 2014

Author: kroeckx
Date: 2014-06-05 19:15:27 +0000 (Thu, 05 Jun 2014)
New Revision: 671

Modified:
   openssl/branches/squeeze/debian/patches/CVE-2014-0195.patch
Log:
Use correct patch.


Modified: openssl/branches/squeeze/debian/patches/CVE-2014-0195.patch
===================================================================

--- openssl/branches/squeeze/debian/patches/CVE-2014-0195.patch	2014-06-05 19:03:40 UTC (rev 670)
+++ openssl/branches/squeeze/debian/patches/CVE-2014-0195.patch	2014-06-05 19:15:27 UTC (rev 671)
@@ -1,83 +1,21 @@
-diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
-index a6b3c01..c99a4c4 100644
---- a/ssl/s3_clnt.c
-+++ b/ssl/s3_clnt.c
-@@ -559,6 +559,7 @@ int ssl3_connect(SSL *s)
- 		case SSL3_ST_CR_FINISHED_A:
- 		case SSL3_ST_CR_FINISHED_B:
- 
-+			s->s3->flags |= SSL3_FLAGS_CCS_OK;
- 			ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
- 				SSL3_ST_CR_FINISHED_B);
- 			if (ret <= 0) goto end;
-@@ -915,6 +916,7 @@ int ssl3_get_server_hello(SSL *s)
- 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
- 		goto f_err;
+diff --git a/ssl/d1_both.c b/ssl/d1_both.c
+index 01d7242..3426a0a 100644
+--- a/ssl/d1_both.c
++++ b/ssl/d1_both.c
+@@ -621,7 +621,16 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
+ 		frag->msg_header.frag_off = 0;
  		}
-+	    s->s3->flags |= SSL3_FLAGS_CCS_OK;
- 	    s->hit=1;
- 	    }
- 	else	/* a miss or crap from the other end */
-diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
-index 6bc8bf9..98c36e6 100644
---- a/ssl/s3_pkt.c
-+++ b/ssl/s3_pkt.c
-@@ -1316,6 +1316,15 @@ start:
- 			goto f_err;
- 			}
- 
-+		if (!(s->s3->flags & SSL3_FLAGS_CCS_OK))
+ 	else
++		{
+ 		frag = (hm_fragment*) item->data;
++		if (frag->msg_header.msg_len != msg_hdr->msg_len)
 +			{
-+			al=SSL_AD_UNEXPECTED_MESSAGE;
-+			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_CCS_RECEIVED_EARLY);
-+			goto f_err;
++			item = NULL;
++			frag = NULL;
++			goto err;
 +			}
++		}
 +
-+		s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
-+
- 		rr->length=0;
  
- 		if (s->msg_callback)
-diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
-index 5ac4119..503bed3 100644
---- a/ssl/s3_srvr.c
-+++ b/ssl/s3_srvr.c
-@@ -673,6 +673,7 @@ int ssl3_accept(SSL *s)
- 		case SSL3_ST_SR_CERT_VRFY_A:
- 		case SSL3_ST_SR_CERT_VRFY_B:
- 
-+			s->s3->flags |= SSL3_FLAGS_CCS_OK;
- 			/* we should decide if we expected this one */
- 			ret=ssl3_get_cert_verify(s);
- 			if (ret <= 0) goto end;
-@@ -700,6 +701,7 @@ int ssl3_accept(SSL *s)
- 
- 		case SSL3_ST_SR_FINISHED_A:
- 		case SSL3_ST_SR_FINISHED_B:
-+			s->s3->flags |= SSL3_FLAGS_CCS_OK;
- 			ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
- 				SSL3_ST_SR_FINISHED_B);
- 			if (ret <= 0) goto end;
-@@ -770,7 +772,10 @@ int ssl3_accept(SSL *s)
- 				s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
- #else
- 				if (s->s3->next_proto_neg_seen)
-+					{
-+					s->s3->flags |= SSL3_FLAGS_CCS_OK;
- 					s->s3->tmp.next_state=SSL3_ST_SR_NEXT_PROTO_A;
-+					}
- 				else
- 					s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
- #endif
-diff --git a/ssl/ssl3.h b/ssl/ssl3.h
-index cb8b249..37f19e3 100644
---- a/ssl/ssl3.h
-+++ b/ssl/ssl3.h
-@@ -388,6 +388,7 @@ typedef struct ssl3_buffer_st
- #define TLS1_FLAGS_TLS_PADDING_BUG		0x0008
- #define TLS1_FLAGS_SKIP_CERT_VERIFY		0x0010
- #define TLS1_FLAGS_KEEP_HANDSHAKE		0x0020
-+#define SSL3_FLAGS_CCS_OK			0x0080
-  
- /* SSL3_FLAGS_SGC_RESTART_DONE is set when we
-  * restart a handshake because of MS SGC and so prevents us
+ 	/* If message is already reassembled, this must be a
+ 	 * retransmit and can be dropped.


