[Midnightbsd-cvs] src [7438] trunk/crypto/openssl/ssl/s2_srvr.c: OpenSSL CVE-2015-3197

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Sat Jan 30 13:00:55 EST 2016 

Revision: 7438
          http://svnweb.midnightbsd.org/src/?rev=7438
Author:   laffer1
Date:     2016-01-30 12:58:54 -0500 (Sat, 30 Jan 2016)
Log Message:
-----------
OpenSSL  CVE-2015-3197
A malicious client can negotiate SSLv2 ciphers that have been disabled on
the server and complete SSLv2 handshakes even if all SSLv2 ciphers have
been disabled, provided that the SSLv2 protocol was not also disabled via
SSL_OP_NO_SSLv2.

Modified Paths:
--------------
    trunk/crypto/openssl/ssl/s2_srvr.c

Modified: trunk/crypto/openssl/ssl/s2_srvr.c
===================================================================
--- trunk/crypto/openssl/ssl/s2_srvr.c	2016-01-23 20:34:25 UTC (rev 7437)
+++ trunk/crypto/openssl/ssl/s2_srvr.c	2016-01-30 17:58:54 UTC (rev 7438)
@@ -402,7 +402,7 @@
         }
 
         cp = ssl2_get_cipher_by_char(p);
-        if (cp == NULL) {
+        if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) {
             ssl2_return_error(s, SSL2_PE_NO_CIPHER);
             SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
             return (-1);
@@ -687,8 +687,12 @@
             prio = cs;
             allow = cl;
         }
+
+        /* Generate list of SSLv2 ciphers shared between client and server */
         for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
-            if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) {
+            const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z);
+            if ((cp->algorithm_ssl & SSL_SSLV2) == 0 ||
+                sk_SSL_CIPHER_find(allow, cp) < 0) {
                 (void)sk_SSL_CIPHER_delete(prio, z);
                 z--;
             }
@@ -697,6 +701,13 @@
             sk_SSL_CIPHER_free(s->session->ciphers);
             s->session->ciphers = prio;
         }
+
+        /* Make sure we have at least one cipher in common */
+        if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) {
+            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+            SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH);
+            return -1;
+        }
         /*
          * s->session->ciphers should now have a list of ciphers that are on
          * both the client and server. This list is ordered by the order the

More information about the Midnightbsd-cvs mailing list