On 20/03/15 12:44, Linsell, StevenX wrote:
> On Thu, Mar 19, 2015, Steve Linsell wrote:
>>
>> I am trying to use ECDH-RSA-AES256-SHA with ssl3 with s_client and s_server
>> on
>> the master branch. (cloned at commit
>> f7683aaf36341dc65672ac2ccdbfd4a232e3626d) and then retested with a more
>> recent clone: (commit da27006df06853a33b132133699a7aa9d4277920).
>
> Following further testing I see identical failures in the master branch using
> the following cipher/protocol combinations:
>
> ECDH-ECDSA-AES128-SHA ssl3
> ECDH-ECDSA-AES256-SHA ssl3
> ECDH-ECDSA-DES-CBC3-SHA ssl3
> ECDH-ECDSA-RC4-SHA ssl3
> ECDH-RSA-AES128-SHA ssl3
> ECDH-RSA-AES256-SHA ssl3
> ECDH-RSA-DES-CBC3-SHA ssl3
> ECDH-RSA-RC4-SHA ssl3
> ECDHE-ECDSA-AES128-SHA ssl3
> ECDHE-ECDSA-AES256-SHA ssl3
> ECDHE-ECDSA-DES-CBC3-SHA ssl3
> ECDHE-ECDSA-RC4-SHA ssl3
>
Hi Steve
Looks like a bug. Try the attached patch. Let me know how you get on.
Thanks
Matt
>From f5c18cb86af3ca1dccf958f5a8a193cb9d628d7f Mon Sep 17 00:00:00 2001
From: Matt Caswell <m...@openssl.org>
Date: Fri, 20 Mar 2015 15:10:16 +0000
Subject: [PATCH] Don't check curves that haven't been sent
Don't check that the curve appears in the list of acceptable curves for the
peer, if they didn't send us such a list (for example this will always be
the case in SSL3)
---
ssl/t1_lib.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 8b75dba..d32efd7 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -706,6 +706,10 @@ static int tls1_check_ec_key(SSL *s,
for (j = 0; j <= 1; j++) {
if (!tls1_get_curvelist(s, j, &pcurves, &num_curves))
return 0;
+ if (j == 1 && num_curves == 0) {
+ /* If we've not received any curves then skip this check */
+ break;
+ }
for (i = 0; i < num_curves; i++, pcurves += 2) {
if (pcurves[0] == curve_id[0] && pcurves[1] == curve_id[1])
break;
--
2.1.0
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
