package/openssl/patches/001-upstream_dtls_cisco.patch

   1 --- a/ssl/d1_clnt.c
   2 +++ b/ssl/d1_clnt.c
   3 @@ -130,7 +130,7 @@ static int dtls1_get_hello_verify(SSL *s
   4
   5  static SSL_METHOD *dtls1_get_client_method(int ver)
   6         {
   7 -       if (ver == DTLS1_VERSION)
   8 +       if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
   9                 return(DTLSv1_client_method());
  10         else
  11                 return(NULL);
  12 @@ -181,7 +181,8 @@ int dtls1_connect(SSL *s)
  13                         s->server=0;
  14                         if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
  15
  16 -                       if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00))
  17 +                       if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) &&
  18 +                           (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00))
  19                                 {
  20                                 SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
  21                                 ret = -1;
  22 --- a/ssl/d1_lib.c
  23 +++ b/ssl/d1_lib.c
  24 @@ -187,7 +187,10 @@ void dtls1_free(SSL *s)
  25  void dtls1_clear(SSL *s)
  26         {
  27         ssl3_clear(s);
  28 -       s->version=DTLS1_VERSION;
  29 +       if (s->options & SSL_OP_CISCO_ANYCONNECT)
  30 +               s->version=DTLS1_BAD_VER;
  31 +       else
  32 +               s->version=DTLS1_VERSION;
  33         }
  34
  35  /*
  36 --- a/ssl/d1_pkt.c
  37 +++ b/ssl/d1_pkt.c
  38 @@ -987,15 +987,17 @@ start:
  39         if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
  40                 {
  41                 struct ccs_header_st ccs_hdr;
  42 +               int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH;
  43
  44                 dtls1_get_ccs_header(rr->data, &ccs_hdr);
  45
  46                 /* 'Change Cipher Spec' is just a single byte, so we know
  47                  * exactly what the record payload has to look like */
  48                 /* XDTLS: check that epoch is consistent */
  49 -               if (    (s->client_version == DTLS1_BAD_VER && rr->length != 3) ||
  50 -                       (s->client_version != DTLS1_BAD_VER && rr->length != DTLS1_CCS_HEADER_LENGTH) ||
  51 -                       (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS))
  52 +               if (s->client_version == DTLS1_BAD_VER || s->version == DTLS1_BAD_VER)
  53 +                       ccs_hdr_len = 3;
  54 +
  55 +               if ((rr->length != ccs_hdr_len) || (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS))
  56                         {
  57                         i=SSL_AD_ILLEGAL_PARAMETER;
  58                         SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
  59 @@ -1311,7 +1313,7 @@ int do_dtls1_write(SSL *s, int type, con
  60  #if 0
  61         /* 'create_empty_fragment' is true only when this function calls itself */
  62         if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done
  63 -               && SSL_version(s) != DTLS1_VERSION)
  64 +           && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
  65                 {
  66                 /* countermeasure against known-IV weakness in CBC ciphersuites
  67                  * (see http://www.openssl.org/~bodo/tls-cbc.txt)
  68 --- a/ssl/s3_clnt.c
  69 +++ b/ssl/s3_clnt.c
  70 @@ -708,7 +708,7 @@ int ssl3_get_server_hello(SSL *s)
  71
  72         if (!ok) return((int)n);
  73
  74 -       if ( SSL_version(s) == DTLS1_VERSION)
  75 +       if ( SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
  76                 {
  77                 if ( s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST)
  78                         {
  79 --- a/ssl/ssl.h
  80 +++ b/ssl/ssl.h
  81 @@ -510,6 +510,8 @@ typedef struct ssl_session_st
  82  #define SSL_OP_COOKIE_EXCHANGE              0x00002000L
  83  /* Don't use RFC4507 ticket extension */
  84  #define SSL_OP_NO_TICKET                   0x00004000L
  85 +/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client)  */
  86 +#define SSL_OP_CISCO_ANYCONNECT                    0x00008000L
  87
  88  /* As server, disallow session resumption on renegotiation */
  89  #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION  0x00010000L
  90 --- a/ssl/ssl_lib.c
  91 +++ b/ssl/ssl_lib.c
  92 @@ -995,7 +995,8 @@ long SSL_ctrl(SSL *s,int cmd,long larg,v
  93                 s->max_cert_list=larg;
  94                 return(l);
  95         case SSL_CTRL_SET_MTU:
  96 -               if (SSL_version(s) == DTLS1_VERSION)
  97 +               if (SSL_version(s) == DTLS1_VERSION ||
  98 +                   SSL_version(s) == DTLS1_BAD_VER)
  99                         {
 100                         s->d1->mtu = larg;
 101                         return larg;
 102 --- a/ssl/ssl_sess.c
 103 +++ b/ssl/ssl_sess.c
 104 @@ -211,6 +211,11 @@ int ssl_get_new_session(SSL *s, int sess
 105                         ss->ssl_version=TLS1_VERSION;
 106                         ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
 107                         }
 108 +               else if (s->version == DTLS1_BAD_VER)
 109 +                       {
 110 +                       ss->ssl_version=DTLS1_BAD_VER;
 111 +                       ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
 112 +                       }
 113                 else if (s->version == DTLS1_VERSION)
 114                         {
 115                         ss->ssl_version=DTLS1_VERSION;
 116 --- a/ssl/t1_enc.c
 117 +++ b/ssl/t1_enc.c
 118 @@ -765,10 +765,10 @@ int tls1_mac(SSL *ssl, unsigned char *md
 119         HMAC_CTX_init(&hmac);
 120         HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
 121
 122 -       if (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER)
 123 +       if (ssl->version == DTLS1_BAD_VER ||
 124 +           (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER))
 125                 {
 126                 unsigned char dtlsseq[8],*p=dtlsseq;
 127 -
 128                 s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p);
 129                 memcpy (p,&seq[2],6);
 130
 131 @@ -793,7 +793,7 @@ printf("rec=");
 132  {unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
 133  #endif
 134
 135 -       if ( SSL_version(ssl) != DTLS1_VERSION)
 136 +       if ( SSL_version(ssl) != DTLS1_VERSION && SSL_version(ssl) != DTLS1_BAD_VER)
 137                 {
 138                 for (i=7; i>=0; i--)
 139                         {