Blame SOURCES/openssl-1.0.2j-deprecate-algos.patch

e62613
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
e62613
index 3ffd934..23271be 100644
e62613
--- a/crypto/asn1/a_verify.c
e62613
+++ b/crypto/asn1/a_verify.c
e62613
@@ -56,6 +56,9 @@
e62613
  * [including the GNU Public Licence.]
e62613
  */
e62613
 
e62613
+/* for secure_getenv */
e62613
+#define _GNU_SOURCE
e62613
+
e62613
 #include <stdio.h>
e62613
 #include <time.h>
e62613
 
e62613
@@ -133,6 +136,30 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
e62613
 
e62613
 #endif
e62613
 
e62613
+static int legacy_mds[] = { NID_md5, NID_sha, NID_md4, NID_md2, 0 };
e62613
+extern int private_ossl_allowed_legacy_mds[];
e62613
+
e62613
+static int is_md_legacy_disallowed(int mdnid)
e62613
+{
e62613
+    int i;
e62613
+
e62613
+    if (mdnid == NID_md5 && secure_getenv("OPENSSL_ENABLE_MD5_VERIFY") != NULL)
e62613
+        return 0;
e62613
+
e62613
+    for (i = 0; legacy_mds[i] != 0; ++i) {
e62613
+         if (mdnid == legacy_mds[i]) {
e62613
+            int j;
e62613
+
e62613
+            for (j = 0; private_ossl_allowed_legacy_mds[j] != 0; ++j) {
e62613
+                 if (mdnid == private_ossl_allowed_legacy_mds[j])
e62613
+                     return 0;
e62613
+            }
e62613
+            return 1;
e62613
+        }
e62613
+     }
e62613
+     return 0;
e62613
+}
e62613
+
e62613
 int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
e62613
                      ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
e62613
 {
e62613
@@ -174,6 +201,10 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
e62613
         if (ret != 2)
e62613
             goto err;
e62613
         ret = -1;
e62613
+    } else if (is_md_legacy_disallowed(mdnid)) {
e62613
+        ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
e62613
+                ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
e62613
+        goto err;
e62613
     } else {
e62613
         const EVP_MD *type;
e62613
         type = EVP_get_digestbynid(mdnid);
e62613
diff --git a/crypto/o_init.c b/crypto/o_init.c
e62613
index 2f754ef..59439c2 100644
e62613
--- a/crypto/o_init.c
e62613
+++ b/crypto/o_init.c
e62613
@@ -55,6 +55,12 @@
e62613
 
e62613
 #include <e_os.h>
e62613
 #include <openssl/err.h>
e62613
+# include <stdio.h>
e62613
+# include <string.h>
e62613
+# include <strings.h>
e62613
+# include <ctype.h>
e62613
+# include <openssl/dh.h>
e62613
+# include <openssl/objects.h>
e62613
 #ifdef OPENSSL_FIPS
e62613
 # include <sys/types.h>
e62613
 # include <sys/stat.h>
e62613
@@ -89,6 +95,121 @@ static void init_fips_mode(void)
e62613
 }
e62613
 #endif
e62613
 
e62613
+# define LEGACY_SETTINGS_FILE "/etc/pki/tls/legacy-settings"
e62613
+
e62613
+# define NUM_MAX_LEGACY_MDS 8
e62613
+
e62613
+int private_ossl_allowed_legacy_mds[NUM_MAX_LEGACY_MDS + 1]; /* zero terminated */
e62613
+
e62613
+int private_ossl_minimum_dh_bits;
e62613
+
e62613
+#if !defined(_WIN32)
e62613
+static void parse_legacy_mds(char *p)
e62613
+{
e62613
+    int idx = 0;
e62613
+    char *e = p;
e62613
+
e62613
+    while (p[0] != '\0') {
e62613
+        while (e[0] != '\0' && !isspace(e[0]) && e[0] != ',') {
e62613
+            ++e;
e62613
+        }
e62613
+        if (e[0] != '\0') {
e62613
+            e[0] = '\0';
e62613
+            ++e;
e62613
+        }
e62613
+
e62613
+        if (strcasecmp(p, "md5") == 0) {
e62613
+            private_ossl_allowed_legacy_mds[idx++] = NID_md5;
e62613
+        } else if (strcasecmp(p, "md4") == 0) {
e62613
+            private_ossl_allowed_legacy_mds[idx++] = NID_md4;
e62613
+        } else if (strcasecmp(p, "sha") == 0) {
e62613
+            private_ossl_allowed_legacy_mds[idx++] = NID_sha;
e62613
+        } else if (strcasecmp(p, "md2") == 0) {
e62613
+            private_ossl_allowed_legacy_mds[idx++] = NID_md2;
e62613
+        }
e62613
+
e62613
+        if (idx >=
e62613
+            sizeof(private_ossl_allowed_legacy_mds) /
e62613
+            sizeof(private_ossl_allowed_legacy_mds[0])) {
e62613
+            break;
e62613
+        }
e62613
+
e62613
+        while (e[0] == ',' || isspace(e[0])) {
e62613
+            ++e;
e62613
+        }
e62613
+
e62613
+        p = e;
e62613
+    }
e62613
+}
e62613
+
e62613
+static void parse_minimum_dh_bits(char *p)
e62613
+{
e62613
+    private_ossl_minimum_dh_bits = strtol(p, NULL, 10);
e62613
+    if (private_ossl_minimum_dh_bits < 512
e62613
+        || private_ossl_minimum_dh_bits > OPENSSL_DH_MAX_MODULUS_BITS) {
e62613
+        /* use default */
e62613
+        private_ossl_minimum_dh_bits = 0;
e62613
+    }
e62613
+}
e62613
+
e62613
+static void load_legacy_settings(void)
e62613
+{
e62613
+    FILE *f;
e62613
+    char *line = NULL;
e62613
+    size_t len = 0;
e62613
+
e62613
+    if ((f = fopen(LEGACY_SETTINGS_FILE, "r")) == NULL) {
e62613
+        return;
e62613
+    }
e62613
+
e62613
+    while (getline(&line, &len, f) > 0) {
e62613
+        char *p = line, *e, *val;
e62613
+
e62613
+        /* skip initial whitespace */
e62613
+        while (isspace(p[0])) {
e62613
+            ++p;
e62613
+        }
e62613
+
e62613
+        e = p;
e62613
+
e62613
+        while (e[0] != '\0' && !isspace(e[0])) {
e62613
+            ++e;
e62613
+        }
e62613
+
e62613
+        /* terminate name, skip whitespace between name and value */
e62613
+        if (e[0] != '\0') {
e62613
+            e[0] = '\0';
e62613
+            ++e;
e62613
+            while (isspace(e[0])) {
e62613
+                ++e;
e62613
+            }
e62613
+        }
e62613
+
e62613
+        val = e;
e62613
+
e62613
+        e = e + strlen(val);
e62613
+
e62613
+        /* trim terminating whitespace */
e62613
+        while (e > val) {
e62613
+            --e;
e62613
+            if (isspace(e[0])) {
e62613
+                e[0] = '\0';
e62613
+            } else {
e62613
+                break;
e62613
+            }
e62613
+        }
e62613
+
e62613
+        if (strcasecmp(p, "LegacySigningMDs") == 0) {
e62613
+            parse_legacy_mds(val);
e62613
+        } else if (strcasecmp(line, "MinimumDHBits") == 0) {
e62613
+            parse_minimum_dh_bits(val);
e62613
+        }
e62613
+        /* simply skip other unrecognized lines */
e62613
+    }
e62613
+    (void)fclose(f);
e62613
+}
e62613
+#endif
e62613
+
e62613
 /*
e62613
  * Perform any essential OpenSSL initialization operations. Currently only
e62613
  * sets FIPS callbacks
e62613
@@ -100,6 +221,10 @@ void OPENSSL_init_library(void)
e62613
     if (done)
e62613
         return;
e62613
     done = 1;
e62613
+
e62613
+#if !defined(_WIN32)
e62613
+    load_legacy_settings();
e62613
+#endif
e62613
 #ifdef OPENSSL_FIPS
e62613
     RAND_init_fips();
e62613
     init_fips_mode();
e62613
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
e62613
index 32f2f1a..6734e8a 100644
e62613
--- a/ssl/s3_clnt.c
e62613
+++ b/ssl/s3_clnt.c
e62613
@@ -3500,6 +3500,8 @@ int ssl3_send_client_certificate(SSL *s)
e62613
 
e62613
 #define has_bits(i,m)   (((i)&(m)) == (m))
e62613
 
e62613
+extern int private_ossl_minimum_dh_bits;
e62613
+
e62613
 int ssl3_check_cert_and_algorithm(SSL *s)
e62613
 {
e62613
     int i, idx;
e62613
@@ -3630,8 +3632,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
e62613
             DH_free(dh_srvr);
e62613
         }
e62613
 
e62613
-        if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 1024)
e62613
-            || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) {
e62613
+        if (dh_size < (private_ossl_minimum_dh_bits ? private_ossl_minimum_dh_bits : 1024)) {
e62613
             SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
e62613
             goto f_err;
e62613
         }