jinql
/
openssl-patch
mirror of https://github.com/hakasenyang/openssl-patch
1
0
Fork 0
Code Issues Releases Wiki Activity

Latest update (3.0.0)

pull/17/head
Hakase 2019-04-02 01:57:48 +09:00
parent fc97123fd6
commit ca1b2c5829
No known key found for this signature in database
GPG Key ID: BB2821A9E0DF48C9
4 changed files with 55 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -29,7 +29,7 @@ Default support is in bold type.
- [Google(Gmail)](https://gmail.com/) : _TLSv1.3_ **final**
- [NSS TLS 1.3(Mozilla)](https://tls13.crypto.mozilla.org/) : _TLSv1.3_ **final**
[Compatible OpenSSL-3.0.0-dev (OpenSSL, 23593 commits)](https://github.com/openssl/openssl/tree/9c0cf214e7836eb5aaf1ea5d3cbf6720533f86b5)
[Compatible OpenSSL-3.0.0-dev (OpenSSL, 23649 commits)](https://github.com/openssl/openssl/tree/0b45d8eec051fd9816b6bf46a975fa461ffc983d)
## Patch files

16
openssl-3.0.0-dev-chacha_draft.patch
View File

@ -11,7 +11,7 @@ index a97eaa1685..24112723f0 100644
#endif
}
diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c
index 37902000a0..56832b63a0 100644
index 37902000a0..6c9078321a 100644
--- a/crypto/evp/e_chacha20_poly1305.c
+++ b/crypto/evp/e_chacha20_poly1305.c
@@ -156,6 +156,7 @@ typedef struct {
@ -194,7 +194,7 @@ index 37902000a0..56832b63a0 100644
+ NID_chacha20_poly1305_draft,
+ 1, /* block_size */
+ CHACHA_KEY_SIZE, /* key_len */
+ 0, /* iv_len, none */
+ 0, /* iv_len, none */
+ EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_CUSTOM_IV |
+ EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT |
+ EVP_CIPH_CUSTOM_COPY | EVP_CIPH_FLAG_CUSTOM_CIPHER,
@ -318,7 +318,7 @@ index a0d4eed358..6ab0a3bd3f 100644
#define LN_chacha20 "chacha20"
#define NID_chacha20 1019
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 1091b1c8b9..fcfc428cd1 100644
index f4b17f1beb..bb3fe66300 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -125,6 +125,7 @@ extern "C" {
@ -330,10 +330,10 @@ index 1091b1c8b9..fcfc428cd1 100644
# define SSL_TXT_ARIA "ARIA"
# define SSL_TXT_ARIA_GCM "ARIAGCM"
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index 166f15ad5c..4fa1d8a32d 100644
index 4db2b6a0db..5b07fb3cba 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -599,7 +599,12 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
@@ -567,7 +567,12 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B
@ -347,7 +347,7 @@ index 166f15ad5c..4fa1d8a32d 100644
# define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCA8
# define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0x0300CCA9
# define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCAA
@@ -764,6 +769,9 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
@@ -732,6 +737,9 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
# define TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
@ -357,7 +357,7 @@ index 166f15ad5c..4fa1d8a32d 100644
# define TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
# define TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
@@ -1092,7 +1100,12 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
@@ -1060,7 +1068,12 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256"
# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384"
@ -372,7 +372,7 @@ index 166f15ad5c..4fa1d8a32d 100644
# define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305"
# define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305"
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index a3639fd18c..c13137e1af 100644
index 330b9e3f0c..fc6889acae 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2083,6 +2083,54 @@ static SSL_CIPHER ssl3_ciphers[] = {

46
openssl-equal-3.0.0-dev.patch
View File

@ -1,8 +1,8 @@
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index f52beb131e..ad1e04452b 100644
index 27e1890393..df8690a1bd 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2880,6 +2880,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
@@ -2879,6 +2879,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
SSL_R_MISSING_TMP_ECDH_KEY:311:missing tmp ecdh key
SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA:293:\
mixed handshake and non handshake data
@ -11,7 +11,7 @@ index f52beb131e..ad1e04452b 100644
SSL_R_NOT_ON_RECORD_BOUNDARY:182:not on record boundary
SSL_R_NOT_REPLACING_CERTIFICATE:289:not replacing certificate
SSL_R_NOT_SERVER:284:not server
@@ -2988,7 +2990,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
@@ -2985,7 +2987,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
@ -48,10 +48,10 @@ index e29c5d7ced..7d795c390e 100644
The following lists give the SSL or TLS cipher suites names from the
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index 4603ef4274..fac8736d1d 100644
index 7f776f97f7..bef78d6c2c 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -601,6 +601,8 @@ int ERR_load_SSL_strings(void);
@@ -600,6 +600,8 @@ int ERR_load_SSL_strings(void);
# define SSL_R_MISSING_TMP_DH_KEY 171
# define SSL_R_MISSING_TMP_ECDH_KEY 311
# define SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA 293
@ -60,7 +60,7 @@ index 4603ef4274..fac8736d1d 100644
# define SSL_R_NOT_ON_RECORD_BOUNDARY 182
# define SSL_R_NOT_REPLACING_CERTIFICATE 289
# define SSL_R_NOT_SERVER 284
@@ -733,7 +735,9 @@ int ERR_load_SSL_strings(void);
@@ -730,7 +732,9 @@ int ERR_load_SSL_strings(void);
# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
# define SSL_R_UNEXPECTED_CCS_MESSAGE 262
# define SSL_R_UNEXPECTED_END_OF_EARLY_DATA 178
@ -71,7 +71,7 @@ index 4603ef4274..fac8736d1d 100644
# define SSL_R_UNINITIALIZED 276
# define SSL_R_UNKNOWN_ALERT_TYPE 246
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index a3639fd18c..c24b5154ac 100644
index 330b9e3f0c..a2b2a85bab 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -168,7 +168,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
@ -101,7 +101,7 @@ index a3639fd18c..c24b5154ac 100644
DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
@@ -4125,6 +4125,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
@@ -4118,6 +4118,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
return 1;
}
@ -119,7 +119,7 @@ index a3639fd18c..c24b5154ac 100644
/*
* ssl3_choose_cipher - choose a cipher from those offered by the client
* @s: SSL connection
@@ -4134,16 +4145,24 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
@@ -4127,16 +4138,24 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
* Returns the selected cipher or NULL when no common ciphers.
*/
const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@ -150,7 +150,7 @@ index a3639fd18c..c24b5154ac 100644
/* Let's see which ciphers we can support */
@@ -4170,54 +4189,13 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4163,54 +4182,13 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
} OSSL_TRACE_END(TLS_CIPHER);
/* SUITE-B takes precedence over server preference and ChaCha priortiy */
@ -208,7 +208,7 @@ index a3639fd18c..c24b5154ac 100644
allow = srvr;
}
@@ -4248,14 +4226,16 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4241,14 +4219,16 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
c = sk_SSL_CIPHER_value(prio, i);
@ -227,7 +227,7 @@ index a3639fd18c..c24b5154ac 100644
/*
* Since TLS 1.3 ciphersuites can be used with any auth or
@@ -4277,10 +4257,10 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4270,10 +4250,10 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
#ifndef OPENSSL_NO_PSK
/* with PSK there must be server callback set */
if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
@ -240,7 +240,7 @@ index a3639fd18c..c24b5154ac 100644
OSSL_TRACE7(TLS_CIPHER,
"%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
@@ -4296,6 +4276,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4289,6 +4269,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
if (!ok)
continue;
@ -255,7 +255,7 @@ index a3639fd18c..c24b5154ac 100644
}
ii = sk_SSL_CIPHER_find(allow, c);
if (ii >= 0) {
@@ -4303,14 +4291,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4296,14 +4284,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
c->strength_bits, 0, (void *)c))
continue;
@ -271,7 +271,7 @@ index a3639fd18c..c24b5154ac 100644
if (prefer_sha256) {
const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
@@ -4322,13 +4303,38 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4315,13 +4296,38 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
ret = tmp;
continue;
}
@ -763,10 +763,10 @@ index 5aa04dbd53..655e259c9b 100644
char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index ceae87bbc9..10836f3667 100644
index afe1b58214..f38ac1558c 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -967,6 +967,9 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
@@ -966,6 +966,9 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"missing tmp ecdh key"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA),
"mixed handshake and non handshake data"},
@ -776,7 +776,7 @@ index ceae87bbc9..10836f3667 100644
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NOT_ON_RECORD_BOUNDARY),
"not on record boundary"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NOT_REPLACING_CERTIFICATE),
@@ -1205,7 +1208,11 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
@@ -1200,7 +1203,11 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"unexpected ccs message"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_END_OF_EARLY_DATA),
"unexpected end of early data"},
@ -1029,10 +1029,10 @@ index 1d3397d880..265c32d15e 100644
__owur int ssl3_new(SSL *s);
void ssl3_free(SSL *s);
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index e482e2d074..f81fe86291 100644
index 781efd236e..4ce62feed7 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1751,7 +1751,7 @@ static int tls_early_post_process_client_hello(SSL *s)
@@ -1755,7 +1755,7 @@ static int tls_early_post_process_client_hello(SSL *s)
/* For TLSv1.3 we must select the ciphersuite *before* session resumption */
if (SSL_IS_TLS13(s)) {
const SSL_CIPHER *cipher =
@ -1041,7 +1041,7 @@ index e482e2d074..f81fe86291 100644
if (cipher == NULL) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
@@ -1934,7 +1934,7 @@ static int tls_early_post_process_client_hello(SSL *s)
@@ -1938,7 +1938,7 @@ static int tls_early_post_process_client_hello(SSL *s)
/* check if some cipher was preferred by call back */
if (pref_cipher == NULL)
pref_cipher = ssl3_choose_cipher(s, s->session->ciphers,
@ -1050,7 +1050,7 @@ index e482e2d074..f81fe86291 100644
if (pref_cipher == NULL) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO,
@@ -1943,8 +1943,9 @@ static int tls_early_post_process_client_hello(SSL *s)
@@ -1947,8 +1947,9 @@ static int tls_early_post_process_client_hello(SSL *s)
}
s->session->cipher = pref_cipher;
@ -1062,7 +1062,7 @@ index e482e2d074..f81fe86291 100644
sk_SSL_CIPHER_free(s->cipher_list_by_id);
s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
}
@@ -2258,7 +2259,7 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
@@ -2262,7 +2263,7 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
/* In TLSv1.3 we selected the ciphersuite before resumption */
if (!SSL_IS_TLS13(s)) {
cipher =

46
openssl-equal-3.0.0-dev_ciphers.patch
View File

@ -1,8 +1,8 @@
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index f52beb131e..ad1e04452b 100644
index 27e1890393..df8690a1bd 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2880,6 +2880,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
@@ -2879,6 +2879,8 @@ SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
SSL_R_MISSING_TMP_ECDH_KEY:311:missing tmp ecdh key
SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA:293:\
mixed handshake and non handshake data
@ -11,7 +11,7 @@ index f52beb131e..ad1e04452b 100644
SSL_R_NOT_ON_RECORD_BOUNDARY:182:not on record boundary
SSL_R_NOT_REPLACING_CERTIFICATE:289:not replacing certificate
SSL_R_NOT_SERVER:284:not server
@@ -2988,7 +2990,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
@@ -2985,7 +2987,9 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
@ -48,10 +48,10 @@ index e29c5d7ced..7d795c390e 100644
The following lists give the SSL or TLS cipher suites names from the
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index 4603ef4274..fac8736d1d 100644
index 7f776f97f7..bef78d6c2c 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -601,6 +601,8 @@ int ERR_load_SSL_strings(void);
@@ -600,6 +600,8 @@ int ERR_load_SSL_strings(void);
# define SSL_R_MISSING_TMP_DH_KEY 171
# define SSL_R_MISSING_TMP_ECDH_KEY 311
# define SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA 293
@ -60,7 +60,7 @@ index 4603ef4274..fac8736d1d 100644
# define SSL_R_NOT_ON_RECORD_BOUNDARY 182
# define SSL_R_NOT_REPLACING_CERTIFICATE 289
# define SSL_R_NOT_SERVER 284
@@ -733,7 +735,9 @@ int ERR_load_SSL_strings(void);
@@ -730,7 +732,9 @@ int ERR_load_SSL_strings(void);
# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
# define SSL_R_UNEXPECTED_CCS_MESSAGE 262
# define SSL_R_UNEXPECTED_END_OF_EARLY_DATA 178
@ -71,7 +71,7 @@ index 4603ef4274..fac8736d1d 100644
# define SSL_R_UNINITIALIZED 276
# define SSL_R_UNKNOWN_ALERT_TYPE 246
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index a3639fd18c..3f830c5d40 100644
index 330b9e3f0c..ebb80bd649 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -32,7 +32,25 @@ const unsigned char tls12downgrade[] = {
@ -150,7 +150,7 @@ index a3639fd18c..3f830c5d40 100644
DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
@@ -4125,6 +4131,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
@@ -4118,6 +4124,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
return 1;
}
@ -168,7 +168,7 @@ index a3639fd18c..3f830c5d40 100644
/*
* ssl3_choose_cipher - choose a cipher from those offered by the client
* @s: SSL connection
@@ -4134,16 +4151,24 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
@@ -4127,16 +4144,24 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
* Returns the selected cipher or NULL when no common ciphers.
*/
const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@ -199,7 +199,7 @@ index a3639fd18c..3f830c5d40 100644
/* Let's see which ciphers we can support */
@@ -4170,54 +4195,13 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4163,54 +4188,13 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
} OSSL_TRACE_END(TLS_CIPHER);
/* SUITE-B takes precedence over server preference and ChaCha priortiy */
@ -257,7 +257,7 @@ index a3639fd18c..3f830c5d40 100644
allow = srvr;
}
@@ -4248,14 +4232,16 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4241,14 +4225,16 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
c = sk_SSL_CIPHER_value(prio, i);
@ -276,7 +276,7 @@ index a3639fd18c..3f830c5d40 100644
/*
* Since TLS 1.3 ciphersuites can be used with any auth or
@@ -4277,10 +4263,10 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4270,10 +4256,10 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
#ifndef OPENSSL_NO_PSK
/* with PSK there must be server callback set */
if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
@ -289,7 +289,7 @@ index a3639fd18c..3f830c5d40 100644
OSSL_TRACE7(TLS_CIPHER,
"%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
@@ -4296,6 +4282,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4289,6 +4275,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
if (!ok)
continue;
@ -304,7 +304,7 @@ index a3639fd18c..3f830c5d40 100644
}
ii = sk_SSL_CIPHER_find(allow, c);
if (ii >= 0) {
@@ -4303,14 +4297,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4296,14 +4290,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
c->strength_bits, 0, (void *)c))
continue;
@ -320,7 +320,7 @@ index a3639fd18c..3f830c5d40 100644
if (prefer_sha256) {
const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
@@ -4322,13 +4309,38 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
@@ -4315,13 +4302,38 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
ret = tmp;
continue;
}
@ -812,10 +812,10 @@ index 5aa04dbd53..655e259c9b 100644
char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index ceae87bbc9..10836f3667 100644
index afe1b58214..f38ac1558c 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -967,6 +967,9 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
@@ -966,6 +966,9 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"missing tmp ecdh key"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA),
"mixed handshake and non handshake data"},
@ -825,7 +825,7 @@ index ceae87bbc9..10836f3667 100644
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NOT_ON_RECORD_BOUNDARY),
"not on record boundary"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NOT_REPLACING_CERTIFICATE),
@@ -1205,7 +1208,11 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
@@ -1200,7 +1203,11 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"unexpected ccs message"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_END_OF_EARLY_DATA),
"unexpected end of early data"},
@ -1102,10 +1102,10 @@ index 1d3397d880..265c32d15e 100644
__owur int ssl3_new(SSL *s);
void ssl3_free(SSL *s);
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index e482e2d074..f81fe86291 100644
index 781efd236e..4ce62feed7 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1751,7 +1751,7 @@ static int tls_early_post_process_client_hello(SSL *s)
@@ -1755,7 +1755,7 @@ static int tls_early_post_process_client_hello(SSL *s)
/* For TLSv1.3 we must select the ciphersuite *before* session resumption */
if (SSL_IS_TLS13(s)) {
const SSL_CIPHER *cipher =
@ -1114,7 +1114,7 @@ index e482e2d074..f81fe86291 100644
if (cipher == NULL) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
@@ -1934,7 +1934,7 @@ static int tls_early_post_process_client_hello(SSL *s)
@@ -1938,7 +1938,7 @@ static int tls_early_post_process_client_hello(SSL *s)
/* check if some cipher was preferred by call back */
if (pref_cipher == NULL)
pref_cipher = ssl3_choose_cipher(s, s->session->ciphers,
@ -1123,7 +1123,7 @@ index e482e2d074..f81fe86291 100644
if (pref_cipher == NULL) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO,
@@ -1943,8 +1943,9 @@ static int tls_early_post_process_client_hello(SSL *s)
@@ -1947,8 +1947,9 @@ static int tls_early_post_process_client_hello(SSL *s)
}
s->session->cipher = pref_cipher;
@ -1135,7 +1135,7 @@ index e482e2d074..f81fe86291 100644
sk_SSL_CIPHER_free(s->cipher_list_by_id);
s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
}
@@ -2258,7 +2259,7 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
@@ -2262,7 +2263,7 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
/* In TLSv1.3 we selected the ciphersuite before resumption */
if (!SSL_IS_TLS13(s)) {
cipher =