[package] openssl: add a patch to support DTLS compatibility with Cisco AnyConnect...

[openwrt-10.03/.git] / package / openssl / patches / 001-upstream_dtls_cisco.patch

--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -130,7 +130,7 @@ static int dtls1_get_hello_verify(SSL *s
 
 static SSL_METHOD *dtls1_get_client_method(int ver)
        {
-       if (ver == DTLS1_VERSION)
+       if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
                return(DTLSv1_client_method());
        else
                return(NULL);
@@ -181,7 +181,8 @@ int dtls1_connect(SSL *s)
                        s->server=0;
                        if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-                       if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00))
+                       if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) &&
+                           (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00))
                                {
                                SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
                                ret = -1;
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -187,7 +187,10 @@ void dtls1_free(SSL *s)
 void dtls1_clear(SSL *s)
        {
        ssl3_clear(s);
-       s->version=DTLS1_VERSION;
+       if (s->options & SSL_OP_CISCO_ANYCONNECT)
+               s->version=DTLS1_BAD_VER;
+       else
+               s->version=DTLS1_VERSION;
        }
 
 /*
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -987,15 +987,17 @@ start:
        if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
                {
                struct ccs_header_st ccs_hdr;
+               int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH;
 
                dtls1_get_ccs_header(rr->data, &ccs_hdr);
 
                /* 'Change Cipher Spec' is just a single byte, so we know
                 * exactly what the record payload has to look like */
                /* XDTLS: check that epoch is consistent */
-               if (    (s->client_version == DTLS1_BAD_VER && rr->length != 3) ||
-                       (s->client_version != DTLS1_BAD_VER && rr->length != DTLS1_CCS_HEADER_LENGTH) || 
-                       (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS))
+               if (s->client_version == DTLS1_BAD_VER || s->version == DTLS1_BAD_VER)
+                       ccs_hdr_len = 3;
+
+               if ((rr->length != ccs_hdr_len) || (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS))
                        {
                        i=SSL_AD_ILLEGAL_PARAMETER;
                        SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
@@ -1311,7 +1313,7 @@ int do_dtls1_write(SSL *s, int type, con
 #if 0
        /* 'create_empty_fragment' is true only when this function calls itself */
        if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done
-               && SSL_version(s) != DTLS1_VERSION)
+           && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
                {
                /* countermeasure against known-IV weakness in CBC ciphersuites
                 * (see http://www.openssl.org/~bodo/tls-cbc.txt) 
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -708,7 +708,7 @@ int ssl3_get_server_hello(SSL *s)
 
        if (!ok) return((int)n);
 
-       if ( SSL_version(s) == DTLS1_VERSION)
+       if ( SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
                {
                if ( s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST)
                        {
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -510,6 +510,8 @@ typedef struct ssl_session_st
 #define SSL_OP_COOKIE_EXCHANGE              0x00002000L
 /* Don't use RFC4507 ticket extension */
 #define SSL_OP_NO_TICKET                   0x00004000L
+/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client)  */
+#define SSL_OP_CISCO_ANYCONNECT                    0x00008000L
 
 /* As server, disallow session resumption on renegotiation */
 #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION  0x00010000L
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -995,7 +995,8 @@ long SSL_ctrl(SSL *s,int cmd,long larg,v
                s->max_cert_list=larg;
                return(l);
        case SSL_CTRL_SET_MTU:
-               if (SSL_version(s) == DTLS1_VERSION)
+               if (SSL_version(s) == DTLS1_VERSION ||
+                   SSL_version(s) == DTLS1_BAD_VER)
                        {
                        s->d1->mtu = larg;
                        return larg;
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -211,6 +211,11 @@ int ssl_get_new_session(SSL *s, int sess
                        ss->ssl_version=TLS1_VERSION;
                        ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
                        }
+               else if (s->version == DTLS1_BAD_VER)
+                       {
+                       ss->ssl_version=DTLS1_BAD_VER;
+                       ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+                       }
                else if (s->version == DTLS1_VERSION)
                        {
                        ss->ssl_version=DTLS1_VERSION;
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -765,10 +765,10 @@ int tls1_mac(SSL *ssl, unsigned char *md
        HMAC_CTX_init(&hmac);
        HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
 
-       if (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER)
+       if (ssl->version == DTLS1_BAD_VER ||
+           (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER))
                {
                unsigned char dtlsseq[8],*p=dtlsseq;
-
                s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p);
                memcpy (p,&seq[2],6);
 
@@ -793,7 +793,7 @@ printf("rec=");
 {unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
 #endif
 
-       if ( SSL_version(ssl) != DTLS1_VERSION)
+       if ( SSL_version(ssl) != DTLS1_VERSION && SSL_version(ssl) != DTLS1_BAD_VER)
                {
                for (i=7; i>=0; i--)
                        {