Fix null-pointer assignment in do_change_cipher_spec() revealed

by using the Codenomicon TLS Test Tool (CAN-2004-0079)
Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
(CAN-2004-0112)
Ready for 0.9.7d build

Submitted by: Steven Henson
Reviewed by: Joe Orton
Approved by: Mark Cox

10 files changed, 52 insertions, 9 deletions

diff --git a/CHANGES b/CHANGES
index c2ad5a196b..4a0363a1c2 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,15 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.7c and 0.9.7d  [xx XXX XXXX]
+ Changes between 0.9.7c and 0.9.7d  [17 Mar 2004]
+
+  *) Fix null-pointer assignment in do_change_cipher_spec() revealed           
+     by using the Codenomicon TLS Test Tool (CAN-2004-0079)                    
+     [Joe Orton, Steve Henson]   
+
+  *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
+     (CAN-2004-0112)
+     [Joe Orton, Steve Henson]   
 
   *) Make it possible to have multiple active certificates with the same
      subject in the CA index file.  This is done only if the keyword
diff --git a/FAQ b/FAQ
index 01e2ccf18a..0b40039ef8 100644
--- a/FAQ
+++ b/FAQ
@@ -68,7 +68,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.7c was released on September 30, 2003.
+OpenSSL 0.9.7d was released on March 17, 2004.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
diff --git a/LICENSE b/LICENSE
index dddb07842b..40277883a5 100644
--- a/LICENSE
+++ b/LICENSE
@@ -12,7 +12,7 @@
   ---------------
 
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
diff --git a/NEWS b/NEWS
index f0282ebb87..4c1ba0a241 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,14 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d:
+
+      o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
+      o Security: Fix null-pointer assignment in do_change_cipher_spec()
+      o Allow multiple active certificates with same subject in CA index
+      o Multiple X590 verification fixes
+      o Speed up HMAC and other operations
+
   Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c:
 
       o Security: fix various ASN1 parsing bugs.
diff --git a/README b/README
index 65e3a12426..f72a21036f 100644
--- a/README
+++ b/README
@@ -1,7 +1,7 @@
 
- OpenSSL 0.9.7c 30 Sep 2003
+ OpenSSL 0.9.7d 17 Mar 2004
 
- Copyright (c) 1998-2003 The OpenSSL Project
+ Copyright (c) 1998-2004 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
  All rights reserved.
 
diff --git a/STATUS b/STATUS
index 2acb2ce525..b62dda74be 100644
--- a/STATUS
+++ b/STATUS
@@ -1,14 +1,17 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2003/09/30 12:08:19 $
+  ______________                           $Date: 2004/03/17 12:01:16 $
 
   DEVELOPMENT STATE
 
     o  OpenSSL 0.9.8:  Under development...
+    o  OpenSSL 0.9.7d: Released on March     17th, 2004
     o  OpenSSL 0.9.7c: Released on September 30th, 2003
     o  OpenSSL 0.9.7b: Released on April     10th, 2003
     o  OpenSSL 0.9.7a: Released on February  19th, 2003
     o  OpenSSL 0.9.7:  Released on December  31st, 2002
+    o  OpenSSL 0.9.6m: Released on March     17th, 2004
+    o  OpenSSL 0.9.6l: Released on November   4th, 2003
     o  OpenSSL 0.9.6k: Released on September 30th, 2003
     o  OpenSSL 0.9.6j: Released on April     10th, 2003
     o  OpenSSL 0.9.6i: Released on February  19th, 2003
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index dce1147a17..02f1710fb3 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -25,8 +25,8 @@
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-#define OPENSSL_VERSION_NUMBER	0x00907040L
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.7d-dev xx XXX XXXX"
+#define OPENSSL_VERSION_NUMBER	0x0090704fL
+#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.7d 17 Mar 2004"
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
 
 
diff --git a/openssl.spec b/openssl.spec
index 9ce236e0d2..6a272f6969 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -1,7 +1,7 @@
 %define libmaj 0
 %define libmin 9
 %define librel 7
-%define librev c
+%define librev d
 Release: 1
 
 %define openssldir /var/ssl
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 3f88429e79..9f3e5139ad 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1085,6 +1085,14 @@ start:
 			goto err;
 			}
 
+		/* Check we have a cipher to change to */
+		if (s->s3->tmp.new_cipher == NULL)
+			{
+			i=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
+			goto err;
+			}
+
 		rr->length=0;
 
 		if (s->msg_callback)
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 57f1d3f52a..deb3cffabe 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1588,11 +1588,27 @@ static int ssl3_get_client_key_exchange(SSL *s)
 
 		n2s(p,i);
 		enc_ticket.length = i;
+
+		if (n < enc_ticket.length + 6)
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				SSL_R_DATA_LENGTH_TOO_LONG);
+			goto err;
+			}
+
 		enc_ticket.data = (char *)p;
 		p+=enc_ticket.length;
 
 		n2s(p,i);
 		authenticator.length = i;
+
+		if (n < enc_ticket.length + authenticator.length + 6)
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				SSL_R_DATA_LENGTH_TOO_LONG);
+			goto err;
+			}
+
 		authenticator.data = (char *)p;
 		p+=authenticator.length;