diff options
Diffstat (limited to 'extra')
65 files changed, 302 insertions, 106 deletions
diff --git a/extra/CMakeLists.txt b/extra/CMakeLists.txt index 6cc69d3251e..b6ed2318950 100755 --- a/extra/CMakeLists.txt +++ b/extra/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (C) 2006 MySQL AB +# Copyright (c) 2006, 2007 MySQL AB # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/extra/Makefile.am b/extra/Makefile.am index 9c66cedc013..c2ca2b29b6e 100644 --- a/extra/Makefile.am +++ b/extra/Makefile.am @@ -1,4 +1,4 @@ -# Copyright (C) 2000-2006 MySQL AB, 2009 Monty Program AB +# Copyright (C) 2000-2008 MySQL AB, 2009 Monty Program AB # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -11,7 +11,7 @@ # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include \ -I$(top_srcdir)/sql diff --git a/extra/charset2html.c b/extra/charset2html.c index 8dcfa0c8990..16f40361f12 100644 --- a/extra/charset2html.c +++ b/extra/charset2html.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2000 MySQL AB +/* Copyright (c) 2000, 2002-2004, 2007, 2008 MySQL AB This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -11,7 +11,7 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ /* diff --git a/extra/comp_err.c b/extra/comp_err.c index 2c8d9823201..b2231d21cbb 100644 --- a/extra/comp_err.c +++ b/extra/comp_err.c @@ -1,6 +1,6 @@ /* - Copyright (c) 2000, 2010, Oracle and/or its affiliates & Anjuta Widenius - Copyright (c) 2008-2011 Monty Program Ab + Copyright (c) 2000, 2013, Oracle and/or its affiliates & Anjuta Widenius + Copyright (c) 2008, 2013 Monty Program Ab This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -32,6 +32,7 @@ #include <my_getopt.h> #include <assert.h> #include <my_dir.h> +#include <mysql_version.h> #define MAX_ROWS 1000 #define HEADER_LENGTH 32 /* Length of header in errmsg.sys */ @@ -177,6 +178,23 @@ int main(int argc, char *argv[]) fprintf(stderr, "Failed to parse input file %s\n", TXTFILE); DBUG_RETURN(1); } +#if MYSQL_VERSION_ID >= 50100 && MYSQL_VERSION_ID < 50500 +/* Number of error messages in 5.1 - do not change this number! */ +#define MYSQL_OLD_GA_ERROR_MESSAGE_COUNT 641 +#elif MYSQL_VERSION_ID >= 50500 && MYSQL_VERSION_ID < 50600 +/* Number of error messages in 5.5 - do not change this number! */ +#define MYSQL_OLD_GA_ERROR_MESSAGE_COUNT 728 +#endif +#if MYSQL_OLD_GA_ERROR_MESSAGE_COUNT + if (row_count != MYSQL_OLD_GA_ERROR_MESSAGE_COUNT) + { + fprintf(stderr, "Can only add new error messages to latest GA. "); + fprintf(stderr, "Use ER_UNKNOWN_ERROR instead.\n"); + fprintf(stderr, "Expected %u messages, found %u.\n", + MYSQL_OLD_GA_ERROR_MESSAGE_COUNT, row_count); + DBUG_RETURN(1); + } +#endif if (lang_head == NULL || error_head == NULL) { fprintf(stderr, "Failed to parse input file %s\n", TXTFILE); diff --git a/extra/yassl/CMakeLists.txt b/extra/yassl/CMakeLists.txt index 3407aa7d0dc..50a68f50936 100644 --- a/extra/yassl/CMakeLists.txt +++ b/extra/yassl/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (C) 2006 MySQL AB +# Copyright (c) 2006, 2012, Oracle and/or its affiliates. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/COPYING b/extra/yassl/COPYING index d60c31a97a5..d20476ee118 100644 --- a/extra/yassl/COPYING +++ b/extra/yassl/COPYING @@ -2,7 +2,7 @@ Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. @@ -305,7 +305,7 @@ the "copyright" line and a pointer to where the full notice is found. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA Also add information on how to contact you by electronic and paper mail. diff --git a/extra/yassl/include/buffer.hpp b/extra/yassl/include/buffer.hpp index 2d7817a7ca2..27f71199093 100644 --- a/extra/yassl/include/buffer.hpp +++ b/extra/yassl/include/buffer.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/include/cert_wrapper.hpp b/extra/yassl/include/cert_wrapper.hpp index d07e5b627b0..8be0f3b3e6a 100644 --- a/extra/yassl/include/cert_wrapper.hpp +++ b/extra/yassl/include/cert_wrapper.hpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2008 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/include/lock.hpp b/extra/yassl/include/lock.hpp index 9485c09b214..c0ef312c38c 100644 --- a/extra/yassl/include/lock.hpp +++ b/extra/yassl/include/lock.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2005, 2012, Oracle and/or its affiliates. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/include/openssl/prefix_ssl.h b/extra/yassl/include/openssl/prefix_ssl.h index 024cb0a9aff..22b3f4de34b 100644 --- a/extra/yassl/include/openssl/prefix_ssl.h +++ b/extra/yassl/include/openssl/prefix_ssl.h @@ -1,6 +1,5 @@ /* - Copyright (c) 2006, 2007 MySQL AB, 2008 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/include/socket_wrapper.hpp b/extra/yassl/include/socket_wrapper.hpp index 2372e64e56c..c9f1e3af09c 100644 --- a/extra/yassl/include/socket_wrapper.hpp +++ b/extra/yassl/include/socket_wrapper.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/include/yassl_error.hpp b/extra/yassl/include/yassl_error.hpp index 8efc7f72e87..a4b29ae2e8c 100644 --- a/extra/yassl/include/yassl_error.hpp +++ b/extra/yassl/include/yassl_error.hpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2010 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -53,7 +52,8 @@ enum YasslError { badVersion_error = 117, compress_error = 118, decompress_error = 119, - pms_version_error = 120 + pms_version_error = 120, + sanityCipher_error = 121 // !!!! add error message to .cpp !!!! diff --git a/extra/yassl/include/yassl_imp.hpp b/extra/yassl/include/yassl_imp.hpp index 04e85c16a04..a952da0d3d9 100644 --- a/extra/yassl/include/yassl_imp.hpp +++ b/extra/yassl/include/yassl_imp.hpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2008 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/include/yassl_int.hpp b/extra/yassl/include/yassl_int.hpp index 686e958d7e1..6f3ea1c6ad3 100644 --- a/extra/yassl/include/yassl_int.hpp +++ b/extra/yassl/include/yassl_int.hpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/include/yassl_types.hpp b/extra/yassl/include/yassl_types.hpp index a9e22833eb1..6a8c3f6c075 100644 --- a/extra/yassl/include/yassl_types.hpp +++ b/extra/yassl/include/yassl_types.hpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2008 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -220,7 +219,11 @@ const int DEFAULT_TIMEOUT = 500; // Default Session timeout in seconds const int MAX_RECORD_SIZE = 16384; // 2^14, max size by standard const int COMPRESS_EXTRA = 1024; // extra compression possible addition const int SESSION_FLUSH_COUNT = 256; // when to flush session cache - +const int MAX_PAD_SIZE = 256; // max TLS padding size +const int COMPRESS_CONSTANT = 13; // compression calculation constant +const int COMPRESS_UPPER = 55; // compression calculation numerator +const int COMPRESS_LOWER = 64; // compression calculation denominator +const int COMPRESS_DUMMY_SIZE = 64; // compression dummy round size typedef uint8 Cipher; // first byte is always 0x00 for SSLv3 & TLS diff --git a/extra/yassl/src/buffer.cpp b/extra/yassl/src/buffer.cpp index d885c953207..ec35f1760e7 100644 --- a/extra/yassl/src/buffer.cpp +++ b/extra/yassl/src/buffer.cpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2009 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/src/cert_wrapper.cpp b/extra/yassl/src/cert_wrapper.cpp index 917cfa1a8fb..639f0996d7e 100644 --- a/extra/yassl/src/cert_wrapper.cpp +++ b/extra/yassl/src/cert_wrapper.cpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2008, 2009 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/src/crypto_wrapper.cpp b/extra/yassl/src/crypto_wrapper.cpp index afb492c83c5..03e69ee1520 100644 --- a/extra/yassl/src/crypto_wrapper.cpp +++ b/extra/yassl/src/crypto_wrapper.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates + Copyright (c) 2005, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp index c7dbaf86071..d0f6827e862 100644 --- a/extra/yassl/src/handshake.cpp +++ b/extra/yassl/src/handshake.cpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2008 MySQL AB, 2009 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -221,12 +220,45 @@ void buildSHA(SSL& ssl, Finished& fin, const opaque* sender) } +// sanity checks on encrypted message size +static int sanity_check_message(SSL& ssl, uint msgSz) +{ + uint minSz = 0; + + if (ssl.getSecurity().get_parms().cipher_type_ == block) { + uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); + if (msgSz % blockSz) + return -1; + + minSz = ssl.getSecurity().get_parms().hash_size_ + 1; // pad byte too + if (blockSz > minSz) + minSz = blockSz; + + if (ssl.isTLSv1_1()) + minSz += blockSz; // explicit IV + } + else { // stream + minSz = ssl.getSecurity().get_parms().hash_size_; + } + + if (msgSz < minSz) + return -1; + + return 0; +} + + // decrypt input message in place, store size in case needed later void decrypt_message(SSL& ssl, input_buffer& input, uint sz) { input_buffer plain(sz); opaque* cipher = input.get_buffer() + input.get_current(); + if (sanity_check_message(ssl, sz) != 0) { + ssl.SetError(sanityCipher_error); + return; + } + ssl.useCrypto().use_cipher().decrypt(plain.get_buffer(), cipher, sz); memcpy(cipher, plain.get_buffer(), sz); ssl.useSecurity().use_parms().encrypt_size_ = sz; @@ -774,6 +806,8 @@ int DoProcessReply(SSL& ssl) return 0; } decrypt_message(ssl, buffer, hdr.length_); + if (ssl.GetError()) + return 0; } mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_)); diff --git a/extra/yassl/src/lock.cpp b/extra/yassl/src/lock.cpp index 6d8e9c17477..243717b6dbc 100644 --- a/extra/yassl/src/lock.cpp +++ b/extra/yassl/src/lock.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2005, 2012, Oracle and/or its affiliates. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/src/socket_wrapper.cpp b/extra/yassl/src/socket_wrapper.cpp index d88df13c08e..7afd4d41d1d 100644 --- a/extra/yassl/src/socket_wrapper.cpp +++ b/extra/yassl/src/socket_wrapper.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/src/ssl.cpp b/extra/yassl/src/ssl.cpp index 7c264e5a939..b0499a55e14 100644 --- a/extra/yassl/src/ssl.cpp +++ b/extra/yassl/src/ssl.cpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2008-2010 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/src/template_instnt.cpp b/extra/yassl/src/template_instnt.cpp index fe3a251b865..638ddfb3e4e 100644 --- a/extra/yassl/src/template_instnt.cpp +++ b/extra/yassl/src/template_instnt.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000-2008 MySQL AB This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/src/yassl.cpp b/extra/yassl/src/yassl.cpp index 99a1da5371b..b6b9a87e09a 100644 --- a/extra/yassl/src/yassl.cpp +++ b/extra/yassl/src/yassl.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/src/yassl_error.cpp b/extra/yassl/src/yassl_error.cpp index f48fbdc925e..2d42e82ab4a 100644 --- a/extra/yassl/src/yassl_error.cpp +++ b/extra/yassl/src/yassl_error.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2011, Oracle and/or its affiliates + Copyright (c) 2005, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -144,6 +144,10 @@ void SetErrorString(YasslError error, char* buffer) strncpy(buffer, "bad PreMasterSecret version error", max); break; + case sanityCipher_error : + strncpy(buffer, "sanity check on cipher text size error", max); + break; + // openssl errors case SSL_ERROR_WANT_READ : strncpy(buffer, "the read operation would block", max); diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp index c0ef23a4e94..d943775101b 100644 --- a/extra/yassl/src/yassl_imp.cpp +++ b/extra/yassl/src/yassl_imp.cpp @@ -972,30 +972,193 @@ output_buffer& operator<<(output_buffer& output, const Data& data) } +// check all bytes for equality +static int constant_compare(const byte* a, const byte* b, int len) +{ + int good = 0; + int bad = 0; + + for (int i = 0; i < len; i++) { + if (a[i] == b[i]) + good++; + else + bad++; + } + + if (good == len) + return 0; + else + return 0 - bad; // failure +} + + +// check bytes for pad value +static int pad_check(const byte* input, byte pad, int len) +{ + int good = 0; + int bad = 0; + + for (int i = 0; i < len; i++) { + if (input[i] == pad) + good++; + else + bad++; + } + + if (good == len) + return 0; + else + return 0 - bad; // failure +} + + +// get number of compression rounds +static inline int get_rounds(int pLen, int padLen, int t) +{ + int roundL1 = 1; // round ups + int roundL2 = 1; + + int L1 = COMPRESS_CONSTANT + pLen - t; + int L2 = COMPRESS_CONSTANT + pLen - padLen - 1 - t; + + L1 -= COMPRESS_UPPER; + L2 -= COMPRESS_UPPER; + + if ( (L1 % COMPRESS_LOWER) == 0) + roundL1 = 0; + if ( (L2 % COMPRESS_LOWER) == 0) + roundL2 = 0; + + L1 /= COMPRESS_LOWER; + L2 /= COMPRESS_LOWER; + + L1 += roundL1; + L2 += roundL2; + + return L1 - L2; +} + + +// do compression rounds on dummy data +static inline void compress_rounds(SSL& ssl, int rounds, const byte* dummy) +{ + if (rounds) { + Digest* digest = NULL; + + MACAlgorithm ma = ssl.getSecurity().get_parms().mac_algorithm_; + if (ma == sha) + digest = NEW_YS SHA; + else if (ma == md5) + digest = NEW_YS MD5; + else if (ma == rmd) + digest = NEW_YS RMD; + else + return; + + for (int i = 0; i < rounds; i++) + digest->update(dummy, COMPRESS_LOWER); + + ysDelete(digest); + } +} + + +// timing resistant pad verification +static int timing_verify(SSL& ssl, const byte* input, int padLen, int t, + int pLen) +{ + byte verify[SHA_LEN]; + byte dummy[MAX_PAD_SIZE]; + + memset(dummy, 1, sizeof(dummy)); + + if ( (t + padLen + 1) > pLen) { + pad_check(dummy, (byte)padLen, MAX_PAD_SIZE); + if (ssl.isTLS()) + TLS_hmac(ssl, verify, input, pLen - t, application_data, 1); + else + hmac(ssl, verify, input, pLen - t, application_data, 1); + constant_compare(verify, input + pLen - t, t); + + return -1; + } + + if (pad_check(input + pLen - (padLen + 1), (byte)padLen, padLen + 1) != 0) { + pad_check(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); + if (ssl.isTLS()) + TLS_hmac(ssl, verify, input, pLen - t, application_data, 1); + else + hmac(ssl, verify, input, pLen - t, application_data, 1); + constant_compare(verify, input + pLen - t, t); + + return -1; + } + + pad_check(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); + if (ssl.isTLS()) + TLS_hmac(ssl, verify, input, pLen - padLen - 1 - t, application_data,1); + else + hmac(ssl, verify, input, pLen - padLen - 1 - t, application_data, 1); + + compress_rounds(ssl, get_rounds(pLen, padLen, t), dummy); + + if (constant_compare(verify, input + (pLen - padLen - 1 - t), t) != 0) + return -1; + + return 0; +} + + // Process handler for Data void Data::Process(input_buffer& input, SSL& ssl) { int msgSz = ssl.getSecurity().get_parms().encrypt_size_; int pad = 0, padSz = 0; int ivExtra = 0; + int digestSz = ssl.getCrypto().get_digest().get_digestSize(); + const byte* rawData = input.get_buffer() + input.get_current(); + opaque verify[SHA_LEN]; if (ssl.getSecurity().get_parms().cipher_type_ == block) { if (ssl.isTLSv1_1()) // IV ivExtra = ssl.getCrypto().get_cipher().get_blockSize(); pad = *(input.get_buffer() + input.get_current() + msgSz -ivExtra - 1); padSz = 1; + + if (ssl.isTLS()) { + if (timing_verify(ssl, rawData, pad,digestSz, msgSz-ivExtra) != 0) { + ssl.SetError(verify_error); + return; + } + } + else { // SSLv3, some don't do this padding right + int sz3 = msgSz - digestSz - pad - 1; + hmac(ssl, verify, rawData, sz3, application_data, true); + if (constant_compare(verify, rawData + sz3, digestSz) != 0) { + ssl.SetError(verify_error); + return; + } + } } - int digestSz = ssl.getCrypto().get_digest().get_digestSize(); + else { // stream + int streamSz = msgSz - digestSz; + if (ssl.isTLS()) + TLS_hmac(ssl, verify, rawData, streamSz, application_data, true); + else + hmac(ssl, verify, rawData, streamSz, application_data, true); + if (constant_compare(verify, rawData + streamSz, digestSz) != 0) { + ssl.SetError(verify_error); + return; + } + } + int dataSz = msgSz - ivExtra - digestSz - pad - padSz; - opaque verify[SHA_LEN]; if (dataSz < 0) { ssl.SetError(bad_input); return; } - const byte* rawData = input.get_buffer() + input.get_current(); - // read data if (dataSz) { // could be compressed if (ssl.CompressionOn()) { @@ -1013,27 +1176,10 @@ void Data::Process(input_buffer& input, SSL& ssl) input.read(data->get_buffer(), dataSz); data->add_size(dataSz); } - - if (ssl.isTLS()) - TLS_hmac(ssl, verify, rawData, dataSz, application_data, true); - else - hmac(ssl, verify, rawData, dataSz, application_data, true); } - // read mac and skip fill - opaque mac[SHA_LEN]; - input.read(mac, digestSz); - input.set_current(input.get_current() + pad + padSz); - - // verify - if (dataSz) { - if (memcmp(mac, verify, digestSz)) { - ssl.SetError(verify_error); - return; - } - } - else - ssl.get_SEQIncrement(true); // even though no data, increment verify + // advance past mac and fill + input.set_current(input.get_current() + digestSz + pad + padSz); } diff --git a/extra/yassl/taocrypt/COPYING b/extra/yassl/taocrypt/COPYING index d60c31a97a5..d20476ee118 100644 --- a/extra/yassl/taocrypt/COPYING +++ b/extra/yassl/taocrypt/COPYING @@ -2,7 +2,7 @@ Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. @@ -305,7 +305,7 @@ the "copyright" line and a pointer to where the full notice is found. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA Also add information on how to contact you by electronic and paper mail. diff --git a/extra/yassl/taocrypt/include/aes.hpp b/extra/yassl/taocrypt/include/aes.hpp index e2041fc9350..01763033156 100644 --- a/extra/yassl/taocrypt/include/aes.hpp +++ b/extra/yassl/taocrypt/include/aes.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/asn.hpp b/extra/yassl/taocrypt/include/asn.hpp index c20387d86c7..fee2f26fb73 100644 --- a/extra/yassl/taocrypt/include/asn.hpp +++ b/extra/yassl/taocrypt/include/asn.hpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2010 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/block.hpp b/extra/yassl/taocrypt/include/block.hpp index 77017e9d5e4..601d9dbce57 100644 --- a/extra/yassl/taocrypt/include/block.hpp +++ b/extra/yassl/taocrypt/include/block.hpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2009 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/blowfish.hpp b/extra/yassl/taocrypt/include/blowfish.hpp index e868872d3cf..347cf05de4b 100644 --- a/extra/yassl/taocrypt/include/blowfish.hpp +++ b/extra/yassl/taocrypt/include/blowfish.hpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2006, 2010, Oracle and/or its affiliates + Copyright (c) 2006, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/des.hpp b/extra/yassl/taocrypt/include/des.hpp index 2bc41fc2628..d88e9ef2f46 100644 --- a/extra/yassl/taocrypt/include/des.hpp +++ b/extra/yassl/taocrypt/include/des.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/hash.hpp b/extra/yassl/taocrypt/include/hash.hpp index 4ebc82e073d..4d2f7dd35a1 100644 --- a/extra/yassl/taocrypt/include/hash.hpp +++ b/extra/yassl/taocrypt/include/hash.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/hc128.hpp b/extra/yassl/taocrypt/include/hc128.hpp index d1cf5f075f2..0449b28d8c7 100644 --- a/extra/yassl/taocrypt/include/hc128.hpp +++ b/extra/yassl/taocrypt/include/hc128.hpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/integer.hpp b/extra/yassl/taocrypt/include/integer.hpp index 256573cf622..e1a2ed5f426 100644 --- a/extra/yassl/taocrypt/include/integer.hpp +++ b/extra/yassl/taocrypt/include/integer.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/kernelc.hpp b/extra/yassl/taocrypt/include/kernelc.hpp index 5bdf1cffa3f..0840b3f2740 100644 --- a/extra/yassl/taocrypt/include/kernelc.hpp +++ b/extra/yassl/taocrypt/include/kernelc.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/misc.hpp b/extra/yassl/taocrypt/include/misc.hpp index c58713855dd..4c8926483e2 100644 --- a/extra/yassl/taocrypt/include/misc.hpp +++ b/extra/yassl/taocrypt/include/misc.hpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/modes.hpp b/extra/yassl/taocrypt/include/modes.hpp index 5fd36b80d3e..bfe8c6ec5d4 100644 --- a/extra/yassl/taocrypt/include/modes.hpp +++ b/extra/yassl/taocrypt/include/modes.hpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2009 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/pwdbased.hpp b/extra/yassl/taocrypt/include/pwdbased.hpp index d050fd8988b..9025cc1a50c 100644 --- a/extra/yassl/taocrypt/include/pwdbased.hpp +++ b/extra/yassl/taocrypt/include/pwdbased.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/rabbit.hpp b/extra/yassl/taocrypt/include/rabbit.hpp index 1e7276dd8ec..fb4e12c66bc 100644 --- a/extra/yassl/taocrypt/include/rabbit.hpp +++ b/extra/yassl/taocrypt/include/rabbit.hpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/rsa.hpp b/extra/yassl/taocrypt/include/rsa.hpp index 11a4ccfd039..ee3e378a69f 100644 --- a/extra/yassl/taocrypt/include/rsa.hpp +++ b/extra/yassl/taocrypt/include/rsa.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/runtime.hpp b/extra/yassl/taocrypt/include/runtime.hpp index 328c8e9e978..29c4d2db236 100644 --- a/extra/yassl/taocrypt/include/runtime.hpp +++ b/extra/yassl/taocrypt/include/runtime.hpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates + Copyright (c) 2005, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/include/types.hpp b/extra/yassl/taocrypt/include/types.hpp index 5d8bc9f0683..973e1d19893 100644 --- a/extra/yassl/taocrypt/include/types.hpp +++ b/extra/yassl/taocrypt/include/types.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/mySTL/stdexcept.hpp b/extra/yassl/taocrypt/mySTL/stdexcept.hpp index 15533eebc02..79ae6de3380 100644 --- a/extra/yassl/taocrypt/mySTL/stdexcept.hpp +++ b/extra/yassl/taocrypt/mySTL/stdexcept.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/mySTL/vector.hpp b/extra/yassl/taocrypt/mySTL/vector.hpp index 35b92610942..f3702b75125 100644 --- a/extra/yassl/taocrypt/mySTL/vector.hpp +++ b/extra/yassl/taocrypt/mySTL/vector.hpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/aes.cpp b/extra/yassl/taocrypt/src/aes.cpp index 3b09c5280bf..f976650e028 100644 --- a/extra/yassl/taocrypt/src/aes.cpp +++ b/extra/yassl/taocrypt/src/aes.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates + Copyright (c) 2005, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/aestables.cpp b/extra/yassl/taocrypt/src/aestables.cpp index 05c2c3b8e62..60795a549e4 100644 --- a/extra/yassl/taocrypt/src/aestables.cpp +++ b/extra/yassl/taocrypt/src/aestables.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/algebra.cpp b/extra/yassl/taocrypt/src/algebra.cpp index 29754b27b5e..9a37219543e 100644 --- a/extra/yassl/taocrypt/src/algebra.cpp +++ b/extra/yassl/taocrypt/src/algebra.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates + Copyright (c) 2005, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/arc4.cpp b/extra/yassl/taocrypt/src/arc4.cpp index 4630adcb11a..a76a37904f9 100644 --- a/extra/yassl/taocrypt/src/arc4.cpp +++ b/extra/yassl/taocrypt/src/arc4.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/blowfish.cpp b/extra/yassl/taocrypt/src/blowfish.cpp index e1c7c852d19..864f8bac260 100644 --- a/extra/yassl/taocrypt/src/blowfish.cpp +++ b/extra/yassl/taocrypt/src/blowfish.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2006, 2010, Oracle and/or its affiliates + Copyright (c) 2006, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/coding.cpp b/extra/yassl/taocrypt/src/coding.cpp index 0512ea9c889..8f317a484d8 100644 --- a/extra/yassl/taocrypt/src/coding.cpp +++ b/extra/yassl/taocrypt/src/coding.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates + Copyright (c) 2005, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/dsa.cpp b/extra/yassl/taocrypt/src/dsa.cpp index a4e9c9503e7..bf116d3e48d 100644 --- a/extra/yassl/taocrypt/src/dsa.cpp +++ b/extra/yassl/taocrypt/src/dsa.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/hash.cpp b/extra/yassl/taocrypt/src/hash.cpp index b36a486368c..c176e6a68d0 100644 --- a/extra/yassl/taocrypt/src/hash.cpp +++ b/extra/yassl/taocrypt/src/hash.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/hc128.cpp b/extra/yassl/taocrypt/src/hc128.cpp index aac92f0abb4..8934c318781 100644 --- a/extra/yassl/taocrypt/src/hc128.cpp +++ b/extra/yassl/taocrypt/src/hc128.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/md4.cpp b/extra/yassl/taocrypt/src/md4.cpp index 54820f4c944..9364a1c23b1 100644 --- a/extra/yassl/taocrypt/src/md4.cpp +++ b/extra/yassl/taocrypt/src/md4.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/md5.cpp b/extra/yassl/taocrypt/src/md5.cpp index 4d0a8bd03be..ee0d64acc17 100644 --- a/extra/yassl/taocrypt/src/md5.cpp +++ b/extra/yassl/taocrypt/src/md5.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/misc.cpp b/extra/yassl/taocrypt/src/misc.cpp index 1a4dd4a52d3..e410cfe1946 100644 --- a/extra/yassl/taocrypt/src/misc.cpp +++ b/extra/yassl/taocrypt/src/misc.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates + Copyright (c) 2005, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/rabbit.cpp b/extra/yassl/taocrypt/src/rabbit.cpp index 0ea4146618a..071a25191f8 100644 --- a/extra/yassl/taocrypt/src/rabbit.cpp +++ b/extra/yassl/taocrypt/src/rabbit.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/random.cpp b/extra/yassl/taocrypt/src/random.cpp index aa9be7f1985..084871c5447 100644 --- a/extra/yassl/taocrypt/src/random.cpp +++ b/extra/yassl/taocrypt/src/random.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/ripemd.cpp b/extra/yassl/taocrypt/src/ripemd.cpp index e012db43de5..f77010ca94d 100644 --- a/extra/yassl/taocrypt/src/ripemd.cpp +++ b/extra/yassl/taocrypt/src/ripemd.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/rsa.cpp b/extra/yassl/taocrypt/src/rsa.cpp index 576146377a3..69c59402e48 100644 --- a/extra/yassl/taocrypt/src/rsa.cpp +++ b/extra/yassl/taocrypt/src/rsa.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/sha.cpp b/extra/yassl/taocrypt/src/sha.cpp index 1ae42d94e4c..f67a4f55067 100644 --- a/extra/yassl/taocrypt/src/sha.cpp +++ b/extra/yassl/taocrypt/src/sha.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/template_instnt.cpp b/extra/yassl/taocrypt/src/template_instnt.cpp index b472d18236f..de0137dda7c 100644 --- a/extra/yassl/taocrypt/src/template_instnt.cpp +++ b/extra/yassl/taocrypt/src/template_instnt.cpp @@ -1,5 +1,5 @@ /* - Copyright (C) 2000-2007 MySQL AB + Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/taocrypt/src/twofish.cpp b/extra/yassl/taocrypt/src/twofish.cpp index 4ae493624dc..bf57f5dde44 100644 --- a/extra/yassl/taocrypt/src/twofish.cpp +++ b/extra/yassl/taocrypt/src/twofish.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2006, 2010, Oracle and/or its affiliates + Copyright (c) 2006, 2012, Oracle and/or its affiliates This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/extra/yassl/testsuite/test.hpp b/extra/yassl/testsuite/test.hpp index 559ebe54f1b..33f398ae269 100644 --- a/extra/yassl/testsuite/test.hpp +++ b/extra/yassl/testsuite/test.hpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2006, 2010, Oracle and/or its affiliates. + Copyright (c) 2006, 2012, Oracle and/or its affiliates. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by |