summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbeck <>2019-01-23 18:24:40 +0000
committerbeck <>2019-01-23 18:24:40 +0000
commit03a77eef903481d4308502d32fca33a961c4bb3a (patch)
treec7932fb2fd1ea2ff0c3a210ddd7adf1eb94d4186
parent811354ae1302b7cd68c86866b02f4ab4cf11322b (diff)
downloadopenbsd-03a77eef903481d4308502d32fca33a961c4bb3a.tar.gz
openbsd-03a77eef903481d4308502d32fca33a961c4bb3a.tar.bz2
openbsd-03a77eef903481d4308502d32fca33a961c4bb3a.zip
revert previous, accidentally contained another diff in addition
to the one I intended to commit
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/s3_lib.c8
-rw-r--r--src/lib/libssl/ssl_clnt.c5
-rw-r--r--src/lib/libssl/ssl_locl.h10
-rw-r--r--src/lib/libssl/ssl_sigalgs.c21
-rw-r--r--src/lib/libssl/ssl_sigalgs.h4
-rw-r--r--src/lib/libssl/ssl_tlsext.c348
-rw-r--r--src/lib/libssl/ssl_tlsext.h10
-rw-r--r--src/lib/libssl/t1_lib.c10
-rw-r--r--src/regress/lib/libssl/client/clienttest.c31
-rw-r--r--src/regress/lib/libssl/tlsext/tlsexttest.c22
10 files changed, 61 insertions, 408 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 53aab7c1e5..496bf7394c 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.179 2019/01/23 16:46:04 beck Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.180 2019/01/23 18:24:40 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1569,7 +1569,6 @@ ssl3_free(SSL *s)
1569 freezero(S3I(s)->hs_tls13.x25519_private, X25519_KEY_LENGTH); 1569 freezero(S3I(s)->hs_tls13.x25519_private, X25519_KEY_LENGTH);
1570 freezero(S3I(s)->hs_tls13.x25519_public, X25519_KEY_LENGTH); 1570 freezero(S3I(s)->hs_tls13.x25519_public, X25519_KEY_LENGTH);
1571 freezero(S3I(s)->hs_tls13.x25519_peer_public, X25519_KEY_LENGTH); 1571 freezero(S3I(s)->hs_tls13.x25519_peer_public, X25519_KEY_LENGTH);
1572 freezero(S3I(s)->hs_tls13.cookie, S3I(s)->hs_tls13.cookie_len);
1573 1572
1574 sk_X509_NAME_pop_free(S3I(s)->tmp.ca_names, X509_NAME_free); 1573 sk_X509_NAME_pop_free(S3I(s)->tmp.ca_names, X509_NAME_free);
1575 1574
@@ -1606,11 +1605,6 @@ ssl3_clear(SSL *s)
1606 freezero(S3I(s)->hs_tls13.x25519_private, X25519_KEY_LENGTH); 1605 freezero(S3I(s)->hs_tls13.x25519_private, X25519_KEY_LENGTH);
1607 freezero(S3I(s)->hs_tls13.x25519_public, X25519_KEY_LENGTH); 1606 freezero(S3I(s)->hs_tls13.x25519_public, X25519_KEY_LENGTH);
1608 freezero(S3I(s)->hs_tls13.x25519_peer_public, X25519_KEY_LENGTH); 1607 freezero(S3I(s)->hs_tls13.x25519_peer_public, X25519_KEY_LENGTH);
1609 freezero(S3I(s)->hs_tls13.cookie, S3I(s)->hs_tls13.cookie_len);
1610 S3I(s)->hs_tls13.cookie = NULL;
1611 S3I(s)->hs_tls13.cookie_len = 0;
1612
1613 S3I(s)->hs.extensions_seen = 0;
1614 1608
1615 rp = S3I(s)->rbuf.buf; 1609 rp = S3I(s)->rbuf.buf;
1616 wp = S3I(s)->wbuf.buf; 1610 wp = S3I(s)->wbuf.buf;
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index ee26a200b1..26755d7c03 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.53 2019/01/23 16:46:04 beck Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.54 2019/01/23 18:24:40 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1680,8 +1680,7 @@ ssl3_get_certificate_request(SSL *s)
1680 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG); 1680 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1681 goto err; 1681 goto err;
1682 } 1682 }
1683 if (!tls1_process_sigalgs(s, &sigalgs, tls12_sigalgs, 1683 if (!tls1_process_sigalgs(s, &sigalgs)) {
1684 tls12_sigalgs_len)) {
1685 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1684 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1686 SSLerror(s, SSL_R_SIGNATURE_ALGORITHMS_ERROR); 1685 SSLerror(s, SSL_R_SIGNATURE_ALGORITHMS_ERROR);
1687 goto err; 1686 goto err;
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index e4b1341db5..7fd155648c 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.229 2019/01/23 16:46:04 beck Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.230 2019/01/23 18:24:40 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -429,9 +429,6 @@ typedef struct ssl_handshake_st {
429 /* key_block is the record-layer key block for TLS 1.2 and earlier. */ 429 /* key_block is the record-layer key block for TLS 1.2 and earlier. */
430 int key_block_len; 430 int key_block_len;
431 unsigned char *key_block; 431 unsigned char *key_block;
432
433 /* Extensions seen in this handshake. */
434 uint32_t extensions_seen;
435} SSL_HANDSHAKE; 432} SSL_HANDSHAKE;
436 433
437typedef struct ssl_handshake_tls13_st { 434typedef struct ssl_handshake_tls13_st {
@@ -448,9 +445,6 @@ typedef struct ssl_handshake_tls13_st {
448 uint8_t *x25519_peer_public; 445 uint8_t *x25519_peer_public;
449 446
450 struct tls13_secrets *secrets; 447 struct tls13_secrets *secrets;
451
452 uint8_t *cookie;
453 size_t cookie_len;
454} SSL_HANDSHAKE_TLS13; 448} SSL_HANDSHAKE_TLS13;
455 449
456typedef struct ssl_ctx_internal_st { 450typedef struct ssl_ctx_internal_st {
@@ -1319,7 +1313,7 @@ int tls1_process_ticket(SSL *s, const unsigned char *session_id,
1319 int session_id_len, CBS *ext_block, SSL_SESSION **ret); 1313 int session_id_len, CBS *ext_block, SSL_SESSION **ret);
1320 1314
1321long ssl_get_algorithm2(SSL *s); 1315long ssl_get_algorithm2(SSL *s);
1322int tls1_process_sigalgs(SSL *s, CBS *cbs, uint16_t *, size_t); 1316int tls1_process_sigalgs(SSL *s, CBS *cbs);
1323 1317
1324int tls1_check_ec_server_key(SSL *s); 1318int tls1_check_ec_server_key(SSL *s);
1325 1319
diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c
index 23f65f5070..182ea1edaa 100644
--- a/src/lib/libssl/ssl_sigalgs.c
+++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,6 +1,6 @@
1/* $OpenBSD: ssl_sigalgs.c,v 1.12 2019/01/23 16:46:04 beck Exp $ */ 1/* $OpenBSD: ssl_sigalgs.c,v 1.13 2019/01/23 18:24:40 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2018, Bob Beck <beck@openbsd.org>
4 * 4 *
5 * Permission to use, copy, modify, and/or distribute this software for any 5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above 6 * purpose with or without fee is hereby granted, provided that the above
@@ -163,30 +163,13 @@ const struct ssl_sigalg sigalgs[] = {
163 }, 163 },
164}; 164};
165 165
166/* Sigalgs for tls 1.3, in preference order, */
167uint16_t tls13_sigalgs[] = {
168 SIGALG_RSA_PSS_RSAE_SHA512,
169 SIGALG_RSA_PKCS1_SHA512,
170 SIGALG_ECDSA_SECP512R1_SHA512,
171 SIGALG_RSA_PSS_RSAE_SHA384,
172 SIGALG_RSA_PKCS1_SHA384,
173 SIGALG_ECDSA_SECP384R1_SHA384,
174 SIGALG_RSA_PSS_RSAE_SHA256,
175 SIGALG_RSA_PKCS1_SHA256,
176 SIGALG_ECDSA_SECP256R1_SHA256,
177};
178size_t tls13_sigalgs_len = (sizeof(tls13_sigalgs) / sizeof(tls13_sigalgs[0]));
179
180/* Sigalgs for tls 1.2, in preference order, */ 166/* Sigalgs for tls 1.2, in preference order, */
181uint16_t tls12_sigalgs[] = { 167uint16_t tls12_sigalgs[] = {
182 SIGALG_RSA_PSS_RSAE_SHA512,
183 SIGALG_RSA_PKCS1_SHA512, 168 SIGALG_RSA_PKCS1_SHA512,
184 SIGALG_ECDSA_SECP512R1_SHA512, 169 SIGALG_ECDSA_SECP512R1_SHA512,
185 SIGALG_GOSTR12_512_STREEBOG_512, 170 SIGALG_GOSTR12_512_STREEBOG_512,
186 SIGALG_RSA_PSS_RSAE_SHA384,
187 SIGALG_RSA_PKCS1_SHA384, 171 SIGALG_RSA_PKCS1_SHA384,
188 SIGALG_ECDSA_SECP384R1_SHA384, 172 SIGALG_ECDSA_SECP384R1_SHA384,
189 SIGALG_RSA_PSS_RSAE_SHA256,
190 SIGALG_RSA_PKCS1_SHA256, 173 SIGALG_RSA_PKCS1_SHA256,
191 SIGALG_ECDSA_SECP256R1_SHA256, 174 SIGALG_ECDSA_SECP256R1_SHA256,
192 SIGALG_GOSTR12_256_STREEBOG_256, 175 SIGALG_GOSTR12_256_STREEBOG_256,
diff --git a/src/lib/libssl/ssl_sigalgs.h b/src/lib/libssl/ssl_sigalgs.h
index 8ea4df9e31..a45700389b 100644
--- a/src/lib/libssl/ssl_sigalgs.h
+++ b/src/lib/libssl/ssl_sigalgs.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_sigalgs.h,v 1.9 2019/01/23 16:46:04 beck Exp $ */ 1/* $OpenBSD: ssl_sigalgs.h,v 1.10 2019/01/23 18:24:40 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2018, Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2018, Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -71,8 +71,6 @@ struct ssl_sigalg{
71 71
72extern uint16_t tls12_sigalgs[]; 72extern uint16_t tls12_sigalgs[];
73extern size_t tls12_sigalgs_len; 73extern size_t tls12_sigalgs_len;
74extern uint16_t tls13_sigalgs[];
75extern size_t tls13_sigalgs_len;
76 74
77const struct ssl_sigalg *ssl_sigalg_lookup(uint16_t sigalg); 75const struct ssl_sigalg *ssl_sigalg_lookup(uint16_t sigalg);
78const struct ssl_sigalg *ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len); 76const struct ssl_sigalg *ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len);
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 06105f976d..d5c30c4e73 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_tlsext.c,v 1.32 2019/01/23 16:46:04 beck Exp $ */ 1/* $OpenBSD: ssl_tlsext.c,v 1.33 2019/01/23 18:24:40 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -536,26 +536,9 @@ tlsext_sigalgs_client_build(SSL *s, CBB *cbb)
536 if (!CBB_add_u16_length_prefixed(cbb, &sigalgs)) 536 if (!CBB_add_u16_length_prefixed(cbb, &sigalgs))
537 return 0; 537 return 0;
538 538
539 switch (TLS1_get_client_version(s)) { 539 if (!ssl_sigalgs_build(&sigalgs, tls12_sigalgs, tls12_sigalgs_len))
540 case TLS1_2_VERSION:
541 if (!ssl_sigalgs_build(&sigalgs, tls12_sigalgs, tls12_sigalgs_len))
542 return 0;
543 break;
544 case TLS1_3_VERSION:
545 if (S3I(s)->hs_tls13.min_version < TLS1_3_VERSION) {
546 if (!ssl_sigalgs_build(&sigalgs, tls12_sigalgs,
547 tls12_sigalgs_len))
548 return 0;
549 } else {
550 if (!ssl_sigalgs_build(&sigalgs, tls13_sigalgs,
551 tls13_sigalgs_len))
552 return 0; }
553
554 break;
555 default:
556 /* Should not happen */
557 return 0; 540 return 0;
558 } 541
559 if (!CBB_flush(cbb)) 542 if (!CBB_flush(cbb))
560 return 0; 543 return 0;
561 544
@@ -570,17 +553,7 @@ tlsext_sigalgs_server_parse(SSL *s, CBS *cbs, int *alert)
570 if (!CBS_get_u16_length_prefixed(cbs, &sigalgs)) 553 if (!CBS_get_u16_length_prefixed(cbs, &sigalgs))
571 return 0; 554 return 0;
572 555
573 switch (s->version) { 556 return tls1_process_sigalgs(s, &sigalgs);
574 case TLS1_3_VERSION:
575 return tls1_process_sigalgs(s, &sigalgs, tls13_sigalgs,
576 tls13_sigalgs_len);
577 case TLS1_2_VERSION:
578 return tls1_process_sigalgs(s, &sigalgs, tls12_sigalgs,
579 tls12_sigalgs_len);
580 default:
581 /* Fail if we get a version > what we recognize */
582 return 0;
583 }
584} 557}
585 558
586int 559int
@@ -1270,7 +1243,7 @@ tlsext_keyshare_client_build(SSL *s, CBB *cbb)
1270 1243
1271 return 1; 1244 return 1;
1272 1245
1273 err: 1246err:
1274 freezero(public_key, X25519_KEY_LENGTH); 1247 freezero(public_key, X25519_KEY_LENGTH);
1275 freezero(private_key, X25519_KEY_LENGTH); 1248 freezero(private_key, X25519_KEY_LENGTH);
1276 1249
@@ -1280,100 +1253,24 @@ tlsext_keyshare_client_build(SSL *s, CBB *cbb)
1280int 1253int
1281tlsext_keyshare_server_parse(SSL *s, CBS *cbs, int *alert) 1254tlsext_keyshare_server_parse(SSL *s, CBS *cbs, int *alert)
1282{ 1255{
1283 CBS client_shares; 1256 /* XXX we accept this but currently ignore it */
1284 CBS key_exchange; 1257 if (!CBS_skip(cbs, CBS_len(cbs))) {
1285 uint16_t group; 1258 *alert = TLS1_AD_INTERNAL_ERROR;
1286 size_t out_len; 1259 return 0;
1287 int ret = 0;
1288
1289 if (!CBS_get_u16_length_prefixed(cbs, &client_shares))
1290 goto err;
1291
1292 if (CBS_len(cbs) != 0)
1293 goto err;
1294
1295 while (CBS_len(&client_shares) > 0) {
1296
1297 /* Unpack client share. */
1298 if (!CBS_get_u16(&client_shares, &group))
1299 goto err;
1300
1301 if (!CBS_get_u16_length_prefixed(&client_shares, &key_exchange))
1302 goto err;
1303
1304 /*
1305 * Skip this client share if not X25519
1306 * XXX support other groups later.
1307 */
1308 if (ret || group != tls1_ec_nid2curve_id(NID_X25519))
1309 continue;
1310
1311 if (CBS_len(&key_exchange) != X25519_KEY_LENGTH)
1312 goto err;
1313
1314 if (!CBS_stow(&key_exchange, &S3I(s)->hs_tls13.x25519_peer_public,
1315 &out_len))
1316 goto err;
1317
1318 ret = 1;
1319 } 1260 }
1320 1261
1321 return ret; 1262 return 1;
1322
1323 err:
1324 *alert = SSL_AD_DECODE_ERROR;
1325 return 0;
1326} 1263}
1327 1264
1328int 1265int
1329tlsext_keyshare_server_needs(SSL *s) 1266tlsext_keyshare_server_needs(SSL *s)
1330{ 1267{
1331 size_t idx; 1268 return (!SSL_IS_DTLS(s) && s->version >= TLS1_3_VERSION);
1332
1333 if (SSL_IS_DTLS(s) || s->version < TLS1_3_VERSION)
1334 return 0;
1335 if (tls_extension_find(TLSEXT_TYPE_key_share, &idx) == NULL)
1336 return 0;
1337 return ((S3I(s)->hs.extensions_seen & (1 << idx)) != 0);
1338} 1269}
1339 1270
1340int 1271int
1341tlsext_keyshare_server_build(SSL *s, CBB *cbb) 1272tlsext_keyshare_server_build(SSL *s, CBB *cbb)
1342{ 1273{
1343 uint8_t *public_key = NULL, *private_key = NULL;
1344 CBB key_exchange;
1345
1346 /* X25519 */
1347 if (S3I(s)->hs_tls13.x25519_peer_public == NULL)
1348 return 0;
1349
1350 /* Generate X25519 key pair. */
1351 if ((public_key = malloc(X25519_KEY_LENGTH)) == NULL)
1352 goto err;
1353 if ((private_key = malloc(X25519_KEY_LENGTH)) == NULL)
1354 goto err;
1355 X25519_keypair(public_key, private_key);
1356
1357 /* Add the group and serialize the public key. */
1358 if (!CBB_add_u16(cbb, tls1_ec_nid2curve_id(NID_X25519)))
1359 goto err;
1360 if (!CBB_add_u16_length_prefixed(cbb, &key_exchange))
1361 goto err;
1362 if (!CBB_add_bytes(&key_exchange, public_key, X25519_KEY_LENGTH))
1363 goto err;
1364
1365 if (!CBB_flush(cbb))
1366 goto err;
1367
1368 S3I(s)->hs_tls13.x25519_public = public_key;
1369 S3I(s)->hs_tls13.x25519_private = private_key;
1370
1371 return 1;
1372
1373 err:
1374 freezero(public_key, X25519_KEY_LENGTH);
1375 freezero(private_key, X25519_KEY_LENGTH);
1376
1377 return 0; 1274 return 0;
1378} 1275}
1379 1276
@@ -1394,10 +1291,6 @@ tlsext_keyshare_client_parse(SSL *s, CBS *cbs, int *alert)
1394 1291
1395 if (!CBS_get_u16_length_prefixed(cbs, &key_exchange)) 1292 if (!CBS_get_u16_length_prefixed(cbs, &key_exchange))
1396 goto err; 1293 goto err;
1397
1398 if (CBS_len(cbs) != 0)
1399 goto err;
1400
1401 if (CBS_len(&key_exchange) != X25519_KEY_LENGTH) 1294 if (CBS_len(&key_exchange) != X25519_KEY_LENGTH)
1402 goto err; 1295 goto err;
1403 if (!CBS_stow(&key_exchange, &S3I(s)->hs_tls13.x25519_peer_public, 1296 if (!CBS_stow(&key_exchange, &S3I(s)->hs_tls13.x25519_peer_public,
@@ -1420,9 +1313,8 @@ tlsext_versions_client_needs(SSL *s)
1420 /* XXX once this gets initialized when we get tls13_client.c */ 1313 /* XXX once this gets initialized when we get tls13_client.c */
1421 if (S3I(s)->hs_tls13.max_version == 0) 1314 if (S3I(s)->hs_tls13.max_version == 0)
1422 return 0; 1315 return 0;
1423 if (SSL_IS_DTLS(s)) 1316 return (!SSL_IS_DTLS(s) && S3I(s)->hs_tls13.max_version >=
1424 return 0; 1317 TLS1_3_VERSION);
1425 return (S3I(s)->hs_tls13.max_version >= TLS1_3_VERSION);
1426} 1318}
1427 1319
1428int 1320int
@@ -1456,41 +1348,13 @@ tlsext_versions_client_build(SSL *s, CBB *cbb)
1456int 1348int
1457tlsext_versions_server_parse(SSL *s, CBS *cbs, int *alert) 1349tlsext_versions_server_parse(SSL *s, CBS *cbs, int *alert)
1458{ 1350{
1459 CBS versions; 1351 /* XXX we accept this but currently ignore it */
1460 uint16_t version; 1352 if (!CBS_skip(cbs, CBS_len(cbs))) {
1461 uint16_t max, min; 1353 *alert = TLS1_AD_INTERNAL_ERROR;
1462 uint16_t matched_version = 0; 1354 return 0;
1463
1464 max = S3I(s)->hs_tls13.max_version;
1465 min = S3I(s)->hs_tls13.min_version;
1466
1467 if (!CBS_get_u8_length_prefixed(cbs, &versions))
1468 goto err;
1469
1470 if (CBS_len(cbs) != 0)
1471 goto err;
1472
1473 if (CBS_len(&versions) < 2)
1474 goto err;
1475
1476 while(CBS_len(&versions) > 0) {
1477 if (!CBS_get_u16(&versions, &version))
1478 goto err;
1479 /*
1480 * XXX What is below implements client preference, and
1481 * ignores any server preference entirely.
1482 */
1483 if (matched_version == 0 && version >= min && version <= max)
1484 matched_version = version;
1485 } 1355 }
1486 if (matched_version != 0)
1487 s->version = matched_version;
1488 1356
1489 return 1; 1357 return 1;
1490
1491 err:
1492 *alert = SSL_AD_DECODE_ERROR;
1493 return 0;
1494} 1358}
1495 1359
1496int 1360int
@@ -1502,11 +1366,7 @@ tlsext_versions_server_needs(SSL *s)
1502int 1366int
1503tlsext_versions_server_build(SSL *s, CBB *cbb) 1367tlsext_versions_server_build(SSL *s, CBB *cbb)
1504{ 1368{
1505 if (!CBB_add_u16(cbb, TLS1_3_VERSION)) 1369 return 0;
1506 return 0;
1507 /* XXX set 1.2 in legacy version? */
1508
1509 return 1;
1510} 1370}
1511 1371
1512int 1372int
@@ -1519,161 +1379,12 @@ tlsext_versions_client_parse(SSL *s, CBS *cbs, int *alert)
1519 return 0; 1379 return 0;
1520 } 1380 }
1521 1381
1522 if (CBS_len(cbs) != 0) {
1523 *alert = SSL_AD_DECODE_ERROR;
1524 return 0;
1525 }
1526
1527 if (selected_version < TLS1_3_VERSION) {
1528 *alert = SSL_AD_ILLEGAL_PARAMETER;
1529 return 0;
1530 }
1531
1532 /* XXX test between min and max once initialization code goes in */ 1382 /* XXX test between min and max once initialization code goes in */
1533 S3I(s)->hs_tls13.server_version = selected_version; 1383 S3I(s)->hs_tls13.server_version = selected_version;
1534 1384
1535 return 1; 1385 return 1;
1536} 1386}
1537 1387
1538
1539/*
1540 * Cookie - RFC 8446 section 4.2.2.
1541 */
1542
1543int
1544tlsext_cookie_client_needs(SSL *s)
1545{
1546 /* XXX once this gets initialized when we get tls13_client.c */
1547 if (S3I(s)->hs_tls13.max_version == 0)
1548 return 0;
1549 if (SSL_IS_DTLS(s))
1550 return 0;
1551 if (S3I(s)->hs_tls13.max_version < TLS1_3_VERSION)
1552 return 0;
1553 return ((S3I(s)->hs_tls13.cookie_len > 0) &&
1554 (S3I(s)->hs_tls13.cookie != NULL));
1555}
1556
1557int
1558tlsext_cookie_client_build(SSL *s, CBB *cbb)
1559{
1560 CBB cookie;
1561
1562 if (!CBB_add_u16_length_prefixed(cbb, &cookie))
1563 return 0;
1564
1565 if (!CBB_add_bytes(&cookie, S3I(s)->hs_tls13.cookie,
1566 S3I(s)->hs_tls13.cookie_len))
1567 return 0;
1568
1569 if (!CBB_flush(cbb))
1570 return 0;
1571
1572 return 1;
1573}
1574
1575int
1576tlsext_cookie_server_parse(SSL *s, CBS *cbs, int *alert)
1577{
1578 CBS cookie;
1579
1580 if (!CBS_get_u16_length_prefixed(cbs, &cookie))
1581 goto err;
1582
1583 if (CBS_len(cbs) != 0)
1584 goto err;
1585
1586 if (CBS_len(&cookie) != S3I(s)->hs_tls13.cookie_len)
1587 goto err;
1588
1589 /*
1590 * Check provided cookie value against what server previously
1591 * sent - client *MUST* send the same cookie with new CR after
1592 * a cookie is sent by the server with an HRR
1593 */
1594 if (memcmp(CBS_data(&cookie), S3I(s)->hs_tls13.cookie,
1595 S3I(s)->hs_tls13.cookie_len) != 0) {
1596 /* XXX special cookie mismatch alert? */
1597 *alert = SSL_AD_ILLEGAL_PARAMETER;
1598 return 0;
1599 }
1600
1601 return 1;
1602
1603 err:
1604 *alert = SSL_AD_DECODE_ERROR;
1605 return 0;
1606}
1607
1608int
1609tlsext_cookie_server_needs(SSL *s)
1610{
1611 /* XXX once this gets initialized when we get tls13_client.c */
1612 if (S3I(s)->hs_tls13.max_version == 0)
1613 return 0;
1614 if (SSL_IS_DTLS(s))
1615 return 0;
1616 if (S3I(s)->hs_tls13.max_version < TLS1_3_VERSION)
1617 return 0;
1618 /*
1619 * Server needs to set cookie value in tls13 handshake
1620 * in order to send one, should only be sent with HRR.
1621 */
1622 return ((S3I(s)->hs_tls13.cookie_len > 0) &&
1623 (S3I(s)->hs_tls13.cookie != NULL));
1624}
1625
1626int
1627tlsext_cookie_server_build(SSL *s, CBB *cbb)
1628{
1629 CBB cookie;
1630
1631 if (!CBB_add_u16_length_prefixed(cbb, &cookie))
1632 return 0;
1633 if (!CBB_add_bytes(&cookie, S3I(s)->hs_tls13.cookie,
1634 S3I(s)->hs_tls13.cookie_len))
1635 return 0;
1636 if (!CBB_flush(cbb))
1637 return 0;
1638
1639 return 1;
1640}
1641
1642int
1643tlsext_cookie_client_parse(SSL *s, CBS *cbs, int *alert)
1644{
1645 CBS cookie;
1646
1647 /*
1648 * XXX This currently assumes we will not get a second
1649 * HRR from a server with a cookie to process after accepting
1650 * one from the server in the same handshake
1651 */
1652 if ((S3I(s)->hs_tls13.cookie != NULL) ||
1653 S3I(s)->hs_tls13.cookie_len != 0) {
1654 *alert = SSL_AD_ILLEGAL_PARAMETER;
1655 return 0;
1656 }
1657
1658 if (!CBS_get_u16_length_prefixed(cbs, &cookie))
1659 goto err;
1660
1661 if (CBS_len(cbs) != 0)
1662 goto err;
1663
1664 if ((S3I(s)->hs_tls13.cookie = malloc(CBS_len(&cookie))) == NULL)
1665 goto err;
1666
1667 memcpy(S3I(s)->hs_tls13.cookie, CBS_data(&cookie), CBS_len(&cookie));
1668 S3I(s)->hs_tls13.cookie_len = CBS_len(&cookie);
1669
1670 return 1;
1671
1672 err:
1673 *alert = SSL_AD_DECODE_ERROR;
1674 return 0;
1675}
1676
1677struct tls_extension_funcs { 1388struct tls_extension_funcs {
1678 int (*needs)(SSL *s); 1389 int (*needs)(SSL *s);
1679 int (*build)(SSL *s, CBB *cbb); 1390 int (*build)(SSL *s, CBB *cbb);
@@ -1831,20 +1542,6 @@ static struct tls_extension tls_extensions[] = {
1831 .parse = tlsext_alpn_client_parse, 1542 .parse = tlsext_alpn_client_parse,
1832 }, 1543 },
1833 }, 1544 },
1834 {
1835 .type = TLSEXT_TYPE_cookie,
1836 .messages = SSL_TLSEXT_MSG_CH | SSL_TLSEXT_MSG_HRR,
1837 .client = {
1838 .needs = tlsext_cookie_client_needs,
1839 .build = tlsext_cookie_client_build,
1840 .parse = tlsext_cookie_server_parse,
1841 },
1842 .server = {
1843 .needs = tlsext_cookie_server_needs,
1844 .build = tlsext_cookie_server_build,
1845 .parse = tlsext_cookie_client_parse,
1846 },
1847 },
1848#ifndef OPENSSL_NO_SRTP 1545#ifndef OPENSSL_NO_SRTP
1849 { 1546 {
1850 .type = TLSEXT_TYPE_use_srtp, 1547 .type = TLSEXT_TYPE_use_srtp,
@@ -1868,7 +1565,7 @@ static struct tls_extension tls_extensions[] = {
1868/* Ensure that extensions fit in a uint32_t bitmask. */ 1565/* Ensure that extensions fit in a uint32_t bitmask. */
1869CTASSERT(N_TLS_EXTENSIONS <= (sizeof(uint32_t) * 8)); 1566CTASSERT(N_TLS_EXTENSIONS <= (sizeof(uint32_t) * 8));
1870 1567
1871struct tls_extension * 1568static struct tls_extension *
1872tls_extension_find(uint16_t type, size_t *tls_extensions_idx) 1569tls_extension_find(uint16_t type, size_t *tls_extensions_idx)
1873{ 1570{
1874 size_t i; 1571 size_t i;
@@ -1948,12 +1645,11 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server, uint16_t msg_type)
1948 struct tls_extension_funcs *ext; 1645 struct tls_extension_funcs *ext;
1949 struct tls_extension *tlsext; 1646 struct tls_extension *tlsext;
1950 CBS extensions, extension_data; 1647 CBS extensions, extension_data;
1648 uint32_t extensions_seen = 0;
1951 uint16_t type; 1649 uint16_t type;
1952 size_t idx; 1650 size_t idx;
1953 uint16_t version; 1651 uint16_t version;
1954 1652
1955 S3I(s)->hs.extensions_seen = 0;
1956
1957 if (is_server) 1653 if (is_server)
1958 version = s->version; 1654 version = s->version;
1959 else 1655 else
@@ -1992,9 +1688,9 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server, uint16_t msg_type)
1992 } 1688 }
1993 1689
1994 /* Check for duplicate known extensions. */ 1690 /* Check for duplicate known extensions. */
1995 if ((S3I(s)->hs.extensions_seen & (1 << idx)) != 0) 1691 if ((extensions_seen & (1 << idx)) != 0)
1996 return 0; 1692 return 0;
1997 S3I(s)->hs.extensions_seen |= (1 << idx); 1693 extensions_seen |= (1 << idx);
1998 1694
1999 ext = tlsext_funcs(tlsext, is_server); 1695 ext = tlsext_funcs(tlsext, is_server);
2000 if (!ext->parse(s, &extension_data, alert)) 1696 if (!ext->parse(s, &extension_data, alert))
diff --git a/src/lib/libssl/ssl_tlsext.h b/src/lib/libssl/ssl_tlsext.h
index 8472a8058b..e82be579d0 100644
--- a/src/lib/libssl/ssl_tlsext.h
+++ b/src/lib/libssl/ssl_tlsext.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_tlsext.h,v 1.18 2019/01/23 16:46:04 beck Exp $ */ 1/* $OpenBSD: ssl_tlsext.h,v 1.19 2019/01/23 18:24:40 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -101,13 +101,6 @@ int tlsext_keyshare_server_needs(SSL *s);
101int tlsext_keyshare_server_build(SSL *s, CBB *cbb); 101int tlsext_keyshare_server_build(SSL *s, CBB *cbb);
102int tlsext_keyshare_server_parse(SSL *s, CBS *cbs, int *alert); 102int tlsext_keyshare_server_parse(SSL *s, CBS *cbs, int *alert);
103 103
104int tlsext_cookie_client_needs(SSL *s);
105int tlsext_cookie_client_build(SSL *s, CBB *cbb);
106int tlsext_cookie_client_parse(SSL *s, CBS *cbs, int *alert);
107int tlsext_cookie_server_needs(SSL *s);
108int tlsext_cookie_server_build(SSL *s, CBB *cbb);
109int tlsext_cookie_server_parse(SSL *s, CBS *cbs, int *alert);
110
111#ifndef OPENSSL_NO_SRTP 104#ifndef OPENSSL_NO_SRTP
112int tlsext_srtp_client_needs(SSL *s); 105int tlsext_srtp_client_needs(SSL *s);
113int tlsext_srtp_client_build(SSL *s, CBB *cbb); 106int tlsext_srtp_client_build(SSL *s, CBB *cbb);
@@ -123,7 +116,6 @@ int tlsext_client_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type);
123int tlsext_server_build(SSL *s, CBB *cbb, uint16_t msg_type); 116int tlsext_server_build(SSL *s, CBB *cbb, uint16_t msg_type);
124int tlsext_server_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type); 117int tlsext_server_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type);
125 118
126struct tls_extension *tls_extension_find(uint16_t, size_t *);
127__END_HIDDEN_DECLS 119__END_HIDDEN_DECLS
128 120
129#endif 121#endif
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 567b3e48e0..cde022939d 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.151 2019/01/23 16:46:04 beck Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.152 2019/01/23 18:24:40 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1002,12 +1002,11 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
1002 1002
1003/* Set preferred digest for each key type */ 1003/* Set preferred digest for each key type */
1004int 1004int
1005tls1_process_sigalgs(SSL *s, CBS *cbs, uint16_t *sigalgs, size_t sigalgs_len) 1005tls1_process_sigalgs(SSL *s, CBS *cbs)
1006{ 1006{
1007 CERT *c = s->cert; 1007 CERT *c = s->cert;
1008 1008
1009 /* Extension ignored for inappropriate versions */ 1009 /* Extension ignored for inappropriate versions */
1010 /* XXX get rid of this? */
1011 if (!SSL_USE_SIGALGS(s)) 1010 if (!SSL_USE_SIGALGS(s))
1012 return 1; 1011 return 1;
1013 1012
@@ -1024,8 +1023,9 @@ tls1_process_sigalgs(SSL *s, CBS *cbs, uint16_t *sigalgs, size_t sigalgs_len)
1024 if (!CBS_get_u16(cbs, &sig_alg)) 1023 if (!CBS_get_u16(cbs, &sig_alg))
1025 return 0; 1024 return 0;
1026 1025
1027 if ((sigalg = ssl_sigalg(sig_alg, sigalgs, sigalgs_len)) != 1026 if ((sigalg = ssl_sigalg(sig_alg, tls12_sigalgs,
1028 NULL && c->pkeys[sigalg->pkey_idx].sigalg == NULL) { 1027 tls12_sigalgs_len)) != NULL &&
1028 c->pkeys[sigalg->pkey_idx].sigalg == NULL) {
1029 c->pkeys[sigalg->pkey_idx].sigalg = sigalg; 1029 c->pkeys[sigalg->pkey_idx].sigalg = sigalg;
1030 if (sigalg->pkey_idx == SSL_PKEY_RSA_SIGN) 1030 if (sigalg->pkey_idx == SSL_PKEY_RSA_SIGN)
1031 c->pkeys[SSL_PKEY_RSA_ENC].sigalg = sigalg; 1031 c->pkeys[SSL_PKEY_RSA_ENC].sigalg = sigalg;
diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c
index 25a8790e61..cb45dc583c 100644
--- a/src/regress/lib/libssl/client/clienttest.c
+++ b/src/regress/lib/libssl/client/clienttest.c
@@ -141,15 +141,15 @@ static unsigned char cipher_list_tls12_chacha[] = {
141}; 141};
142 142
143static unsigned char client_hello_tls12[] = { 143static unsigned char client_hello_tls12[] = {
144 0x16, 0x03, 0x01, 0x00, 0xc5, 0x01, 0x00, 0x00, 144 0x16, 0x03, 0x01, 0x00, 0xbf, 0x01, 0x00, 0x00,
145 0xc1, 0x03, 0x03, 0xc9, 0xf9, 0x1f, 0x05, 0xaf, 145 0xbb, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
146 0x61, 0xd7, 0xe7, 0x84, 0xd1, 0x1c, 0x6f, 0x79, 146 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
147 0x32, 0x04, 0x8e, 0x5c, 0xe3, 0x18, 0x5a, 0x85, 147 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
148 0xee, 0x44, 0xe1, 0xca, 0x32, 0xce, 0x07, 0xd3, 148 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
149 0xdb, 0x0f, 0x91, 0x00, 0x00, 0x5c, 0xc0, 0x30, 149 0x00, 0x00, 0x00, 0x00, 0x00, 0x5c, 0xcc, 0xa9,
150 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, 150 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c,
151 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, 151 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a,
152 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85, 152 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85,
153 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, 153 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
154 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, 154 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
155 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, 155 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
@@ -158,15 +158,14 @@ static unsigned char client_hello_tls12[] = {
158 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, 158 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
159 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04, 159 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04,
160 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 160 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
161 0x00, 0xff, 0x01, 0x00, 0x00, 0x3c, 0x00, 0x0b, 161 0x00, 0xff, 0x01, 0x00, 0x00, 0x36, 0x00, 0x0b,
162 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 162 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08,
163 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 163 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
164 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x22, 164 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x1c,
165 0x00, 0x20, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 165 0x00, 0x1a, 0x06, 0x01, 0x06, 0x03, 0xef, 0xef,
166 0xef, 0xef, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 166 0x05, 0x01, 0x05, 0x03, 0x04, 0x01, 0x04, 0x03,
167 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0xee, 0xee, 167 0xee, 0xee, 0xed, 0xed, 0x03, 0x01, 0x03, 0x03,
168 0xed, 0xed, 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 168 0x02, 0x01, 0x02, 0x03,
169 0x02, 0x03,
170}; 169};
171 170
172struct client_hello_test { 171struct client_hello_test {
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
index 3387b86f3f..5689a1c29e 100644
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ b/src/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tlsexttest.c,v 1.23 2019/01/23 16:46:04 beck Exp $ */ 1/* $OpenBSD: tlsexttest.c,v 1.24 2019/01/23 18:24:40 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -1505,11 +1505,10 @@ test_tlsext_ri_server(void)
1505 */ 1505 */
1506 1506
1507static unsigned char tlsext_sigalgs_client[] = { 1507static unsigned char tlsext_sigalgs_client[] = {
1508 0x00, 0x20, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 1508 0x00, 0x1a, 0x06, 0x01, 0x06, 0x03, 0xef, 0xef,
1509 0xef, 0xef, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 1509 0x05, 0x01, 0x05, 0x03, 0x04, 0x01, 0x04, 0x03,
1510 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0xee, 0xee, 1510 0xee, 0xee, 0xed, 0xed, 0x03, 0x01, 0x03, 0x03,
1511 0xed, 0xed, 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 1511 0x02, 0x01, 0x02, 0x03,
1512 0x02, 0x03,
1513}; 1512};
1514 1513
1515static int 1514static int
@@ -2733,14 +2732,13 @@ test_tlsext_srtp_server(void)
2733#endif /* OPENSSL_NO_SRTP */ 2732#endif /* OPENSSL_NO_SRTP */
2734 2733
2735unsigned char tlsext_clienthello_default[] = { 2734unsigned char tlsext_clienthello_default[] = {
2736 0x00, 0x3c, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 2735 0x00, 0x36, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00,
2737 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 2736 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d,
2738 0x00, 0x17, 0x00, 0x18, 0x00, 0x23, 0x00, 0x00, 2737 0x00, 0x17, 0x00, 0x18, 0x00, 0x23, 0x00, 0x00,
2739 0x00, 0x0d, 0x00, 0x22, 0x00, 0x20, 0x08, 0x06, 2738 0x00, 0x0d, 0x00, 0x1c, 0x00, 0x1a, 0x06, 0x01,
2740 0x06, 0x01, 0x06, 0x03, 0xef, 0xef, 0x08, 0x05, 2739 0x06, 0x03, 0xef, 0xef, 0x05, 0x01, 0x05, 0x03,
2741 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01, 2740 0x04, 0x01, 0x04, 0x03, 0xee, 0xee, 0xed, 0xed,
2742 0x04, 0x03, 0xee, 0xee, 0xed, 0xed, 0x03, 0x01, 2741 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 0x02, 0x03,
2743 0x03, 0x03, 0x02, 0x01, 0x02, 0x03,
2744}; 2742};
2745 2743
2746unsigned char tlsext_clienthello_disabled[] = {}; 2744unsigned char tlsext_clienthello_disabled[] = {};
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-11 05:42:28 +0000