diff options
| author | jsing <> | 2022-01-11 19:03:15 +0000 |
|---|---|---|
| committer | jsing <> | 2022-01-11 19:03:15 +0000 |
| commit | 29dd08f9d36c1e143430c23b6c134c873648b8f4 (patch) | |
| tree | 41d4132a79c4a27fd233912019e3d7a523318b29 | |
| parent | 1e518bcbf05a26f72d8671b296a6096f39cf402e (diff) | |
| download | openbsd-29dd08f9d36c1e143430c23b6c134c873648b8f4.tar.gz openbsd-29dd08f9d36c1e143430c23b6c134c873648b8f4.tar.bz2 openbsd-29dd08f9d36c1e143430c23b6c134c873648b8f4.zip | |
Remove peer_pkeys from SSL_SESSION.
peer_pkeys comes from some world where peers can send multiple certificates
- in fact, one of each known type. Since we do not live in such a world,
get rid of peer_pkeys and simply use peer_cert instead (in both TLSv1.2
and TLSv1.3, both clients and servers can only send a single leaf
(aka end-entity) certificate).
ok inoguchi@ tb@
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 81 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 13 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_sess.c | 6 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 14 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_client.c | 20 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 20 |
6 files changed, 58 insertions, 96 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 8b5ccd480a..61c1d71c8e 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.136 2022/01/11 18:39:28 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.137 2022/01/11 19:03:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1071,12 +1071,13 @@ ssl3_get_server_hello(SSL *s) | |||
| 1071 | int | 1071 | int |
| 1072 | ssl3_get_server_certificate(SSL *s) | 1072 | ssl3_get_server_certificate(SSL *s) |
| 1073 | { | 1073 | { |
| 1074 | int al, i, ret; | ||
| 1075 | CBS cbs, cert_list; | 1074 | CBS cbs, cert_list; |
| 1076 | X509 *x = NULL; | 1075 | X509 *x = NULL; |
| 1077 | const unsigned char *q; | 1076 | const unsigned char *q; |
| 1078 | STACK_OF(X509) *sk = NULL; | 1077 | STACK_OF(X509) *sk = NULL; |
| 1079 | EVP_PKEY *pkey = NULL; | 1078 | EVP_PKEY *pkey; |
| 1079 | int cert_type; | ||
| 1080 | int al, ret; | ||
| 1080 | 1081 | ||
| 1081 | if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A, | 1082 | if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A, |
| 1082 | SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list)) <= 0) | 1083 | SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list)) <= 0) |
| @@ -1144,12 +1145,11 @@ ssl3_get_server_certificate(SSL *s) | |||
| 1144 | x = NULL; | 1145 | x = NULL; |
| 1145 | } | 1146 | } |
| 1146 | 1147 | ||
| 1147 | i = ssl_verify_cert_chain(s, sk); | 1148 | if (ssl_verify_cert_chain(s, sk) <= 0 && |
| 1148 | if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) { | 1149 | s->verify_mode != SSL_VERIFY_NONE) { |
| 1149 | al = ssl_verify_alarm_type(s->verify_result); | 1150 | al = ssl_verify_alarm_type(s->verify_result); |
| 1150 | SSLerror(s, SSL_R_CERTIFICATE_VERIFY_FAILED); | 1151 | SSLerror(s, SSL_R_CERTIFICATE_VERIFY_FAILED); |
| 1151 | goto fatal_err; | 1152 | goto fatal_err; |
| 1152 | |||
| 1153 | } | 1153 | } |
| 1154 | ERR_clear_error(); /* but we keep s->verify_result */ | 1154 | ERR_clear_error(); /* but we keep s->verify_result */ |
| 1155 | 1155 | ||
| @@ -1159,39 +1159,31 @@ ssl3_get_server_certificate(SSL *s) | |||
| 1159 | */ | 1159 | */ |
| 1160 | x = sk_X509_value(sk, 0); | 1160 | x = sk_X509_value(sk, 0); |
| 1161 | 1161 | ||
| 1162 | pkey = X509_get_pubkey(x); | 1162 | if ((pkey = X509_get0_pubkey(x)) == NULL || |
| 1163 | 1163 | EVP_PKEY_missing_parameters(pkey)) { | |
| 1164 | if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) { | ||
| 1165 | x = NULL; | 1164 | x = NULL; |
| 1166 | al = SSL3_AL_FATAL; | 1165 | al = SSL3_AL_FATAL; |
| 1167 | SSLerror(s, SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS); | 1166 | SSLerror(s, SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS); |
| 1168 | goto fatal_err; | 1167 | goto fatal_err; |
| 1169 | } | 1168 | } |
| 1170 | 1169 | if ((cert_type = ssl_cert_type(x, pkey)) < 0) { | |
| 1171 | i = ssl_cert_type(x, pkey); | ||
| 1172 | if (i < 0) { | ||
| 1173 | x = NULL; | 1170 | x = NULL; |
| 1174 | al = SSL3_AL_FATAL; | 1171 | al = SSL3_AL_FATAL; |
| 1175 | SSLerror(s, SSL_R_UNKNOWN_CERTIFICATE_TYPE); | 1172 | SSLerror(s, SSL_R_UNKNOWN_CERTIFICATE_TYPE); |
| 1176 | goto fatal_err; | 1173 | goto fatal_err; |
| 1177 | } | 1174 | } |
| 1178 | s->session->peer_cert_type = i; | ||
| 1179 | |||
| 1180 | sk_X509_pop_free(s->session->cert_chain, X509_free); | ||
| 1181 | s->session->cert_chain = sk; | ||
| 1182 | sk = NULL; | ||
| 1183 | |||
| 1184 | X509_up_ref(x); | ||
| 1185 | X509_free(s->session->peer_pkeys[i].x509); | ||
| 1186 | s->session->peer_pkeys[i].x509 = x; | ||
| 1187 | s->session->peer_key = &s->session->peer_pkeys[i]; | ||
| 1188 | 1175 | ||
| 1189 | X509_up_ref(x); | 1176 | X509_up_ref(x); |
| 1190 | X509_free(s->session->peer_cert); | 1177 | X509_free(s->session->peer_cert); |
| 1191 | s->session->peer_cert = x; | 1178 | s->session->peer_cert = x; |
| 1179 | s->session->peer_cert_type = cert_type; | ||
| 1192 | 1180 | ||
| 1193 | s->session->verify_result = s->verify_result; | 1181 | s->session->verify_result = s->verify_result; |
| 1194 | 1182 | ||
| 1183 | sk_X509_pop_free(s->session->cert_chain, X509_free); | ||
| 1184 | s->session->cert_chain = sk; | ||
| 1185 | sk = NULL; | ||
| 1186 | |||
| 1195 | x = NULL; | 1187 | x = NULL; |
| 1196 | ret = 1; | 1188 | ret = 1; |
| 1197 | 1189 | ||
| @@ -1204,7 +1196,6 @@ ssl3_get_server_certificate(SSL *s) | |||
| 1204 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 1196 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 1205 | } | 1197 | } |
| 1206 | err: | 1198 | err: |
| 1207 | EVP_PKEY_free(pkey); | ||
| 1208 | X509_free(x); | 1199 | X509_free(x); |
| 1209 | sk_X509_pop_free(sk, X509_free); | 1200 | sk_X509_pop_free(sk, X509_free); |
| 1210 | 1201 | ||
| @@ -1377,12 +1368,12 @@ ssl3_get_server_key_exchange(SSL *s) | |||
| 1377 | EVP_PKEY_CTX *pctx; | 1368 | EVP_PKEY_CTX *pctx; |
| 1378 | EVP_PKEY *pkey = NULL; | 1369 | EVP_PKEY *pkey = NULL; |
| 1379 | 1370 | ||
| 1380 | if ((alg_a & SSL_aRSA) != 0) { | 1371 | if ((alg_a & SSL_aRSA) != 0 && |
| 1381 | pkey = X509_get0_pubkey( | 1372 | s->session->peer_cert_type == SSL_PKEY_RSA) { |
| 1382 | s->session->peer_pkeys[SSL_PKEY_RSA].x509); | 1373 | pkey = X509_get0_pubkey(s->session->peer_cert); |
| 1383 | } else if ((alg_a & SSL_aECDSA) != 0) { | 1374 | } else if ((alg_a & SSL_aECDSA) != 0 && |
| 1384 | pkey = X509_get0_pubkey( | 1375 | s->session->peer_cert_type == SSL_PKEY_ECC) { |
| 1385 | s->session->peer_pkeys[SSL_PKEY_ECC].x509); | 1376 | pkey = X509_get0_pubkey(s->session->peer_cert); |
| 1386 | } | 1377 | } |
| 1387 | if (pkey == NULL) { | 1378 | if (pkey == NULL) { |
| 1388 | al = SSL_AD_ILLEGAL_PARAMETER; | 1379 | al = SSL_AD_ILLEGAL_PARAMETER; |
| @@ -1800,7 +1791,7 @@ ssl3_send_client_kex_rsa(SSL *s, CBB *cbb) | |||
| 1800 | unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH]; | 1791 | unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH]; |
| 1801 | unsigned char *enc_pms = NULL; | 1792 | unsigned char *enc_pms = NULL; |
| 1802 | uint16_t max_legacy_version; | 1793 | uint16_t max_legacy_version; |
| 1803 | EVP_PKEY *pkey = NULL; | 1794 | EVP_PKEY *pkey; |
| 1804 | RSA *rsa; | 1795 | RSA *rsa; |
| 1805 | int ret = 0; | 1796 | int ret = 0; |
| 1806 | int enc_len; | 1797 | int enc_len; |
| @@ -1810,7 +1801,7 @@ ssl3_send_client_kex_rsa(SSL *s, CBB *cbb) | |||
| 1810 | * RSA-Encrypted Premaster Secret Message - RFC 5246 section 7.4.7.1. | 1801 | * RSA-Encrypted Premaster Secret Message - RFC 5246 section 7.4.7.1. |
| 1811 | */ | 1802 | */ |
| 1812 | 1803 | ||
| 1813 | pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509); | 1804 | pkey = X509_get0_pubkey(s->session->peer_cert); |
| 1814 | if (pkey == NULL || (rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) { | 1805 | if (pkey == NULL || (rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) { |
| 1815 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 1806 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
| 1816 | goto err; | 1807 | goto err; |
| @@ -1855,7 +1846,6 @@ ssl3_send_client_kex_rsa(SSL *s, CBB *cbb) | |||
| 1855 | 1846 | ||
| 1856 | err: | 1847 | err: |
| 1857 | explicit_bzero(pms, sizeof(pms)); | 1848 | explicit_bzero(pms, sizeof(pms)); |
| 1858 | EVP_PKEY_free(pkey); | ||
| 1859 | free(enc_pms); | 1849 | free(enc_pms); |
| 1860 | 1850 | ||
| 1861 | return ret; | 1851 | return ret; |
| @@ -1938,8 +1928,7 @@ ssl3_send_client_kex_gost(SSL *s, CBB *cbb) | |||
| 1938 | unsigned char premaster_secret[32], shared_ukm[32], tmp[256]; | 1928 | unsigned char premaster_secret[32], shared_ukm[32], tmp[256]; |
| 1939 | EVP_PKEY_CTX *pkey_ctx = NULL; | 1929 | EVP_PKEY_CTX *pkey_ctx = NULL; |
| 1940 | EVP_MD_CTX *ukm_hash = NULL; | 1930 | EVP_MD_CTX *ukm_hash = NULL; |
| 1941 | EVP_PKEY *pub_key; | 1931 | EVP_PKEY *pkey; |
| 1942 | X509 *peer_cert; | ||
| 1943 | size_t msglen; | 1932 | size_t msglen; |
| 1944 | unsigned int md_len; | 1933 | unsigned int md_len; |
| 1945 | CBB gostblob; | 1934 | CBB gostblob; |
| @@ -1947,12 +1936,12 @@ ssl3_send_client_kex_gost(SSL *s, CBB *cbb) | |||
| 1947 | int ret = 0; | 1936 | int ret = 0; |
| 1948 | 1937 | ||
| 1949 | /* Get server sertificate PKEY and create ctx from it */ | 1938 | /* Get server sertificate PKEY and create ctx from it */ |
| 1950 | peer_cert = s->session->peer_pkeys[SSL_PKEY_GOST01].x509; | 1939 | pkey = X509_get0_pubkey(s->session->peer_cert); |
| 1951 | if ((pub_key = X509_get0_pubkey(peer_cert)) == NULL) { | 1940 | if (pkey == NULL || s->session->peer_cert_type != SSL_PKEY_GOST01) { |
| 1952 | SSLerror(s, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); | 1941 | SSLerror(s, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); |
| 1953 | goto err; | 1942 | goto err; |
| 1954 | } | 1943 | } |
| 1955 | if ((pkey_ctx = EVP_PKEY_CTX_new(pub_key, NULL)) == NULL) { | 1944 | if ((pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) { |
| 1956 | SSLerror(s, ERR_R_MALLOC_FAILURE); | 1945 | SSLerror(s, ERR_R_MALLOC_FAILURE); |
| 1957 | goto err; | 1946 | goto err; |
| 1958 | } | 1947 | } |
| @@ -2449,9 +2438,8 @@ int | |||
| 2449 | ssl3_check_cert_and_algorithm(SSL *s) | 2438 | ssl3_check_cert_and_algorithm(SSL *s) |
| 2450 | { | 2439 | { |
| 2451 | long alg_k, alg_a; | 2440 | long alg_k, alg_a; |
| 2452 | EVP_PKEY *pkey = NULL; | ||
| 2453 | int nid = NID_undef; | 2441 | int nid = NID_undef; |
| 2454 | int i, idx; | 2442 | int i; |
| 2455 | 2443 | ||
| 2456 | alg_k = S3I(s)->hs.cipher->algorithm_mkey; | 2444 | alg_k = S3I(s)->hs.cipher->algorithm_mkey; |
| 2457 | alg_a = S3I(s)->hs.cipher->algorithm_auth; | 2445 | alg_a = S3I(s)->hs.cipher->algorithm_auth; |
| @@ -2465,20 +2453,15 @@ ssl3_check_cert_and_algorithm(SSL *s) | |||
| 2465 | 2453 | ||
| 2466 | /* This is the passed certificate. */ | 2454 | /* This is the passed certificate. */ |
| 2467 | 2455 | ||
| 2468 | idx = s->session->peer_cert_type; | 2456 | if (s->session->peer_cert_type == SSL_PKEY_ECC) { |
| 2469 | if (idx == SSL_PKEY_ECC) { | 2457 | if (!ssl_check_srvr_ecc_cert_and_alg(s, s->session->peer_cert)) { |
| 2470 | if (!ssl_check_srvr_ecc_cert_and_alg(s, | ||
| 2471 | s->session->peer_pkeys[idx].x509)) { | ||
| 2472 | /* check failed */ | ||
| 2473 | SSLerror(s, SSL_R_BAD_ECC_CERT); | 2458 | SSLerror(s, SSL_R_BAD_ECC_CERT); |
| 2474 | goto fatal_err; | 2459 | goto fatal_err; |
| 2475 | } else { | ||
| 2476 | return (1); | ||
| 2477 | } | 2460 | } |
| 2461 | return (1); | ||
| 2478 | } | 2462 | } |
| 2479 | pkey = X509_get_pubkey(s->session->peer_pkeys[idx].x509); | 2463 | |
| 2480 | i = X509_certificate_type(s->session->peer_pkeys[idx].x509, pkey); | 2464 | i = X509_certificate_type(s->session->peer_cert, NULL); |
| 2481 | EVP_PKEY_free(pkey); | ||
| 2482 | 2465 | ||
| 2483 | /* Check that we have a certificate if we require one. */ | 2466 | /* Check that we have a certificate if we require one. */ |
| 2484 | if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) { | 2467 | if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) { |
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 36823d6462..546854b462 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.382 2022/01/11 18:39:28 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.383 2022/01/11 19:03:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -475,8 +475,9 @@ struct ssl_session_st { | |||
| 475 | unsigned int sid_ctx_length; | 475 | unsigned int sid_ctx_length; |
| 476 | unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; | 476 | unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; |
| 477 | 477 | ||
| 478 | /* This is the cert for the other end. */ | 478 | /* Peer provided leaf (end-entity) certificate. */ |
| 479 | X509 *peer_cert; | 479 | X509 *peer_cert; |
| 480 | int peer_cert_type; | ||
| 480 | 481 | ||
| 481 | /* when app_verify_callback accepts a session where the peer's certificate | 482 | /* when app_verify_callback accepts a session where the peer's certificate |
| 482 | * is not ok, we must remember the error for session reuse: */ | 483 | * is not ok, we must remember the error for session reuse: */ |
| @@ -513,14 +514,6 @@ struct ssl_session_st { | |||
| 513 | 514 | ||
| 514 | STACK_OF(X509) *cert_chain; /* as received from peer */ | 515 | STACK_OF(X509) *cert_chain; /* as received from peer */ |
| 515 | 516 | ||
| 516 | /* The 'peer_...' members are used only by clients. */ | ||
| 517 | int peer_cert_type; | ||
| 518 | |||
| 519 | /* Obviously we don't have the private keys of these, | ||
| 520 | * so maybe we shouldn't even use the SSL_CERT_PKEY type here. */ | ||
| 521 | SSL_CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */ | ||
| 522 | SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; | ||
| 523 | |||
| 524 | size_t tlsext_ecpointformatlist_length; | 517 | size_t tlsext_ecpointformatlist_length; |
| 525 | uint8_t *tlsext_ecpointformatlist; /* peer's list */ | 518 | uint8_t *tlsext_ecpointformatlist; /* peer's list */ |
| 526 | size_t tlsext_supportedgroups_length; | 519 | size_t tlsext_supportedgroups_length; |
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index a49076be74..44c2e846ba 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_sess.c,v 1.108 2022/01/11 18:39:28 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_sess.c,v 1.109 2022/01/11 19:03:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -230,8 +230,6 @@ SSL_SESSION_new(void) | |||
| 230 | ss->next = NULL; | 230 | ss->next = NULL; |
| 231 | ss->tlsext_hostname = NULL; | 231 | ss->tlsext_hostname = NULL; |
| 232 | 232 | ||
| 233 | ss->peer_key = &ss->peer_pkeys[SSL_PKEY_RSA]; | ||
| 234 | |||
| 235 | ss->tlsext_ecpointformatlist_length = 0; | 233 | ss->tlsext_ecpointformatlist_length = 0; |
| 236 | ss->tlsext_ecpointformatlist = NULL; | 234 | ss->tlsext_ecpointformatlist = NULL; |
| 237 | ss->tlsext_supportedgroups_length = 0; | 235 | ss->tlsext_supportedgroups_length = 0; |
| @@ -763,8 +761,6 @@ SSL_SESSION_free(SSL_SESSION *ss) | |||
| 763 | explicit_bzero(ss->session_id, sizeof ss->session_id); | 761 | explicit_bzero(ss->session_id, sizeof ss->session_id); |
| 764 | 762 | ||
| 765 | sk_X509_pop_free(ss->cert_chain, X509_free); | 763 | sk_X509_pop_free(ss->cert_chain, X509_free); |
| 766 | for (i = 0; i < SSL_PKEY_NUM; i++) | ||
| 767 | X509_free(ss->peer_pkeys[i].x509); | ||
| 768 | 764 | ||
| 769 | X509_free(ss->peer_cert); | 765 | X509_free(ss->peer_cert); |
| 770 | 766 | ||
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 786362ea02..30545320b3 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.139 2022/01/11 18:39:28 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.140 2022/01/11 19:03:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1905,7 +1905,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 1905 | CBS cbs, signature; | 1905 | CBS cbs, signature; |
| 1906 | const struct ssl_sigalg *sigalg = NULL; | 1906 | const struct ssl_sigalg *sigalg = NULL; |
| 1907 | uint16_t sigalg_value = SIGALG_NONE; | 1907 | uint16_t sigalg_value = SIGALG_NONE; |
| 1908 | EVP_PKEY *pkey = NULL; | 1908 | EVP_PKEY *pkey; |
| 1909 | X509 *peer_cert = NULL; | 1909 | X509 *peer_cert = NULL; |
| 1910 | EVP_MD_CTX *mctx = NULL; | 1910 | EVP_MD_CTX *mctx = NULL; |
| 1911 | int al, verify; | 1911 | int al, verify; |
| @@ -1928,11 +1928,9 @@ ssl3_get_cert_verify(SSL *s) | |||
| 1928 | 1928 | ||
| 1929 | CBS_init(&cbs, s->internal->init_msg, s->internal->init_num); | 1929 | CBS_init(&cbs, s->internal->init_msg, s->internal->init_num); |
| 1930 | 1930 | ||
| 1931 | if (s->session->peer_cert != NULL) { | 1931 | peer_cert = s->session->peer_cert; |
| 1932 | peer_cert = s->session->peer_cert; | 1932 | pkey = X509_get0_pubkey(peer_cert); |
| 1933 | pkey = X509_get_pubkey(peer_cert); | 1933 | type = X509_certificate_type(peer_cert, pkey); |
| 1934 | type = X509_certificate_type(peer_cert, pkey); | ||
| 1935 | } | ||
| 1936 | 1934 | ||
| 1937 | if (S3I(s)->hs.tls12.message_type != SSL3_MT_CERTIFICATE_VERIFY) { | 1935 | if (S3I(s)->hs.tls12.message_type != SSL3_MT_CERTIFICATE_VERIFY) { |
| 1938 | S3I(s)->hs.tls12.reuse_message = 1; | 1936 | S3I(s)->hs.tls12.reuse_message = 1; |
| @@ -2131,7 +2129,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2131 | tls1_transcript_free(s); | 2129 | tls1_transcript_free(s); |
| 2132 | err: | 2130 | err: |
| 2133 | EVP_MD_CTX_free(mctx); | 2131 | EVP_MD_CTX_free(mctx); |
| 2134 | EVP_PKEY_free(pkey); | 2132 | |
| 2135 | return (ret); | 2133 | return (ret); |
| 2136 | } | 2134 | } |
| 2137 | 2135 | ||
diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c index 3e168a0b54..4b52f6cf62 100644 --- a/src/lib/libssl/tls13_client.c +++ b/src/lib/libssl/tls13_client.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_client.c,v 1.92 2022/01/11 18:39:28 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_client.c,v 1.93 2022/01/11 19:03:15 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -561,7 +561,7 @@ tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 561 | X509 *cert = NULL; | 561 | X509 *cert = NULL; |
| 562 | EVP_PKEY *pkey; | 562 | EVP_PKEY *pkey; |
| 563 | const uint8_t *p; | 563 | const uint8_t *p; |
| 564 | int cert_idx, alert_desc; | 564 | int alert_desc, cert_type; |
| 565 | int ret = 0; | 565 | int ret = 0; |
| 566 | 566 | ||
| 567 | if ((certs = sk_X509_new_null()) == NULL) | 567 | if ((certs = sk_X509_new_null()) == NULL) |
| @@ -625,24 +625,20 @@ tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 625 | goto err; | 625 | goto err; |
| 626 | if (EVP_PKEY_missing_parameters(pkey)) | 626 | if (EVP_PKEY_missing_parameters(pkey)) |
| 627 | goto err; | 627 | goto err; |
| 628 | if ((cert_idx = ssl_cert_type(cert, pkey)) < 0) | 628 | if ((cert_type = ssl_cert_type(cert, pkey)) < 0) |
| 629 | goto err; | 629 | goto err; |
| 630 | 630 | ||
| 631 | sk_X509_pop_free(s->session->cert_chain, X509_free); | ||
| 632 | s->session->cert_chain = certs; | ||
| 633 | certs = NULL; | ||
| 634 | |||
| 635 | X509_up_ref(cert); | ||
| 636 | X509_free(s->session->peer_pkeys[cert_idx].x509); | ||
| 637 | s->session->peer_pkeys[cert_idx].x509 = cert; | ||
| 638 | s->session->peer_key = &s->session->peer_pkeys[cert_idx]; | ||
| 639 | |||
| 640 | X509_up_ref(cert); | 631 | X509_up_ref(cert); |
| 641 | X509_free(s->session->peer_cert); | 632 | X509_free(s->session->peer_cert); |
| 642 | s->session->peer_cert = cert; | 633 | s->session->peer_cert = cert; |
| 634 | s->session->peer_cert_type = cert_type; | ||
| 643 | 635 | ||
| 644 | s->session->verify_result = s->verify_result; | 636 | s->session->verify_result = s->verify_result; |
| 645 | 637 | ||
| 638 | sk_X509_pop_free(s->session->cert_chain, X509_free); | ||
| 639 | s->session->cert_chain = certs; | ||
| 640 | certs = NULL; | ||
| 641 | |||
| 646 | if (ctx->ocsp_status_recv_cb != NULL && | 642 | if (ctx->ocsp_status_recv_cb != NULL && |
| 647 | !ctx->ocsp_status_recv_cb(ctx)) | 643 | !ctx->ocsp_status_recv_cb(ctx)) |
| 648 | goto err; | 644 | goto err; |
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index 3330023430..10e49104d4 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.94 2022/01/11 18:39:28 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.95 2022/01/11 19:03:15 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -857,7 +857,7 @@ tls13_client_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 857 | X509 *cert = NULL; | 857 | X509 *cert = NULL; |
| 858 | EVP_PKEY *pkey; | 858 | EVP_PKEY *pkey; |
| 859 | const uint8_t *p; | 859 | const uint8_t *p; |
| 860 | int cert_idx; | 860 | int cert_type; |
| 861 | int ret = 0; | 861 | int ret = 0; |
| 862 | 862 | ||
| 863 | if (!CBS_get_u8_length_prefixed(cbs, &cert_request_context)) | 863 | if (!CBS_get_u8_length_prefixed(cbs, &cert_request_context)) |
| @@ -918,24 +918,20 @@ tls13_client_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 918 | goto err; | 918 | goto err; |
| 919 | if (EVP_PKEY_missing_parameters(pkey)) | 919 | if (EVP_PKEY_missing_parameters(pkey)) |
| 920 | goto err; | 920 | goto err; |
| 921 | if ((cert_idx = ssl_cert_type(cert, pkey)) < 0) | 921 | if ((cert_type = ssl_cert_type(cert, pkey)) < 0) |
| 922 | goto err; | 922 | goto err; |
| 923 | 923 | ||
| 924 | sk_X509_pop_free(s->session->cert_chain, X509_free); | ||
| 925 | s->session->cert_chain = certs; | ||
| 926 | certs = NULL; | ||
| 927 | |||
| 928 | X509_up_ref(cert); | ||
| 929 | X509_free(s->session->peer_pkeys[cert_idx].x509); | ||
| 930 | s->session->peer_pkeys[cert_idx].x509 = cert; | ||
| 931 | s->session->peer_key = &s->session->peer_pkeys[cert_idx]; | ||
| 932 | |||
| 933 | X509_up_ref(cert); | 924 | X509_up_ref(cert); |
| 934 | X509_free(s->session->peer_cert); | 925 | X509_free(s->session->peer_cert); |
| 935 | s->session->peer_cert = cert; | 926 | s->session->peer_cert = cert; |
| 927 | s->session->peer_cert_type = cert_type; | ||
| 936 | 928 | ||
| 937 | s->session->verify_result = s->verify_result; | 929 | s->session->verify_result = s->verify_result; |
| 938 | 930 | ||
| 931 | sk_X509_pop_free(s->session->cert_chain, X509_free); | ||
| 932 | s->session->cert_chain = certs; | ||
| 933 | certs = NULL; | ||
| 934 | |||
| 939 | ctx->handshake_stage.hs_type |= WITH_CCV; | 935 | ctx->handshake_stage.hs_type |= WITH_CCV; |
| 940 | ret = 1; | 936 | ret = 1; |
| 941 | 937 | ||