diff options
| author | jsing <> | 2022-01-08 12:59:59 +0000 |
|---|---|---|
| committer | jsing <> | 2022-01-08 12:59:59 +0000 |
| commit | b30ca58d70d934bae7bf7e8653a6c20abbb32a31 (patch) | |
| tree | a0f52599388e1e633ef501a33e33307964a97198 | |
| parent | c9912e9c904debefddadcc409940eab31cf8b02b (diff) | |
| download | openbsd-b30ca58d70d934bae7bf7e8653a6c20abbb32a31.tar.gz openbsd-b30ca58d70d934bae7bf7e8653a6c20abbb32a31.tar.bz2 openbsd-b30ca58d70d934bae7bf7e8653a6c20abbb32a31.zip | |
Merge SESS_CERT into SSL_SESSION.
There is no reason for SESS_CERT to exist - remove it and merge its members
into SSL_SESSION for the time being. More clean up to follow.
ok inoguchi@ tb@
| -rw-r--r-- | src/lib/libssl/ssl_cert.c | 37 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 99 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 16 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 29 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_sess.c | 8 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 22 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_client.c | 18 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 18 |
8 files changed, 76 insertions, 171 deletions
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index c735547393..e91de659ce 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_cert.c,v 1.92 2022/01/08 12:43:44 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_cert.c,v 1.93 2022/01/08 12:59:58 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -347,41 +347,6 @@ ssl_cert_add1_chain_cert(SSL_CERT *c, X509 *cert) | |||
| 347 | return 1; | 347 | return 1; |
| 348 | } | 348 | } |
| 349 | 349 | ||
| 350 | SESS_CERT * | ||
| 351 | ssl_sess_cert_new(void) | ||
| 352 | { | ||
| 353 | SESS_CERT *ret; | ||
| 354 | |||
| 355 | ret = calloc(1, sizeof *ret); | ||
| 356 | if (ret == NULL) { | ||
| 357 | SSLerrorx(ERR_R_MALLOC_FAILURE); | ||
| 358 | return NULL; | ||
| 359 | } | ||
| 360 | ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA]); | ||
| 361 | ret->references = 1; | ||
| 362 | |||
| 363 | return ret; | ||
| 364 | } | ||
| 365 | |||
| 366 | void | ||
| 367 | ssl_sess_cert_free(SESS_CERT *sc) | ||
| 368 | { | ||
| 369 | int i; | ||
| 370 | |||
| 371 | if (sc == NULL) | ||
| 372 | return; | ||
| 373 | |||
| 374 | i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT); | ||
| 375 | if (i > 0) | ||
| 376 | return; | ||
| 377 | |||
| 378 | sk_X509_pop_free(sc->cert_chain, X509_free); | ||
| 379 | for (i = 0; i < SSL_PKEY_NUM; i++) | ||
| 380 | X509_free(sc->peer_pkeys[i].x509); | ||
| 381 | |||
| 382 | free(sc); | ||
| 383 | } | ||
| 384 | |||
| 385 | int | 350 | int |
| 386 | ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) | 351 | ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) |
| 387 | { | 352 | { |
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index c3912c3ebd..70b6fff6bf 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.127 2022/01/06 18:23:56 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.128 2022/01/08 12:59:58 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1076,7 +1076,6 @@ ssl3_get_server_certificate(SSL *s) | |||
| 1076 | X509 *x = NULL; | 1076 | X509 *x = NULL; |
| 1077 | const unsigned char *q; | 1077 | const unsigned char *q; |
| 1078 | STACK_OF(X509) *sk = NULL; | 1078 | STACK_OF(X509) *sk = NULL; |
| 1079 | SESS_CERT *sc; | ||
| 1080 | EVP_PKEY *pkey = NULL; | 1079 | EVP_PKEY *pkey = NULL; |
| 1081 | 1080 | ||
| 1082 | if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A, | 1081 | if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A, |
| @@ -1154,20 +1153,11 @@ ssl3_get_server_certificate(SSL *s) | |||
| 1154 | } | 1153 | } |
| 1155 | ERR_clear_error(); /* but we keep s->verify_result */ | 1154 | ERR_clear_error(); /* but we keep s->verify_result */ |
| 1156 | 1155 | ||
| 1157 | sc = ssl_sess_cert_new(); | ||
| 1158 | if (sc == NULL) | ||
| 1159 | goto err; | ||
| 1160 | ssl_sess_cert_free(s->session->sess_cert); | ||
| 1161 | s->session->sess_cert = sc; | ||
| 1162 | |||
| 1163 | sc->cert_chain = sk; | ||
| 1164 | /* | 1156 | /* |
| 1165 | * Inconsistency alert: cert_chain does include the peer's | 1157 | * Inconsistency alert: cert_chain does include the peer's |
| 1166 | * certificate, which we don't include in s3_srvr.c | 1158 | * certificate, which we don't include in s3_srvr.c |
| 1167 | */ | 1159 | */ |
| 1168 | x = sk_X509_value(sk, 0); | 1160 | x = sk_X509_value(sk, 0); |
| 1169 | sk = NULL; | ||
| 1170 | /* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/ | ||
| 1171 | 1161 | ||
| 1172 | pkey = X509_get_pubkey(x); | 1162 | pkey = X509_get_pubkey(x); |
| 1173 | 1163 | ||
| @@ -1185,20 +1175,21 @@ ssl3_get_server_certificate(SSL *s) | |||
| 1185 | SSLerror(s, SSL_R_UNKNOWN_CERTIFICATE_TYPE); | 1175 | SSLerror(s, SSL_R_UNKNOWN_CERTIFICATE_TYPE); |
| 1186 | goto fatal_err; | 1176 | goto fatal_err; |
| 1187 | } | 1177 | } |
| 1178 | s->session->peer_cert_type = i; | ||
| 1179 | |||
| 1180 | sk_X509_pop_free(s->session->cert_chain, X509_free); | ||
| 1181 | s->session->cert_chain = sk; | ||
| 1182 | sk = NULL; | ||
| 1188 | 1183 | ||
| 1189 | sc->peer_cert_type = i; | ||
| 1190 | X509_up_ref(x); | 1184 | X509_up_ref(x); |
| 1191 | /* | 1185 | X509_free(s->session->peer_pkeys[i].x509); |
| 1192 | * Why would the following ever happen? | 1186 | s->session->peer_pkeys[i].x509 = x; |
| 1193 | * We just created sc a couple of lines ago. | 1187 | s->session->peer_key = &s->session->peer_pkeys[i]; |
| 1194 | */ | ||
| 1195 | X509_free(sc->peer_pkeys[i].x509); | ||
| 1196 | sc->peer_pkeys[i].x509 = x; | ||
| 1197 | sc->peer_key = &(sc->peer_pkeys[i]); | ||
| 1198 | 1188 | ||
| 1199 | X509_free(s->session->peer); | ||
| 1200 | X509_up_ref(x); | 1189 | X509_up_ref(x); |
| 1190 | X509_free(s->session->peer); | ||
| 1201 | s->session->peer = x; | 1191 | s->session->peer = x; |
| 1192 | |||
| 1202 | s->session->verify_result = s->verify_result; | 1193 | s->session->verify_result = s->verify_result; |
| 1203 | 1194 | ||
| 1204 | x = NULL; | 1195 | x = NULL; |
| @@ -1225,11 +1216,9 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) | |||
| 1225 | { | 1216 | { |
| 1226 | int nid = NID_dhKeyAgreement; | 1217 | int nid = NID_dhKeyAgreement; |
| 1227 | int invalid_params, invalid_key; | 1218 | int invalid_params, invalid_key; |
| 1228 | SESS_CERT *sc; | ||
| 1229 | long alg_a; | 1219 | long alg_a; |
| 1230 | 1220 | ||
| 1231 | alg_a = S3I(s)->hs.cipher->algorithm_auth; | 1221 | alg_a = S3I(s)->hs.cipher->algorithm_auth; |
| 1232 | sc = s->session->sess_cert; | ||
| 1233 | 1222 | ||
| 1234 | tls_key_share_free(S3I(s)->hs.key_share); | 1223 | tls_key_share_free(S3I(s)->hs.key_share); |
| 1235 | if ((S3I(s)->hs.key_share = tls_key_share_new_nid(nid)) == NULL) | 1224 | if ((S3I(s)->hs.key_share = tls_key_share_new_nid(nid)) == NULL) |
| @@ -1254,7 +1243,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) | |||
| 1254 | } | 1243 | } |
| 1255 | 1244 | ||
| 1256 | if (alg_a & SSL_aRSA) | 1245 | if (alg_a & SSL_aRSA) |
| 1257 | *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_RSA].x509); | 1246 | *pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509); |
| 1258 | else | 1247 | else |
| 1259 | /* XXX - Anonymous DH, so no certificate or pkey. */ | 1248 | /* XXX - Anonymous DH, so no certificate or pkey. */ |
| 1260 | *pkey = NULL; | 1249 | *pkey = NULL; |
| @@ -1275,11 +1264,9 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) | |||
| 1275 | CBS public; | 1264 | CBS public; |
| 1276 | uint8_t curve_type; | 1265 | uint8_t curve_type; |
| 1277 | uint16_t curve_id; | 1266 | uint16_t curve_id; |
| 1278 | SESS_CERT *sc; | ||
| 1279 | long alg_a; | 1267 | long alg_a; |
| 1280 | 1268 | ||
| 1281 | alg_a = S3I(s)->hs.cipher->algorithm_auth; | 1269 | alg_a = S3I(s)->hs.cipher->algorithm_auth; |
| 1282 | sc = s->session->sess_cert; | ||
| 1283 | 1270 | ||
| 1284 | if (!CBS_get_u8(cbs, &curve_type)) | 1271 | if (!CBS_get_u8(cbs, &curve_type)) |
| 1285 | goto decode_err; | 1272 | goto decode_err; |
| @@ -1319,9 +1306,9 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) | |||
| 1319 | * and ECDSA. | 1306 | * and ECDSA. |
| 1320 | */ | 1307 | */ |
| 1321 | if (alg_a & SSL_aRSA) | 1308 | if (alg_a & SSL_aRSA) |
| 1322 | *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_RSA].x509); | 1309 | *pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509); |
| 1323 | else if (alg_a & SSL_aECDSA) | 1310 | else if (alg_a & SSL_aECDSA) |
| 1324 | *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_ECC].x509); | 1311 | *pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_ECC].x509); |
| 1325 | else | 1312 | else |
| 1326 | /* XXX - Anonymous ECDH, so no certificate or pkey. */ | 1313 | /* XXX - Anonymous ECDH, so no certificate or pkey. */ |
| 1327 | *pkey = NULL; | 1314 | *pkey = NULL; |
| @@ -1381,12 +1368,6 @@ ssl3_get_server_key_exchange(SSL *s) | |||
| 1381 | return (1); | 1368 | return (1); |
| 1382 | } | 1369 | } |
| 1383 | 1370 | ||
| 1384 | if (s->session->sess_cert == NULL) { | ||
| 1385 | s->session->sess_cert = ssl_sess_cert_new(); | ||
| 1386 | if (s->session->sess_cert == NULL) | ||
| 1387 | goto err; | ||
| 1388 | } | ||
| 1389 | |||
| 1390 | param = CBS_data(&cbs); | 1371 | param = CBS_data(&cbs); |
| 1391 | param_len = CBS_len(&cbs); | 1372 | param_len = CBS_len(&cbs); |
| 1392 | 1373 | ||
| @@ -1823,7 +1804,7 @@ ssl3_get_server_done(SSL *s) | |||
| 1823 | } | 1804 | } |
| 1824 | 1805 | ||
| 1825 | static int | 1806 | static int |
| 1826 | ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb) | 1807 | ssl3_send_client_kex_rsa(SSL *s, CBB *cbb) |
| 1827 | { | 1808 | { |
| 1828 | unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH]; | 1809 | unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH]; |
| 1829 | unsigned char *enc_pms = NULL; | 1810 | unsigned char *enc_pms = NULL; |
| @@ -1838,7 +1819,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb) | |||
| 1838 | * RSA-Encrypted Premaster Secret Message - RFC 5246 section 7.4.7.1. | 1819 | * RSA-Encrypted Premaster Secret Message - RFC 5246 section 7.4.7.1. |
| 1839 | */ | 1820 | */ |
| 1840 | 1821 | ||
| 1841 | pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA].x509); | 1822 | pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509); |
| 1842 | if (pkey == NULL || (rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) { | 1823 | if (pkey == NULL || (rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) { |
| 1843 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 1824 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
| 1844 | goto err; | 1825 | goto err; |
| @@ -1890,7 +1871,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb) | |||
| 1890 | } | 1871 | } |
| 1891 | 1872 | ||
| 1892 | static int | 1873 | static int |
| 1893 | ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb) | 1874 | ssl3_send_client_kex_dhe(SSL *s, CBB *cbb) |
| 1894 | { | 1875 | { |
| 1895 | uint8_t *key = NULL; | 1876 | uint8_t *key = NULL; |
| 1896 | size_t key_len = 0; | 1877 | size_t key_len = 0; |
| @@ -1922,7 +1903,7 @@ ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb) | |||
| 1922 | } | 1903 | } |
| 1923 | 1904 | ||
| 1924 | static int | 1905 | static int |
| 1925 | ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb) | 1906 | ssl3_send_client_kex_ecdhe(SSL *s, CBB *cbb) |
| 1926 | { | 1907 | { |
| 1927 | uint8_t *key = NULL; | 1908 | uint8_t *key = NULL; |
| 1928 | size_t key_len = 0; | 1909 | size_t key_len = 0; |
| @@ -1961,7 +1942,7 @@ ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb) | |||
| 1961 | } | 1942 | } |
| 1962 | 1943 | ||
| 1963 | static int | 1944 | static int |
| 1964 | ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb) | 1945 | ssl3_send_client_kex_gost(SSL *s, CBB *cbb) |
| 1965 | { | 1946 | { |
| 1966 | unsigned char premaster_secret[32], shared_ukm[32], tmp[256]; | 1947 | unsigned char premaster_secret[32], shared_ukm[32], tmp[256]; |
| 1967 | EVP_PKEY *pub_key = NULL; | 1948 | EVP_PKEY *pub_key = NULL; |
| @@ -1975,7 +1956,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb) | |||
| 1975 | CBB gostblob; | 1956 | CBB gostblob; |
| 1976 | 1957 | ||
| 1977 | /* Get server sertificate PKEY and create ctx from it */ | 1958 | /* Get server sertificate PKEY and create ctx from it */ |
| 1978 | peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509; | 1959 | peer_cert = s->session->peer_pkeys[SSL_PKEY_GOST01].x509; |
| 1979 | if (peer_cert == NULL) { | 1960 | if (peer_cert == NULL) { |
| 1980 | SSLerror(s, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); | 1961 | SSLerror(s, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); |
| 1981 | goto err; | 1962 | goto err; |
| @@ -2074,7 +2055,6 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb) | |||
| 2074 | int | 2055 | int |
| 2075 | ssl3_send_client_key_exchange(SSL *s) | 2056 | ssl3_send_client_key_exchange(SSL *s) |
| 2076 | { | 2057 | { |
| 2077 | SESS_CERT *sess_cert; | ||
| 2078 | unsigned long alg_k; | 2058 | unsigned long alg_k; |
| 2079 | CBB cbb, kex; | 2059 | CBB cbb, kex; |
| 2080 | 2060 | ||
| @@ -2083,28 +2063,21 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2083 | if (S3I(s)->hs.state == SSL3_ST_CW_KEY_EXCH_A) { | 2063 | if (S3I(s)->hs.state == SSL3_ST_CW_KEY_EXCH_A) { |
| 2084 | alg_k = S3I(s)->hs.cipher->algorithm_mkey; | 2064 | alg_k = S3I(s)->hs.cipher->algorithm_mkey; |
| 2085 | 2065 | ||
| 2086 | if ((sess_cert = s->session->sess_cert) == NULL) { | ||
| 2087 | ssl3_send_alert(s, SSL3_AL_FATAL, | ||
| 2088 | SSL_AD_UNEXPECTED_MESSAGE); | ||
| 2089 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 2090 | goto err; | ||
| 2091 | } | ||
| 2092 | |||
| 2093 | if (!ssl3_handshake_msg_start(s, &cbb, &kex, | 2066 | if (!ssl3_handshake_msg_start(s, &cbb, &kex, |
| 2094 | SSL3_MT_CLIENT_KEY_EXCHANGE)) | 2067 | SSL3_MT_CLIENT_KEY_EXCHANGE)) |
| 2095 | goto err; | 2068 | goto err; |
| 2096 | 2069 | ||
| 2097 | if (alg_k & SSL_kRSA) { | 2070 | if (alg_k & SSL_kRSA) { |
| 2098 | if (!ssl3_send_client_kex_rsa(s, sess_cert, &kex)) | 2071 | if (!ssl3_send_client_kex_rsa(s, &kex)) |
| 2099 | goto err; | 2072 | goto err; |
| 2100 | } else if (alg_k & SSL_kDHE) { | 2073 | } else if (alg_k & SSL_kDHE) { |
| 2101 | if (!ssl3_send_client_kex_dhe(s, sess_cert, &kex)) | 2074 | if (!ssl3_send_client_kex_dhe(s, &kex)) |
| 2102 | goto err; | 2075 | goto err; |
| 2103 | } else if (alg_k & SSL_kECDHE) { | 2076 | } else if (alg_k & SSL_kECDHE) { |
| 2104 | if (!ssl3_send_client_kex_ecdhe(s, sess_cert, &kex)) | 2077 | if (!ssl3_send_client_kex_ecdhe(s, &kex)) |
| 2105 | goto err; | 2078 | goto err; |
| 2106 | } else if (alg_k & SSL_kGOST) { | 2079 | } else if (alg_k & SSL_kGOST) { |
| 2107 | if (ssl3_send_client_kex_gost(s, sess_cert, &kex) != 1) | 2080 | if (ssl3_send_client_kex_gost(s, &kex) != 1) |
| 2108 | goto err; | 2081 | goto err; |
| 2109 | } else { | 2082 | } else { |
| 2110 | ssl3_send_alert(s, SSL3_AL_FATAL, | 2083 | ssl3_send_alert(s, SSL3_AL_FATAL, |
| @@ -2481,11 +2454,10 @@ ssl3_send_client_certificate(SSL *s) | |||
| 2481 | int | 2454 | int |
| 2482 | ssl3_check_cert_and_algorithm(SSL *s) | 2455 | ssl3_check_cert_and_algorithm(SSL *s) |
| 2483 | { | 2456 | { |
| 2484 | int i, idx; | 2457 | long alg_k, alg_a; |
| 2485 | long alg_k, alg_a; | 2458 | EVP_PKEY *pkey = NULL; |
| 2486 | EVP_PKEY *pkey = NULL; | ||
| 2487 | SESS_CERT *sc; | ||
| 2488 | int nid = NID_undef; | 2459 | int nid = NID_undef; |
| 2460 | int i, idx; | ||
| 2489 | 2461 | ||
| 2490 | alg_k = S3I(s)->hs.cipher->algorithm_mkey; | 2462 | alg_k = S3I(s)->hs.cipher->algorithm_mkey; |
| 2491 | alg_a = S3I(s)->hs.cipher->algorithm_auth; | 2463 | alg_a = S3I(s)->hs.cipher->algorithm_auth; |
| @@ -2494,21 +2466,15 @@ ssl3_check_cert_and_algorithm(SSL *s) | |||
| 2494 | if (alg_a & SSL_aNULL) | 2466 | if (alg_a & SSL_aNULL) |
| 2495 | return (1); | 2467 | return (1); |
| 2496 | 2468 | ||
| 2497 | sc = s->session->sess_cert; | ||
| 2498 | if (sc == NULL) { | ||
| 2499 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 2500 | goto err; | ||
| 2501 | } | ||
| 2502 | |||
| 2503 | if (S3I(s)->hs.key_share != NULL) | 2469 | if (S3I(s)->hs.key_share != NULL) |
| 2504 | nid = tls_key_share_nid(S3I(s)->hs.key_share); | 2470 | nid = tls_key_share_nid(S3I(s)->hs.key_share); |
| 2505 | 2471 | ||
| 2506 | /* This is the passed certificate. */ | 2472 | /* This is the passed certificate. */ |
| 2507 | 2473 | ||
| 2508 | idx = sc->peer_cert_type; | 2474 | idx = s->session->peer_cert_type; |
| 2509 | if (idx == SSL_PKEY_ECC) { | 2475 | if (idx == SSL_PKEY_ECC) { |
| 2510 | if (ssl_check_srvr_ecc_cert_and_alg( | 2476 | if (ssl_check_srvr_ecc_cert_and_alg( |
| 2511 | sc->peer_pkeys[idx].x509, s) == 0) { | 2477 | s->session->peer_pkeys[idx].x509, s) == 0) { |
| 2512 | /* check failed */ | 2478 | /* check failed */ |
| 2513 | SSLerror(s, SSL_R_BAD_ECC_CERT); | 2479 | SSLerror(s, SSL_R_BAD_ECC_CERT); |
| 2514 | goto fatal_err; | 2480 | goto fatal_err; |
| @@ -2516,8 +2482,8 @@ ssl3_check_cert_and_algorithm(SSL *s) | |||
| 2516 | return (1); | 2482 | return (1); |
| 2517 | } | 2483 | } |
| 2518 | } | 2484 | } |
| 2519 | pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509); | 2485 | pkey = X509_get_pubkey(s->session->peer_pkeys[idx].x509); |
| 2520 | i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey); | 2486 | i = X509_certificate_type(s->session->peer_pkeys[idx].x509, pkey); |
| 2521 | EVP_PKEY_free(pkey); | 2487 | EVP_PKEY_free(pkey); |
| 2522 | 2488 | ||
| 2523 | /* Check that we have a certificate if we require one. */ | 2489 | /* Check that we have a certificate if we require one. */ |
| @@ -2536,9 +2502,10 @@ ssl3_check_cert_and_algorithm(SSL *s) | |||
| 2536 | } | 2502 | } |
| 2537 | 2503 | ||
| 2538 | return (1); | 2504 | return (1); |
| 2505 | |||
| 2539 | fatal_err: | 2506 | fatal_err: |
| 2540 | ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); | 2507 | ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); |
| 2541 | err: | 2508 | |
| 2542 | return (0); | 2509 | return (0); |
| 2543 | } | 2510 | } |
| 2544 | 2511 | ||
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 64b1806238..fb0920cdf2 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.282 2022/01/08 12:43:44 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.283 2022/01/08 12:59:58 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -883,20 +883,14 @@ SSL_get_peer_certificate(const SSL *s) | |||
| 883 | STACK_OF(X509) * | 883 | STACK_OF(X509) * |
| 884 | SSL_get_peer_cert_chain(const SSL *s) | 884 | SSL_get_peer_cert_chain(const SSL *s) |
| 885 | { | 885 | { |
| 886 | STACK_OF(X509) *r; | 886 | if (s == NULL || s->session == NULL) |
| 887 | 887 | return NULL; | |
| 888 | if ((s == NULL) || (s->session == NULL) || | ||
| 889 | (s->session->sess_cert == NULL)) | ||
| 890 | r = NULL; | ||
| 891 | else | ||
| 892 | r = s->session->sess_cert->cert_chain; | ||
| 893 | 888 | ||
| 894 | /* | 889 | /* |
| 895 | * If we are a client, cert_chain includes the peer's own | 890 | * If we are a client, cert_chain includes the peer's own |
| 896 | * certificate; | 891 | * certificate; if we are a server, it does not. |
| 897 | * if we are a server, it does not. | ||
| 898 | */ | 892 | */ |
| 899 | return (r); | 893 | return s->session->cert_chain; |
| 900 | } | 894 | } |
| 901 | 895 | ||
| 902 | STACK_OF(X509) * | 896 | STACK_OF(X509) * |
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 637a789dd1..d559e7148a 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.378 2022/01/08 12:54:32 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.379 2022/01/08 12:59:59 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -511,8 +511,15 @@ struct ssl_session_st { | |||
| 511 | * not_resumable_session_cb to disable session caching and tickets. */ | 511 | * not_resumable_session_cb to disable session caching and tickets. */ |
| 512 | int not_resumable; | 512 | int not_resumable; |
| 513 | 513 | ||
| 514 | /* The cert is the certificate used to establish this connection */ | 514 | STACK_OF(X509) *cert_chain; /* as received from peer */ |
| 515 | struct sess_cert_st /* SESS_CERT */ *sess_cert; | 515 | |
| 516 | /* The 'peer_...' members are used only by clients. */ | ||
| 517 | int peer_cert_type; | ||
| 518 | |||
| 519 | /* Obviously we don't have the private keys of these, | ||
| 520 | * so maybe we shouldn't even use the SSL_CERT_PKEY type here. */ | ||
| 521 | SSL_CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */ | ||
| 522 | SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; | ||
| 516 | 523 | ||
| 517 | size_t tlsext_ecpointformatlist_length; | 524 | size_t tlsext_ecpointformatlist_length; |
| 518 | uint8_t *tlsext_ecpointformatlist; /* peer's list */ | 525 | uint8_t *tlsext_ecpointformatlist; /* peer's list */ |
| @@ -1216,20 +1223,6 @@ typedef struct ssl3_state_st { | |||
| 1216 | struct ssl3_state_internal_st *internal; | 1223 | struct ssl3_state_internal_st *internal; |
| 1217 | } SSL3_STATE; | 1224 | } SSL3_STATE; |
| 1218 | 1225 | ||
| 1219 | typedef struct sess_cert_st { | ||
| 1220 | STACK_OF(X509) *cert_chain; /* as received from peer */ | ||
| 1221 | |||
| 1222 | /* The 'peer_...' members are used only by clients. */ | ||
| 1223 | int peer_cert_type; | ||
| 1224 | |||
| 1225 | SSL_CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */ | ||
| 1226 | SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; | ||
| 1227 | /* Obviously we don't have the private keys of these, | ||
| 1228 | * so maybe we shouldn't even use the SSL_CERT_PKEY type here. */ | ||
| 1229 | |||
| 1230 | int references; /* actually always 1 at the moment */ | ||
| 1231 | } SESS_CERT; | ||
| 1232 | |||
| 1233 | /*#define SSL_DEBUG */ | 1226 | /*#define SSL_DEBUG */ |
| 1234 | /*#define RSA_DEBUG */ | 1227 | /*#define RSA_DEBUG */ |
| 1235 | 1228 | ||
| @@ -1295,8 +1288,6 @@ int ssl_cert_set1_chain(SSL_CERT *c, STACK_OF(X509) *chain); | |||
| 1295 | int ssl_cert_add0_chain_cert(SSL_CERT *c, X509 *cert); | 1288 | int ssl_cert_add0_chain_cert(SSL_CERT *c, X509 *cert); |
| 1296 | int ssl_cert_add1_chain_cert(SSL_CERT *c, X509 *cert); | 1289 | int ssl_cert_add1_chain_cert(SSL_CERT *c, X509 *cert); |
| 1297 | 1290 | ||
| 1298 | SESS_CERT *ssl_sess_cert_new(void); | ||
| 1299 | void ssl_sess_cert_free(SESS_CERT *sc); | ||
| 1300 | int ssl_get_new_session(SSL *s, int session); | 1291 | int ssl_get_new_session(SSL *s, int session); |
| 1301 | int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, | 1292 | int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, |
| 1302 | int *alert); | 1293 | int *alert); |
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 2fa6af4564..8d0f0b928c 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_sess.c,v 1.106 2021/10/25 10:01:46 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_sess.c,v 1.107 2022/01/08 12:59:59 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -230,6 +230,8 @@ SSL_SESSION_new(void) | |||
| 230 | ss->next = NULL; | 230 | ss->next = NULL; |
| 231 | ss->tlsext_hostname = NULL; | 231 | ss->tlsext_hostname = NULL; |
| 232 | 232 | ||
| 233 | ss->peer_key = &ss->peer_pkeys[SSL_PKEY_RSA]; | ||
| 234 | |||
| 233 | ss->tlsext_ecpointformatlist_length = 0; | 235 | ss->tlsext_ecpointformatlist_length = 0; |
| 234 | ss->tlsext_ecpointformatlist = NULL; | 236 | ss->tlsext_ecpointformatlist = NULL; |
| 235 | ss->tlsext_supportedgroups_length = 0; | 237 | ss->tlsext_supportedgroups_length = 0; |
| @@ -760,7 +762,9 @@ SSL_SESSION_free(SSL_SESSION *ss) | |||
| 760 | explicit_bzero(ss->master_key, sizeof ss->master_key); | 762 | explicit_bzero(ss->master_key, sizeof ss->master_key); |
| 761 | explicit_bzero(ss->session_id, sizeof ss->session_id); | 763 | explicit_bzero(ss->session_id, sizeof ss->session_id); |
| 762 | 764 | ||
| 763 | ssl_sess_cert_free(ss->sess_cert); | 765 | sk_X509_pop_free(ss->cert_chain, X509_free); |
| 766 | for (i = 0; i < SSL_PKEY_NUM; i++) | ||
| 767 | X509_free(ss->peer_pkeys[i].x509); | ||
| 764 | 768 | ||
| 765 | X509_free(ss->peer); | 769 | X509_free(ss->peer); |
| 766 | 770 | ||
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 6e74943803..7f7a176950 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.133 2022/01/08 12:43:44 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.134 2022/01/08 12:59:59 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2235,29 +2235,17 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2235 | 2235 | ||
| 2236 | X509_free(s->session->peer); | 2236 | X509_free(s->session->peer); |
| 2237 | s->session->peer = sk_X509_shift(sk); | 2237 | s->session->peer = sk_X509_shift(sk); |
| 2238 | s->session->verify_result = s->verify_result; | ||
| 2239 | |||
| 2240 | /* | ||
| 2241 | * With the current implementation, sess_cert will always be NULL | ||
| 2242 | * when we arrive here | ||
| 2243 | */ | ||
| 2244 | if (s->session->sess_cert == NULL) { | ||
| 2245 | s->session->sess_cert = ssl_sess_cert_new(); | ||
| 2246 | if (s->session->sess_cert == NULL) { | ||
| 2247 | SSLerror(s, ERR_R_MALLOC_FAILURE); | ||
| 2248 | goto err; | ||
| 2249 | } | ||
| 2250 | } | ||
| 2251 | sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free); | ||
| 2252 | s->session->sess_cert->cert_chain = sk; | ||
| 2253 | 2238 | ||
| 2254 | /* | 2239 | /* |
| 2255 | * Inconsistency alert: cert_chain does *not* include the | 2240 | * Inconsistency alert: cert_chain does *not* include the |
| 2256 | * peer's own certificate, while we do include it in s3_clnt.c | 2241 | * peer's own certificate, while we do include it in s3_clnt.c |
| 2257 | */ | 2242 | */ |
| 2258 | 2243 | sk_X509_pop_free(s->session->cert_chain, X509_free); | |
| 2244 | s->session->cert_chain = sk; | ||
| 2259 | sk = NULL; | 2245 | sk = NULL; |
| 2260 | 2246 | ||
| 2247 | s->session->verify_result = s->verify_result; | ||
| 2248 | |||
| 2261 | ret = 1; | 2249 | ret = 1; |
| 2262 | if (0) { | 2250 | if (0) { |
| 2263 | decode_err: | 2251 | decode_err: |
diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c index 882bce8c1f..d961f98bef 100644 --- a/src/lib/libssl/tls13_client.c +++ b/src/lib/libssl/tls13_client.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_client.c,v 1.90 2022/01/08 12:43:44 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_client.c,v 1.91 2022/01/08 12:59:59 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -628,21 +628,19 @@ tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 628 | if ((cert_idx = ssl_cert_type(cert, pkey)) < 0) | 628 | if ((cert_idx = ssl_cert_type(cert, pkey)) < 0) |
| 629 | goto err; | 629 | goto err; |
| 630 | 630 | ||
| 631 | ssl_sess_cert_free(s->session->sess_cert); | 631 | sk_X509_pop_free(s->session->cert_chain, X509_free); |
| 632 | if ((s->session->sess_cert = ssl_sess_cert_new()) == NULL) | 632 | s->session->cert_chain = certs; |
| 633 | goto err; | ||
| 634 | |||
| 635 | s->session->sess_cert->cert_chain = certs; | ||
| 636 | certs = NULL; | 633 | certs = NULL; |
| 637 | 634 | ||
| 638 | X509_up_ref(cert); | 635 | X509_up_ref(cert); |
| 639 | s->session->sess_cert->peer_pkeys[cert_idx].x509 = cert; | 636 | X509_free(s->session->peer_pkeys[cert_idx].x509); |
| 640 | s->session->sess_cert->peer_key = &(s->session->sess_cert->peer_pkeys[cert_idx]); | 637 | s->session->peer_pkeys[cert_idx].x509 = cert; |
| 641 | 638 | s->session->peer_key = &s->session->peer_pkeys[cert_idx]; | |
| 642 | X509_free(s->session->peer); | ||
| 643 | 639 | ||
| 644 | X509_up_ref(cert); | 640 | X509_up_ref(cert); |
| 641 | X509_free(s->session->peer); | ||
| 645 | s->session->peer = cert; | 642 | s->session->peer = cert; |
| 643 | |||
| 646 | s->session->verify_result = s->verify_result; | 644 | s->session->verify_result = s->verify_result; |
| 647 | 645 | ||
| 648 | if (ctx->ocsp_status_recv_cb != NULL && | 646 | if (ctx->ocsp_status_recv_cb != NULL && |
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index 4edf3881c2..e31ae38076 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.92 2022/01/08 12:43:45 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.93 2022/01/08 12:59:59 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -921,21 +921,19 @@ tls13_client_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 921 | if ((cert_idx = ssl_cert_type(cert, pkey)) < 0) | 921 | if ((cert_idx = ssl_cert_type(cert, pkey)) < 0) |
| 922 | goto err; | 922 | goto err; |
| 923 | 923 | ||
| 924 | ssl_sess_cert_free(s->session->sess_cert); | 924 | sk_X509_pop_free(s->session->cert_chain, X509_free); |
| 925 | if ((s->session->sess_cert = ssl_sess_cert_new()) == NULL) | 925 | s->session->cert_chain = certs; |
| 926 | goto err; | ||
| 927 | |||
| 928 | s->session->sess_cert->cert_chain = certs; | ||
| 929 | certs = NULL; | 926 | certs = NULL; |
| 930 | 927 | ||
| 931 | X509_up_ref(cert); | 928 | X509_up_ref(cert); |
| 932 | s->session->sess_cert->peer_pkeys[cert_idx].x509 = cert; | 929 | X509_free(s->session->peer_pkeys[cert_idx].x509); |
| 933 | s->session->sess_cert->peer_key = &(s->session->sess_cert->peer_pkeys[cert_idx]); | 930 | s->session->peer_pkeys[cert_idx].x509 = cert; |
| 934 | 931 | s->session->peer_key = &s->session->peer_pkeys[cert_idx]; | |
| 935 | X509_free(s->session->peer); | ||
| 936 | 932 | ||
| 937 | X509_up_ref(cert); | 933 | X509_up_ref(cert); |
| 934 | X509_free(s->session->peer); | ||
| 938 | s->session->peer = cert; | 935 | s->session->peer = cert; |
| 936 | |||
| 939 | s->session->verify_result = s->verify_result; | 937 | s->session->verify_result = s->verify_result; |
| 940 | 938 | ||
| 941 | ctx->handshake_stage.hs_type |= WITH_CCV; | 939 | ctx->handshake_stage.hs_type |= WITH_CCV; |