diff options
| author | beck <> | 2017-08-12 23:39:24 +0000 |
|---|---|---|
| committer | beck <> | 2017-08-12 23:39:24 +0000 |
| commit | d14932b0913ef6f21bc09535d4eb1863708fefb6 (patch) | |
| tree | 40af0a8b49ae13870bfa61315a2cd560fabe481c | |
| parent | 5ba659ad744cb6a4bab19f260e7ae9033a468660 (diff) | |
| download | openbsd-d14932b0913ef6f21bc09535d4eb1863708fefb6.tar.gz openbsd-d14932b0913ef6f21bc09535d4eb1863708fefb6.tar.bz2 openbsd-d14932b0913ef6f21bc09535d4eb1863708fefb6.zip | |
Rewrite the TLS status request extension to use the new TLS extension framework.
ok jsing@
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 171 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.h | 9 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 176 | ||||
| -rw-r--r-- | src/regress/lib/libssl/tlsext/tlsexttest.c | 129 |
4 files changed, 307 insertions, 178 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 9db2d1ab41..646c59e5d6 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,7 +1,8 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.8 2017/08/12 21:47:59 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.9 2017/08/12 23:38:12 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| 5 | * Copyright (c) 2017 Bob Beck <beck@openbsd.org> | ||
| 5 | * | 6 | * |
| 6 | * Permission to use, copy, modify, and distribute this software for any | 7 | * Permission to use, copy, modify, and distribute this software for any |
| 7 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above |
| @@ -15,6 +16,7 @@ | |||
| 15 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 16 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 16 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 17 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 17 | */ | 18 | */ |
| 19 | #include <openssl/ocsp.h> | ||
| 18 | 20 | ||
| 19 | #include "ssl_locl.h" | 21 | #include "ssl_locl.h" |
| 20 | 22 | ||
| @@ -551,6 +553,160 @@ tlsext_sni_serverhello_parse(SSL *s, CBS *cbs, int *alert) | |||
| 551 | } | 553 | } |
| 552 | 554 | ||
| 553 | /* | 555 | /* |
| 556 | *Certificate Status Request - RFC 6066 section 8. | ||
| 557 | */ | ||
| 558 | |||
| 559 | int | ||
| 560 | tlsext_ocsp_clienthello_needs(SSL *s) | ||
| 561 | { | ||
| 562 | return (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp && | ||
| 563 | s->version != DTLS1_VERSION); | ||
| 564 | } | ||
| 565 | |||
| 566 | int | ||
| 567 | tlsext_ocsp_clienthello_build(SSL *s, CBB *cbb) | ||
| 568 | { | ||
| 569 | CBB ocsp_respid_list, respid, exts; | ||
| 570 | unsigned char *ext_data; | ||
| 571 | size_t ext_len; | ||
| 572 | int i; | ||
| 573 | |||
| 574 | if (!CBB_add_u8(cbb, TLSEXT_STATUSTYPE_ocsp)) | ||
| 575 | return 0; | ||
| 576 | if (!CBB_add_u16_length_prefixed(cbb, &ocsp_respid_list)) | ||
| 577 | return 0; | ||
| 578 | if (!CBB_add_u16_length_prefixed(cbb, &exts)) | ||
| 579 | return 0; | ||
| 580 | for (i = 0; i < sk_OCSP_RESPID_num(s->internal->tlsext_ocsp_ids); i++) { | ||
| 581 | unsigned char *respid_data; | ||
| 582 | OCSP_RESPID *id; | ||
| 583 | size_t id_len; | ||
| 584 | |||
| 585 | if ((id = sk_OCSP_RESPID_value(s->internal->tlsext_ocsp_ids, | ||
| 586 | i)) == NULL) | ||
| 587 | return 0; | ||
| 588 | if ((id_len = i2d_OCSP_RESPID(id, NULL)) == -1) | ||
| 589 | return 0; | ||
| 590 | if (!CBB_add_u16_length_prefixed(&ocsp_respid_list, &respid)) | ||
| 591 | return 0; | ||
| 592 | if (!CBB_add_space(&respid, &respid_data, id_len)) | ||
| 593 | return 0; | ||
| 594 | if ((i2d_OCSP_RESPID(id, &respid_data)) != id_len) | ||
| 595 | return 0; | ||
| 596 | } | ||
| 597 | if ((ext_len = i2d_X509_EXTENSIONS(s->internal->tlsext_ocsp_exts, | ||
| 598 | NULL)) == -1) | ||
| 599 | return 0; | ||
| 600 | if (!CBB_add_space(&exts, &ext_data, ext_len)) | ||
| 601 | return 0; | ||
| 602 | if ((i2d_X509_EXTENSIONS(s->internal->tlsext_ocsp_exts, &ext_data) != | ||
| 603 | ext_len)) | ||
| 604 | return 0; | ||
| 605 | if (!CBB_flush(cbb)) | ||
| 606 | return 0; | ||
| 607 | return 1; | ||
| 608 | } | ||
| 609 | |||
| 610 | int | ||
| 611 | tlsext_ocsp_clienthello_parse(SSL *s, CBS *cbs, int *alert) | ||
| 612 | { | ||
| 613 | int failure = SSL_AD_DECODE_ERROR; | ||
| 614 | unsigned char *respid_data = NULL; | ||
| 615 | unsigned char *ext_data = NULL; | ||
| 616 | size_t ext_len, respid_len; | ||
| 617 | uint8_t status_type; | ||
| 618 | CBS respids, exts; | ||
| 619 | int ret = 0; | ||
| 620 | |||
| 621 | if (!CBS_get_u8(cbs, &status_type)) | ||
| 622 | goto err; | ||
| 623 | if (status_type != TLSEXT_STATUSTYPE_ocsp) { | ||
| 624 | /* ignore unknown status types */ | ||
| 625 | s->tlsext_status_type = -1; | ||
| 626 | return 1; | ||
| 627 | } | ||
| 628 | s->tlsext_status_type = status_type; | ||
| 629 | if (!CBS_get_u16_length_prefixed(cbs, &respids)) | ||
| 630 | goto err; | ||
| 631 | |||
| 632 | /* XXX */ | ||
| 633 | sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, OCSP_RESPID_free); | ||
| 634 | s->internal->tlsext_ocsp_ids = NULL; | ||
| 635 | if (CBS_len(cbs) > 0) { | ||
| 636 | s->internal->tlsext_ocsp_ids = sk_OCSP_RESPID_new_null(); | ||
| 637 | if (s->internal->tlsext_ocsp_ids == NULL) { | ||
| 638 | failure = SSL_AD_INTERNAL_ERROR; | ||
| 639 | goto err; | ||
| 640 | } | ||
| 641 | } | ||
| 642 | |||
| 643 | while (CBS_len(&respids) > 0) { | ||
| 644 | OCSP_RESPID *id = NULL; | ||
| 645 | |||
| 646 | if (!CBS_stow(cbs, &respid_data, &respid_len)) | ||
| 647 | goto err; | ||
| 648 | if ((id = d2i_OCSP_RESPID(NULL, | ||
| 649 | (const unsigned char **)&respid_data, respid_len)) == NULL) | ||
| 650 | goto err; | ||
| 651 | if (!sk_OCSP_RESPID_push(s->internal->tlsext_ocsp_ids, id)) { | ||
| 652 | failure = SSL_AD_INTERNAL_ERROR; | ||
| 653 | OCSP_RESPID_free(id); | ||
| 654 | goto err; | ||
| 655 | } | ||
| 656 | free(respid_data); | ||
| 657 | respid_data = NULL; | ||
| 658 | } | ||
| 659 | |||
| 660 | /* Read in request_extensions */ | ||
| 661 | if (!CBS_get_u16_length_prefixed(cbs, &exts)) | ||
| 662 | goto err; | ||
| 663 | if (!CBS_stow(&exts, &ext_data, &ext_len)) | ||
| 664 | goto err; | ||
| 665 | if (ext_len > 0) { | ||
| 666 | sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, | ||
| 667 | X509_EXTENSION_free); | ||
| 668 | if ((s->internal->tlsext_ocsp_exts = d2i_X509_EXTENSIONS(NULL, | ||
| 669 | (const unsigned char **)&ext_data, ext_len)) == NULL) | ||
| 670 | goto err; | ||
| 671 | } | ||
| 672 | /* should be nothing left */ | ||
| 673 | if (CBS_len(cbs) > 0) | ||
| 674 | goto err; | ||
| 675 | |||
| 676 | ret = 1; | ||
| 677 | err: | ||
| 678 | free(respid_data); | ||
| 679 | free(ext_data); | ||
| 680 | if (ret == 0) | ||
| 681 | *alert = failure; | ||
| 682 | return ret; | ||
| 683 | } | ||
| 684 | |||
| 685 | int | ||
| 686 | tlsext_ocsp_serverhello_needs(SSL *s) | ||
| 687 | { | ||
| 688 | return s->internal->tlsext_status_expected; | ||
| 689 | } | ||
| 690 | |||
| 691 | int | ||
| 692 | tlsext_ocsp_serverhello_build(SSL *s, CBB *cbb) | ||
| 693 | { | ||
| 694 | return 1; | ||
| 695 | } | ||
| 696 | |||
| 697 | int | ||
| 698 | tlsext_ocsp_serverhello_parse(SSL *s, CBS *cbs, int *alert) | ||
| 699 | { | ||
| 700 | if (s->tlsext_status_type == -1) { | ||
| 701 | *alert = TLS1_AD_UNSUPPORTED_EXTENSION; | ||
| 702 | return 0; | ||
| 703 | } | ||
| 704 | /* Set flag to expect CertificateStatus message */ | ||
| 705 | s->internal->tlsext_status_expected = 1; | ||
| 706 | return 1; | ||
| 707 | } | ||
| 708 | |||
| 709 | /* | ||
| 554 | * SessionTicket extension - RFC 5077 section 3.2 | 710 | * SessionTicket extension - RFC 5077 section 3.2 |
| 555 | */ | 711 | */ |
| 556 | int | 712 | int |
| @@ -705,6 +861,15 @@ static struct tls_extension tls_extensions[] = { | |||
| 705 | .serverhello_parse = tlsext_ri_serverhello_parse, | 861 | .serverhello_parse = tlsext_ri_serverhello_parse, |
| 706 | }, | 862 | }, |
| 707 | { | 863 | { |
| 864 | .type = TLSEXT_TYPE_status_request, | ||
| 865 | .clienthello_needs = tlsext_ocsp_clienthello_needs, | ||
| 866 | .clienthello_build = tlsext_ocsp_clienthello_build, | ||
| 867 | .clienthello_parse = tlsext_ocsp_clienthello_parse, | ||
| 868 | .serverhello_needs = tlsext_ocsp_serverhello_needs, | ||
| 869 | .serverhello_build = tlsext_ocsp_serverhello_build, | ||
| 870 | .serverhello_parse = tlsext_ocsp_serverhello_parse, | ||
| 871 | }, | ||
| 872 | { | ||
| 708 | .type = TLSEXT_TYPE_ec_point_formats, | 873 | .type = TLSEXT_TYPE_ec_point_formats, |
| 709 | .clienthello_needs = tlsext_ecpf_clienthello_needs, | 874 | .clienthello_needs = tlsext_ecpf_clienthello_needs, |
| 710 | .clienthello_build = tlsext_ecpf_clienthello_build, | 875 | .clienthello_build = tlsext_ecpf_clienthello_build, |
| @@ -758,7 +923,7 @@ tlsext_clienthello_build(SSL *s, CBB *cbb) | |||
| 758 | 923 | ||
| 759 | if (!tlsext->clienthello_needs(s)) | 924 | if (!tlsext->clienthello_needs(s)) |
| 760 | continue; | 925 | continue; |
| 761 | 926 | ||
| 762 | if (!CBB_add_u16(cbb, tlsext->type)) | 927 | if (!CBB_add_u16(cbb, tlsext->type)) |
| 763 | return 0; | 928 | return 0; |
| 764 | if (!CBB_add_u16_length_prefixed(cbb, &extension_data)) | 929 | if (!CBB_add_u16_length_prefixed(cbb, &extension_data)) |
| @@ -811,7 +976,7 @@ tlsext_serverhello_build(SSL *s, CBB *cbb) | |||
| 811 | 976 | ||
| 812 | if (!tlsext->serverhello_needs(s)) | 977 | if (!tlsext->serverhello_needs(s)) |
| 813 | continue; | 978 | continue; |
| 814 | 979 | ||
| 815 | if (!CBB_add_u16(cbb, tlsext->type)) | 980 | if (!CBB_add_u16(cbb, tlsext->type)) |
| 816 | return 0; | 981 | return 0; |
| 817 | if (!CBB_add_u16_length_prefixed(cbb, &extension_data)) | 982 | if (!CBB_add_u16_length_prefixed(cbb, &extension_data)) |
diff --git a/src/lib/libssl/ssl_tlsext.h b/src/lib/libssl/ssl_tlsext.h index 4f8ae0cf35..bba8bdbea9 100644 --- a/src/lib/libssl/ssl_tlsext.h +++ b/src/lib/libssl/ssl_tlsext.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.h,v 1.7 2017/08/12 21:47:59 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.h,v 1.8 2017/08/12 23:38:12 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -51,6 +51,13 @@ int tlsext_ecpf_serverhello_needs(SSL *s); | |||
| 51 | int tlsext_ecpf_serverhello_build(SSL *s, CBB *cbb); | 51 | int tlsext_ecpf_serverhello_build(SSL *s, CBB *cbb); |
| 52 | int tlsext_ecpf_serverhello_parse(SSL *s, CBS *cbs, int *alert); | 52 | int tlsext_ecpf_serverhello_parse(SSL *s, CBS *cbs, int *alert); |
| 53 | 53 | ||
| 54 | int tlsext_ocsp_clienthello_needs(SSL *s); | ||
| 55 | int tlsext_ocsp_clienthello_build(SSL *s, CBB *cbb); | ||
| 56 | int tlsext_ocsp_clienthello_parse(SSL *s, CBS *cbs, int *alert); | ||
| 57 | int tlsext_ocsp_serverhello_needs(SSL *s); | ||
| 58 | int tlsext_ocsp_serverhello_build(SSL *s, CBB *cbb); | ||
| 59 | int tlsext_ocsp_serverhello_parse(SSL *s, CBS *cbs, int *alert); | ||
| 60 | |||
| 54 | int tlsext_sessionticket_clienthello_needs(SSL *s); | 61 | int tlsext_sessionticket_clienthello_needs(SSL *s); |
| 55 | int tlsext_sessionticket_clienthello_build(SSL *s, CBB *cbb); | 62 | int tlsext_sessionticket_clienthello_build(SSL *s, CBB *cbb); |
| 56 | int tlsext_sessionticket_clienthello_parse(SSL *s, CBS *cbs, int *alert); | 63 | int tlsext_sessionticket_clienthello_parse(SSL *s, CBS *cbs, int *alert); |
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index e27a7d1a59..405f08ed33 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.130 2017/08/12 21:47:59 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.131 2017/08/12 23:38:12 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -687,51 +687,6 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 687 | return NULL; | 687 | return NULL; |
| 688 | ret += len; | 688 | ret += len; |
| 689 | 689 | ||
| 690 | if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp && | ||
| 691 | s->version != DTLS1_VERSION) { | ||
| 692 | int i; | ||
| 693 | long extlen, idlen, itmp; | ||
| 694 | OCSP_RESPID *id; | ||
| 695 | |||
| 696 | idlen = 0; | ||
| 697 | for (i = 0; i < sk_OCSP_RESPID_num(s->internal->tlsext_ocsp_ids); i++) { | ||
| 698 | id = sk_OCSP_RESPID_value(s->internal->tlsext_ocsp_ids, i); | ||
| 699 | itmp = i2d_OCSP_RESPID(id, NULL); | ||
| 700 | if (itmp <= 0) | ||
| 701 | return NULL; | ||
| 702 | idlen += itmp + 2; | ||
| 703 | } | ||
| 704 | |||
| 705 | if (s->internal->tlsext_ocsp_exts) { | ||
| 706 | extlen = i2d_X509_EXTENSIONS(s->internal->tlsext_ocsp_exts, NULL); | ||
| 707 | if (extlen < 0) | ||
| 708 | return NULL; | ||
| 709 | } else | ||
| 710 | extlen = 0; | ||
| 711 | |||
| 712 | if ((size_t)(limit - ret) < 7 + extlen + idlen) | ||
| 713 | return NULL; | ||
| 714 | s2n(TLSEXT_TYPE_status_request, ret); | ||
| 715 | if (extlen + idlen > 0xFFF0) | ||
| 716 | return NULL; | ||
| 717 | s2n(extlen + idlen + 5, ret); | ||
| 718 | *(ret++) = TLSEXT_STATUSTYPE_ocsp; | ||
| 719 | s2n(idlen, ret); | ||
| 720 | for (i = 0; i < sk_OCSP_RESPID_num(s->internal->tlsext_ocsp_ids); i++) { | ||
| 721 | /* save position of id len */ | ||
| 722 | unsigned char *q = ret; | ||
| 723 | id = sk_OCSP_RESPID_value(s->internal->tlsext_ocsp_ids, i); | ||
| 724 | /* skip over id len */ | ||
| 725 | ret += 2; | ||
| 726 | itmp = i2d_OCSP_RESPID(id, &ret); | ||
| 727 | /* write id len */ | ||
| 728 | s2n(itmp, q); | ||
| 729 | } | ||
| 730 | s2n(extlen, ret); | ||
| 731 | if (extlen > 0) | ||
| 732 | i2d_X509_EXTENSIONS(s->internal->tlsext_ocsp_exts, &ret); | ||
| 733 | } | ||
| 734 | |||
| 735 | if (s->internal->alpn_client_proto_list != NULL && | 690 | if (s->internal->alpn_client_proto_list != NULL && |
| 736 | S3I(s)->tmp.finish_md_len == 0) { | 691 | S3I(s)->tmp.finish_md_len == 0) { |
| 737 | if ((size_t)(limit - ret) < | 692 | if ((size_t)(limit - ret) < |
| @@ -837,14 +792,6 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 837 | * extension. | 792 | * extension. |
| 838 | */ | 793 | */ |
| 839 | 794 | ||
| 840 | if (s->internal->tlsext_status_expected) { | ||
| 841 | if ((size_t)(limit - ret) < 4) | ||
| 842 | return NULL; | ||
| 843 | |||
| 844 | s2n(TLSEXT_TYPE_status_request, ret); | ||
| 845 | s2n(0, ret); | ||
| 846 | } | ||
| 847 | |||
| 848 | #ifndef OPENSSL_NO_SRTP | 795 | #ifndef OPENSSL_NO_SRTP |
| 849 | if (SSL_IS_DTLS(s) && s->internal->srtp_profile) { | 796 | if (SSL_IS_DTLS(s) && s->internal->srtp_profile) { |
| 850 | int el; | 797 | int el; |
| @@ -1011,111 +958,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1011 | if (!tlsext_clienthello_parse_one(s, &cbs, type, al)) | 958 | if (!tlsext_clienthello_parse_one(s, &cbs, type, al)) |
| 1012 | return 0; | 959 | return 0; |
| 1013 | 960 | ||
| 1014 | if (type == TLSEXT_TYPE_status_request && | 961 | if (type == |
| 1015 | s->version != DTLS1_VERSION) { | ||
| 1016 | |||
| 1017 | if (size < 5) { | ||
| 1018 | *al = SSL_AD_DECODE_ERROR; | ||
| 1019 | return 0; | ||
| 1020 | } | ||
| 1021 | |||
| 1022 | s->tlsext_status_type = *data++; | ||
| 1023 | size--; | ||
| 1024 | if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) { | ||
| 1025 | const unsigned char *sdata; | ||
| 1026 | int dsize; | ||
| 1027 | /* Read in responder_id_list */ | ||
| 1028 | n2s(data, dsize); | ||
| 1029 | size -= 2; | ||
| 1030 | if (dsize > size) { | ||
| 1031 | *al = SSL_AD_DECODE_ERROR; | ||
| 1032 | return 0; | ||
| 1033 | } | ||
| 1034 | |||
| 1035 | /* | ||
| 1036 | * We remove any OCSP_RESPIDs from a | ||
| 1037 | * previous handshake to prevent | ||
| 1038 | * unbounded memory growth. | ||
| 1039 | */ | ||
| 1040 | sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, | ||
| 1041 | OCSP_RESPID_free); | ||
| 1042 | s->internal->tlsext_ocsp_ids = NULL; | ||
| 1043 | if (dsize > 0) { | ||
| 1044 | s->internal->tlsext_ocsp_ids = | ||
| 1045 | sk_OCSP_RESPID_new_null(); | ||
| 1046 | if (s->internal->tlsext_ocsp_ids == NULL) { | ||
| 1047 | *al = SSL_AD_INTERNAL_ERROR; | ||
| 1048 | return 0; | ||
| 1049 | } | ||
| 1050 | } | ||
| 1051 | |||
| 1052 | while (dsize > 0) { | ||
| 1053 | OCSP_RESPID *id; | ||
| 1054 | int idsize; | ||
| 1055 | if (dsize < 4) { | ||
| 1056 | *al = SSL_AD_DECODE_ERROR; | ||
| 1057 | return 0; | ||
| 1058 | } | ||
| 1059 | n2s(data, idsize); | ||
| 1060 | dsize -= 2 + idsize; | ||
| 1061 | size -= 2 + idsize; | ||
| 1062 | if (dsize < 0) { | ||
| 1063 | *al = SSL_AD_DECODE_ERROR; | ||
| 1064 | return 0; | ||
| 1065 | } | ||
| 1066 | sdata = data; | ||
| 1067 | data += idsize; | ||
| 1068 | id = d2i_OCSP_RESPID(NULL, | ||
| 1069 | &sdata, idsize); | ||
| 1070 | if (!id) { | ||
| 1071 | *al = SSL_AD_DECODE_ERROR; | ||
| 1072 | return 0; | ||
| 1073 | } | ||
| 1074 | if (data != sdata) { | ||
| 1075 | OCSP_RESPID_free(id); | ||
| 1076 | *al = SSL_AD_DECODE_ERROR; | ||
| 1077 | return 0; | ||
| 1078 | } | ||
| 1079 | if (!sk_OCSP_RESPID_push( | ||
| 1080 | s->internal->tlsext_ocsp_ids, id)) { | ||
| 1081 | OCSP_RESPID_free(id); | ||
| 1082 | *al = SSL_AD_INTERNAL_ERROR; | ||
| 1083 | return 0; | ||
| 1084 | } | ||
| 1085 | } | ||
| 1086 | |||
| 1087 | /* Read in request_extensions */ | ||
| 1088 | if (size < 2) { | ||
| 1089 | *al = SSL_AD_DECODE_ERROR; | ||
| 1090 | return 0; | ||
| 1091 | } | ||
| 1092 | n2s(data, dsize); | ||
| 1093 | size -= 2; | ||
| 1094 | if (dsize != size) { | ||
| 1095 | *al = SSL_AD_DECODE_ERROR; | ||
| 1096 | return 0; | ||
| 1097 | } | ||
| 1098 | sdata = data; | ||
| 1099 | if (dsize > 0) { | ||
| 1100 | sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, | ||
| 1101 | X509_EXTENSION_free); | ||
| 1102 | |||
| 1103 | s->internal->tlsext_ocsp_exts = | ||
| 1104 | d2i_X509_EXTENSIONS(NULL, | ||
| 1105 | &sdata, dsize); | ||
| 1106 | if (!s->internal->tlsext_ocsp_exts || | ||
| 1107 | (data + dsize != sdata)) { | ||
| 1108 | *al = SSL_AD_DECODE_ERROR; | ||
| 1109 | return 0; | ||
| 1110 | } | ||
| 1111 | } | ||
| 1112 | } else { | ||
| 1113 | /* We don't know what to do with any other type | ||
| 1114 | * so ignore it. | ||
| 1115 | */ | ||
| 1116 | s->tlsext_status_type = -1; | ||
| 1117 | } | ||
| 1118 | } else if (type == | ||
| 1119 | TLSEXT_TYPE_application_layer_protocol_negotiation && | 962 | TLSEXT_TYPE_application_layer_protocol_negotiation && |
| 1120 | s->ctx->internal->alpn_select_cb != NULL && | 963 | s->ctx->internal->alpn_select_cb != NULL && |
| 1121 | S3I(s)->tmp.finish_md_len == 0) { | 964 | S3I(s)->tmp.finish_md_len == 0) { |
| @@ -1123,7 +966,6 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1123 | size, al) != 1) | 966 | size, al) != 1) |
| 1124 | return (0); | 967 | return (0); |
| 1125 | } | 968 | } |
| 1126 | |||
| 1127 | /* session ticket processed earlier */ | 969 | /* session ticket processed earlier */ |
| 1128 | #ifndef OPENSSL_NO_SRTP | 970 | #ifndef OPENSSL_NO_SRTP |
| 1129 | else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) { | 971 | else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) { |
| @@ -1197,19 +1039,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al) | |||
| 1197 | if (!tlsext_serverhello_parse_one(s, &cbs, type, al)) | 1039 | if (!tlsext_serverhello_parse_one(s, &cbs, type, al)) |
| 1198 | return 0; | 1040 | return 0; |
| 1199 | 1041 | ||
| 1200 | if (type == TLSEXT_TYPE_status_request && | 1042 | if (type == TLSEXT_TYPE_application_layer_protocol_negotiation) { |
| 1201 | s->version != DTLS1_VERSION) { | ||
| 1202 | /* MUST be empty and only sent if we've requested | ||
| 1203 | * a status request message. | ||
| 1204 | */ | ||
| 1205 | if ((s->tlsext_status_type == -1) || (size > 0)) { | ||
| 1206 | *al = TLS1_AD_UNSUPPORTED_EXTENSION; | ||
| 1207 | return 0; | ||
| 1208 | } | ||
| 1209 | /* Set flag to expect CertificateStatus message */ | ||
| 1210 | s->internal->tlsext_status_expected = 1; | ||
| 1211 | } else if (type == | ||
| 1212 | TLSEXT_TYPE_application_layer_protocol_negotiation) { | ||
| 1213 | unsigned int len; | 1043 | unsigned int len; |
| 1214 | 1044 | ||
| 1215 | /* We must have requested it. */ | 1045 | /* We must have requested it. */ |
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c index 073ba2f2f5..950588ba47 100644 --- a/src/regress/lib/libssl/tlsext/tlsexttest.c +++ b/src/regress/lib/libssl/tlsext/tlsexttest.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tlsexttest.c,v 1.11 2017/08/12 21:49:28 jsing Exp $ */ | 1 | /* $OpenBSD: tlsexttest.c,v 1.12 2017/08/12 23:39:24 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -1457,6 +1457,130 @@ test_tlsext_sni_serverhello(void) | |||
| 1457 | return (failure); | 1457 | return (failure); |
| 1458 | } | 1458 | } |
| 1459 | 1459 | ||
| 1460 | static unsigned char tls_ocsp_clienthello_default[] = { | ||
| 1461 | 0x01, 0x00, 0x00, 0x00, 0x00 | ||
| 1462 | }; | ||
| 1463 | |||
| 1464 | static int | ||
| 1465 | test_tlsext_ocsp_clienthello(void) | ||
| 1466 | { | ||
| 1467 | unsigned char *data = NULL; | ||
| 1468 | SSL_CTX *ssl_ctx = NULL; | ||
| 1469 | SSL *ssl = NULL; | ||
| 1470 | size_t dlen; | ||
| 1471 | int failure; | ||
| 1472 | int alert; | ||
| 1473 | CBB cbb; | ||
| 1474 | CBS cbs; | ||
| 1475 | |||
| 1476 | failure = 1; | ||
| 1477 | |||
| 1478 | CBB_init(&cbb, 0); | ||
| 1479 | |||
| 1480 | if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) | ||
| 1481 | errx(1, "failed to create SSL_CTX"); | ||
| 1482 | if ((ssl = SSL_new(ssl_ctx)) == NULL) | ||
| 1483 | errx(1, "failed to create SSL"); | ||
| 1484 | |||
| 1485 | if (tlsext_ocsp_clienthello_needs(ssl)) { | ||
| 1486 | FAIL("clienthello should not need ocsp\n"); | ||
| 1487 | goto err; | ||
| 1488 | } | ||
| 1489 | SSL_set_tlsext_status_type(ssl, TLSEXT_STATUSTYPE_ocsp); | ||
| 1490 | |||
| 1491 | if (!tlsext_ocsp_clienthello_needs(ssl)) { | ||
| 1492 | FAIL("clienthello should need ocsp\n"); | ||
| 1493 | goto err; | ||
| 1494 | } | ||
| 1495 | if (!tlsext_ocsp_clienthello_build(ssl, &cbb)) { | ||
| 1496 | FAIL("clienthello failed to build SNI\n"); | ||
| 1497 | goto err; | ||
| 1498 | } | ||
| 1499 | if (!CBB_finish(&cbb, &data, &dlen)) | ||
| 1500 | errx(1, "failed to finish CBB"); | ||
| 1501 | |||
| 1502 | if (dlen != sizeof(tls_ocsp_clienthello_default)) { | ||
| 1503 | FAIL("got ocsp clienthello with length %zu, " | ||
| 1504 | "want length %zu\n", dlen, | ||
| 1505 | sizeof(tls_ocsp_clienthello_default)); | ||
| 1506 | goto err; | ||
| 1507 | } | ||
| 1508 | if (memcmp(data, tls_ocsp_clienthello_default, dlen) != 0) { | ||
| 1509 | FAIL("ocsp clienthello differs:\n"); | ||
| 1510 | fprintf(stderr, "received:\n"); | ||
| 1511 | hexdump(data, dlen); | ||
| 1512 | fprintf(stderr, "test data:\n"); | ||
| 1513 | hexdump(tls_ocsp_clienthello_default, | ||
| 1514 | sizeof(tls_ocsp_clienthello_default)); | ||
| 1515 | goto err; | ||
| 1516 | } | ||
| 1517 | CBS_init(&cbs, tls_ocsp_clienthello_default, | ||
| 1518 | sizeof(tls_ocsp_clienthello_default)); | ||
| 1519 | if (!tlsext_ocsp_clienthello_parse(ssl, &cbs, &alert)) { | ||
| 1520 | FAIL("failed to parse ocsp clienthello\n"); | ||
| 1521 | goto err; | ||
| 1522 | } | ||
| 1523 | |||
| 1524 | failure = 0; | ||
| 1525 | |||
| 1526 | err: | ||
| 1527 | CBB_cleanup(&cbb); | ||
| 1528 | SSL_CTX_free(ssl_ctx); | ||
| 1529 | SSL_free(ssl); | ||
| 1530 | free(data); | ||
| 1531 | |||
| 1532 | return (failure); | ||
| 1533 | } | ||
| 1534 | |||
| 1535 | static int | ||
| 1536 | test_tlsext_ocsp_serverhello(void) | ||
| 1537 | { | ||
| 1538 | unsigned char *data = NULL; | ||
| 1539 | SSL_CTX *ssl_ctx = NULL; | ||
| 1540 | SSL *ssl = NULL; | ||
| 1541 | size_t dlen; | ||
| 1542 | int failure; | ||
| 1543 | CBB cbb; | ||
| 1544 | |||
| 1545 | failure = 1; | ||
| 1546 | |||
| 1547 | CBB_init(&cbb, 0); | ||
| 1548 | |||
| 1549 | if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) | ||
| 1550 | errx(1, "failed to create SSL_CTX"); | ||
| 1551 | if ((ssl = SSL_new(ssl_ctx)) == NULL) | ||
| 1552 | errx(1, "failed to create SSL"); | ||
| 1553 | |||
| 1554 | if (tlsext_ocsp_serverhello_needs(ssl)) { | ||
| 1555 | FAIL("serverhello should not need ocsp\n"); | ||
| 1556 | goto err; | ||
| 1557 | } | ||
| 1558 | |||
| 1559 | ssl->internal->tlsext_status_expected = 1; | ||
| 1560 | |||
| 1561 | if (!tlsext_ocsp_serverhello_needs(ssl)) { | ||
| 1562 | FAIL("serverhello should need ocsp\n"); | ||
| 1563 | goto err; | ||
| 1564 | } | ||
| 1565 | if (!tlsext_ocsp_serverhello_build(ssl, &cbb)) { | ||
| 1566 | FAIL("serverhello failed to build ocsp\n"); | ||
| 1567 | goto err; | ||
| 1568 | } | ||
| 1569 | |||
| 1570 | if (!CBB_finish(&cbb, &data, &dlen)) | ||
| 1571 | errx(1, "failed to finish CBB"); | ||
| 1572 | |||
| 1573 | failure = 0; | ||
| 1574 | |||
| 1575 | err: | ||
| 1576 | CBB_cleanup(&cbb); | ||
| 1577 | SSL_CTX_free(ssl_ctx); | ||
| 1578 | SSL_free(ssl); | ||
| 1579 | free(data); | ||
| 1580 | |||
| 1581 | return (failure); | ||
| 1582 | } | ||
| 1583 | |||
| 1460 | /* | 1584 | /* |
| 1461 | * Session ticket - RFC 5077 since no known implementations use 4507. | 1585 | * Session ticket - RFC 5077 since no known implementations use 4507. |
| 1462 | * | 1586 | * |
| @@ -1777,6 +1901,9 @@ main(int argc, char **argv) | |||
| 1777 | failed |= test_tlsext_sni_clienthello(); | 1901 | failed |= test_tlsext_sni_clienthello(); |
| 1778 | failed |= test_tlsext_sni_serverhello(); | 1902 | failed |= test_tlsext_sni_serverhello(); |
| 1779 | 1903 | ||
| 1904 | failed |= test_tlsext_ocsp_clienthello(); | ||
| 1905 | failed |= test_tlsext_ocsp_serverhello(); | ||
| 1906 | |||
| 1780 | failed |= test_tlsext_sessionticket_clienthello(); | 1907 | failed |= test_tlsext_sessionticket_clienthello(); |
| 1781 | failed |= test_tlsext_sessionticket_serverhello(); | 1908 | failed |= test_tlsext_sessionticket_serverhello(); |
| 1782 | 1909 | ||