diff options
| author | tb <> | 2024-02-03 19:57:14 +0000 |
|---|---|---|
| committer | tb <> | 2024-02-03 19:57:14 +0000 |
| commit | d78431a5a32e7fdfebee212e4be5965a02960850 (patch) | |
| tree | 73e2a8d771c1a0098fc5670da527bf1c51c5f9c7 | |
| parent | 7560cd6b70a56d383514ea4d46091a8dc189fbf1 (diff) | |
| download | openbsd-d78431a5a32e7fdfebee212e4be5965a02960850.tar.gz openbsd-d78431a5a32e7fdfebee212e4be5965a02960850.tar.bz2 openbsd-d78431a5a32e7fdfebee212e4be5965a02960850.zip | |
Rework the exit path of tls13_handshake_recv_action()
If an error occurs in action->recv() for a handshake that needs to
downgrade to legacy TLS, the artistic exit path led to hiding the
error under TLS13_IO_USE_LEGACY. Rework the exit path to be easier
to follow, preserving behavior except that the error can no longer
be masked.
Detailed analysis and initial diff by Masaru Masuda.
Fixes https://github.com/libressl/openbsd/issues/146
ok beck
| -rw-r--r-- | src/lib/libssl/tls13_handshake.c | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c index 9723edfea4..0dc2333708 100644 --- a/src/lib/libssl/tls13_handshake.c +++ b/src/lib/libssl/tls13_handshake.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_handshake.c,v 1.72 2022/11/26 16:08:56 tb Exp $ */ | 1 | /* $OpenBSD: tls13_handshake.c,v 1.73 2024/02/03 19:57:14 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018-2021 Theo Buehler <tb@openbsd.org> | 3 | * Copyright (c) 2018-2021 Theo Buehler <tb@openbsd.org> |
| 4 | * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> | 4 | * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> |
| @@ -546,22 +546,24 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx, | |||
| 546 | return TLS13_IO_FAILURE; | 546 | return TLS13_IO_FAILURE; |
| 547 | 547 | ||
| 548 | ret = TLS13_IO_FAILURE; | 548 | ret = TLS13_IO_FAILURE; |
| 549 | if (action->recv(ctx, &cbs)) { | 549 | if (!action->recv(ctx, &cbs)) |
| 550 | if (CBS_len(&cbs) != 0) { | 550 | goto err; |
| 551 | tls13_set_errorx(ctx, TLS13_ERR_TRAILING_DATA, 0, | 551 | |
| 552 | "trailing data in handshake message", NULL); | 552 | if (CBS_len(&cbs) != 0) { |
| 553 | ctx->alert = TLS13_ALERT_DECODE_ERROR; | 553 | tls13_set_errorx(ctx, TLS13_ERR_TRAILING_DATA, 0, |
| 554 | } else { | 554 | "trailing data in handshake message", NULL); |
| 555 | ret = TLS13_IO_SUCCESS; | 555 | ctx->alert = TLS13_ALERT_DECODE_ERROR; |
| 556 | } | 556 | goto err; |
| 557 | } | 557 | } |
| 558 | 558 | ||
| 559 | ret = TLS13_IO_SUCCESS; | ||
| 560 | if (ctx->ssl->method->version < TLS1_3_VERSION) | ||
| 561 | ret = TLS13_IO_USE_LEGACY; | ||
| 562 | |||
| 563 | err: | ||
| 559 | tls13_handshake_msg_free(ctx->hs_msg); | 564 | tls13_handshake_msg_free(ctx->hs_msg); |
| 560 | ctx->hs_msg = NULL; | 565 | ctx->hs_msg = NULL; |
| 561 | 566 | ||
| 562 | if (ctx->ssl->method->version < TLS1_3_VERSION) | ||
| 563 | return TLS13_IO_USE_LEGACY; | ||
| 564 | |||
| 565 | return ret; | 567 | return ret; |
| 566 | } | 568 | } |
| 567 | 569 | ||