diff options
| author | inoguchi <> | 2022-01-19 11:10:55 +0000 |
|---|---|---|
| committer | inoguchi <> | 2022-01-19 11:10:55 +0000 |
| commit | ed794ee344aa7dd85356dcf39df4ba9ba32c1b91 (patch) | |
| tree | b1eee53ce5c79dcabf405132888be3f9940158ab | |
| parent | 0b28f368d9356ccb000719127af4e7c4635e0549 (diff) | |
| download | openbsd-ed794ee344aa7dd85356dcf39df4ba9ba32c1b91.tar.gz openbsd-ed794ee344aa7dd85356dcf39df4ba9ba32c1b91.tar.bz2 openbsd-ed794ee344aa7dd85356dcf39df4ba9ba32c1b91.zip | |
Check function return value in libtls
EVP_EncryptInit_ex, EVP_DecryptInit_ex and HMAC_Init_ex are possible to
fail and return error.
Error from these functions will be fatal for the callback, and I choose to
return -1.
SSL_CTX_set_tlsext_ticket_key_cb.3 explains the return value of callback.
This also could fix Coverity CID 345319.
ok jsing@ tb@
| -rw-r--r-- | src/lib/libtls/tls_server.c | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/src/lib/libtls/tls_server.c b/src/lib/libtls/tls_server.c index 0a8ec4728e..72f797b860 100644 --- a/src/lib/libtls/tls_server.c +++ b/src/lib/libtls/tls_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_server.c,v 1.47 2021/06/14 03:53:59 tb Exp $ */ | 1 | /* $OpenBSD: tls_server.c,v 1.48 2022/01/19 11:10:55 inoguchi Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -185,10 +185,16 @@ tls_server_ticket_cb(SSL *ssl, unsigned char *keyname, unsigned char *iv, | |||
| 185 | 185 | ||
| 186 | memcpy(keyname, key->key_name, sizeof(key->key_name)); | 186 | memcpy(keyname, key->key_name, sizeof(key->key_name)); |
| 187 | arc4random_buf(iv, EVP_MAX_IV_LENGTH); | 187 | arc4random_buf(iv, EVP_MAX_IV_LENGTH); |
| 188 | EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, | 188 | if (!EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, |
| 189 | key->aes_key, iv); | 189 | key->aes_key, iv)) { |
| 190 | HMAC_Init_ex(hctx, key->hmac_key, sizeof(key->hmac_key), | 190 | tls_set_errorx(tls_ctx, "failed to init encrypt"); |
| 191 | EVP_sha256(), NULL); | 191 | return (-1); |
| 192 | } | ||
| 193 | if (!HMAC_Init_ex(hctx, key->hmac_key, sizeof(key->hmac_key), | ||
| 194 | EVP_sha256(), NULL)) { | ||
| 195 | tls_set_errorx(tls_ctx, "failed to init hmac"); | ||
| 196 | return (-1); | ||
| 197 | } | ||
| 192 | return (0); | 198 | return (0); |
| 193 | } else { | 199 | } else { |
| 194 | /* get key by name */ | 200 | /* get key by name */ |
| @@ -196,10 +202,16 @@ tls_server_ticket_cb(SSL *ssl, unsigned char *keyname, unsigned char *iv, | |||
| 196 | if (key == NULL) | 202 | if (key == NULL) |
| 197 | return (0); | 203 | return (0); |
| 198 | 204 | ||
| 199 | EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, | 205 | if (!EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, |
| 200 | key->aes_key, iv); | 206 | key->aes_key, iv)) { |
| 201 | HMAC_Init_ex(hctx, key->hmac_key, sizeof(key->hmac_key), | 207 | tls_set_errorx(tls_ctx, "failed to init decrypt"); |
| 202 | EVP_sha256(), NULL); | 208 | return (-1); |
| 209 | } | ||
| 210 | if (!HMAC_Init_ex(hctx, key->hmac_key, sizeof(key->hmac_key), | ||
| 211 | EVP_sha256(), NULL)) { | ||
| 212 | tls_set_errorx(tls_ctx, "failed to init hmac"); | ||
| 213 | return (-1); | ||
| 214 | } | ||
| 203 | 215 | ||
| 204 | /* time to renew the ticket? is it the primary key? */ | 216 | /* time to renew the ticket? is it the primary key? */ |
| 205 | if (key != &tls_ctx->config->ticket_keys[0]) | 217 | if (key != &tls_ctx->config->ticket_keys[0]) |