diff options
| author | jsing <> | 2024-07-20 04:04:23 +0000 |
|---|---|---|
| committer | jsing <> | 2024-07-20 04:04:23 +0000 |
| commit | b68193edfb3424eb0f993aec6089c9e057aa5d4d (patch) | |
| tree | b04719de2f91b0f8d7c9c7acb93cef76a89b9948 /src/lib/libssl/ssl_ciph.c | |
| parent | cc7dc6e9b7012526aa3797842d226b3a275a7e70 (diff) | |
| download | openbsd-b68193edfb3424eb0f993aec6089c9e057aa5d4d.tar.gz openbsd-b68193edfb3424eb0f993aec6089c9e057aa5d4d.tar.bz2 openbsd-b68193edfb3424eb0f993aec6089c9e057aa5d4d.zip | |
Remove cipher from SSL_SESSION.
For a long time SSL_SESSION has had both a cipher ID and a pointer to
an SSL_CIPHER (and not both are guaranteed to be populated). There is also
a pointer to an SSL_CIPHER in the SSL_HANDSHAKE that denotes the cipher
being used for this connection. Some code has been using the cipher from
SSL_SESSION and some code has been using the cipher from SSL_HANDSHAKE.
Remove cipher from SSL_SESSION and use the version in SSL_HANDSHAKE
everywhere. If resuming from a session then we need to use the SSL_SESSION
cipher ID to set the SSL_HANDSHAKE cipher. And we still need to ensure that
we update the cipher ID in the SSL_SESSION whenever the SSL_HANDSHAKE
cipher changes (this only occurs in a few places).
ok tb@
Diffstat (limited to 'src/lib/libssl/ssl_ciph.c')
| -rw-r--r-- | src/lib/libssl/ssl_ciph.c | 32 |
1 files changed, 19 insertions, 13 deletions
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c index 246d64e7d5..7c32354902 100644 --- a/src/lib/libssl/ssl_ciph.c +++ b/src/lib/libssl/ssl_ciph.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_ciph.c,v 1.144 2024/07/16 14:38:04 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_ciph.c,v 1.145 2024/07/20 04:04:23 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -408,25 +408,27 @@ static const SSL_CIPHER cipher_aliases[] = { | |||
| 408 | }; | 408 | }; |
| 409 | 409 | ||
| 410 | int | 410 | int |
| 411 | ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc, | 411 | ssl_cipher_get_evp(SSL *s, const EVP_CIPHER **enc, const EVP_MD **md, |
| 412 | const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size) | 412 | int *mac_pkey_type, int *mac_secret_size) |
| 413 | { | 413 | { |
| 414 | const SSL_CIPHER *cipher; | ||
| 415 | |||
| 414 | *enc = NULL; | 416 | *enc = NULL; |
| 415 | *md = NULL; | 417 | *md = NULL; |
| 416 | *mac_pkey_type = NID_undef; | 418 | *mac_pkey_type = NID_undef; |
| 417 | *mac_secret_size = 0; | 419 | *mac_secret_size = 0; |
| 418 | 420 | ||
| 419 | if (ss->cipher == NULL) | 421 | if ((cipher = s->s3->hs.cipher) == NULL) |
| 420 | return 0; | 422 | return 0; |
| 421 | 423 | ||
| 422 | /* | 424 | /* |
| 423 | * This function does not handle EVP_AEAD. | 425 | * This function does not handle EVP_AEAD. |
| 424 | * See ssl_cipher_get_evp_aead instead. | 426 | * See ssl_cipher_get_evp_aead instead. |
| 425 | */ | 427 | */ |
| 426 | if (ss->cipher->algorithm_mac & SSL_AEAD) | 428 | if (cipher->algorithm_mac & SSL_AEAD) |
| 427 | return 0; | 429 | return 0; |
| 428 | 430 | ||
| 429 | switch (ss->cipher->algorithm_enc) { | 431 | switch (cipher->algorithm_enc) { |
| 430 | case SSL_3DES: | 432 | case SSL_3DES: |
| 431 | *enc = EVP_des_ede3_cbc(); | 433 | *enc = EVP_des_ede3_cbc(); |
| 432 | break; | 434 | break; |
| @@ -450,7 +452,7 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc, | |||
| 450 | break; | 452 | break; |
| 451 | } | 453 | } |
| 452 | 454 | ||
| 453 | switch (ss->cipher->algorithm_mac) { | 455 | switch (cipher->algorithm_mac) { |
| 454 | case SSL_MD5: | 456 | case SSL_MD5: |
| 455 | *md = EVP_md5(); | 457 | *md = EVP_md5(); |
| 456 | break; | 458 | break; |
| @@ -487,16 +489,18 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc, | |||
| 487 | * for s->cipher. It returns 1 on success and 0 on error. | 489 | * for s->cipher. It returns 1 on success and 0 on error. |
| 488 | */ | 490 | */ |
| 489 | int | 491 | int |
| 490 | ssl_cipher_get_evp_aead(const SSL_SESSION *ss, const EVP_AEAD **aead) | 492 | ssl_cipher_get_evp_aead(SSL *s, const EVP_AEAD **aead) |
| 491 | { | 493 | { |
| 494 | const SSL_CIPHER *cipher; | ||
| 495 | |||
| 492 | *aead = NULL; | 496 | *aead = NULL; |
| 493 | 497 | ||
| 494 | if (ss->cipher == NULL) | 498 | if ((cipher = s->s3->hs.cipher) == NULL) |
| 495 | return 0; | 499 | return 0; |
| 496 | if ((ss->cipher->algorithm_mac & SSL_AEAD) == 0) | 500 | if ((cipher->algorithm_mac & SSL_AEAD) == 0) |
| 497 | return 0; | 501 | return 0; |
| 498 | 502 | ||
| 499 | switch (ss->cipher->algorithm_enc) { | 503 | switch (cipher->algorithm_enc) { |
| 500 | case SSL_AES128GCM: | 504 | case SSL_AES128GCM: |
| 501 | *aead = EVP_aead_aes_128_gcm(); | 505 | *aead = EVP_aead_aes_128_gcm(); |
| 502 | return 1; | 506 | return 1; |
| @@ -515,12 +519,14 @@ ssl_cipher_get_evp_aead(const SSL_SESSION *ss, const EVP_AEAD **aead) | |||
| 515 | int | 519 | int |
| 516 | ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md) | 520 | ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md) |
| 517 | { | 521 | { |
| 522 | const SSL_CIPHER *cipher; | ||
| 523 | |||
| 518 | *md = NULL; | 524 | *md = NULL; |
| 519 | 525 | ||
| 520 | if (s->s3->hs.cipher == NULL) | 526 | if ((cipher = s->s3->hs.cipher) == NULL) |
| 521 | return 0; | 527 | return 0; |
| 522 | 528 | ||
| 523 | switch (s->s3->hs.cipher->algorithm2 & SSL_HANDSHAKE_MAC_MASK) { | 529 | switch (cipher->algorithm2 & SSL_HANDSHAKE_MAC_MASK) { |
| 524 | case SSL_HANDSHAKE_MAC_SHA256: | 530 | case SSL_HANDSHAKE_MAC_SHA256: |
| 525 | *md = EVP_sha256(); | 531 | *md = EVP_sha256(); |
| 526 | return 1; | 532 | return 1; |