diff options
author | jsing <> | 2024-07-20 04:04:23 +0000 |
---|---|---|
committer | jsing <> | 2024-07-20 04:04:23 +0000 |
commit | b68193edfb3424eb0f993aec6089c9e057aa5d4d (patch) | |
tree | b04719de2f91b0f8d7c9c7acb93cef76a89b9948 /src/lib/libssl/ssl_ciph.c | |
parent | cc7dc6e9b7012526aa3797842d226b3a275a7e70 (diff) | |
download | openbsd-b68193edfb3424eb0f993aec6089c9e057aa5d4d.tar.gz openbsd-b68193edfb3424eb0f993aec6089c9e057aa5d4d.tar.bz2 openbsd-b68193edfb3424eb0f993aec6089c9e057aa5d4d.zip |
Remove cipher from SSL_SESSION.
For a long time SSL_SESSION has had both a cipher ID and a pointer to
an SSL_CIPHER (and not both are guaranteed to be populated). There is also
a pointer to an SSL_CIPHER in the SSL_HANDSHAKE that denotes the cipher
being used for this connection. Some code has been using the cipher from
SSL_SESSION and some code has been using the cipher from SSL_HANDSHAKE.
Remove cipher from SSL_SESSION and use the version in SSL_HANDSHAKE
everywhere. If resuming from a session then we need to use the SSL_SESSION
cipher ID to set the SSL_HANDSHAKE cipher. And we still need to ensure that
we update the cipher ID in the SSL_SESSION whenever the SSL_HANDSHAKE
cipher changes (this only occurs in a few places).
ok tb@
Diffstat (limited to 'src/lib/libssl/ssl_ciph.c')
-rw-r--r-- | src/lib/libssl/ssl_ciph.c | 32 |
1 files changed, 19 insertions, 13 deletions
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c index 246d64e7d5..7c32354902 100644 --- a/src/lib/libssl/ssl_ciph.c +++ b/src/lib/libssl/ssl_ciph.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssl_ciph.c,v 1.144 2024/07/16 14:38:04 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_ciph.c,v 1.145 2024/07/20 04:04:23 jsing Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -408,25 +408,27 @@ static const SSL_CIPHER cipher_aliases[] = { | |||
408 | }; | 408 | }; |
409 | 409 | ||
410 | int | 410 | int |
411 | ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc, | 411 | ssl_cipher_get_evp(SSL *s, const EVP_CIPHER **enc, const EVP_MD **md, |
412 | const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size) | 412 | int *mac_pkey_type, int *mac_secret_size) |
413 | { | 413 | { |
414 | const SSL_CIPHER *cipher; | ||
415 | |||
414 | *enc = NULL; | 416 | *enc = NULL; |
415 | *md = NULL; | 417 | *md = NULL; |
416 | *mac_pkey_type = NID_undef; | 418 | *mac_pkey_type = NID_undef; |
417 | *mac_secret_size = 0; | 419 | *mac_secret_size = 0; |
418 | 420 | ||
419 | if (ss->cipher == NULL) | 421 | if ((cipher = s->s3->hs.cipher) == NULL) |
420 | return 0; | 422 | return 0; |
421 | 423 | ||
422 | /* | 424 | /* |
423 | * This function does not handle EVP_AEAD. | 425 | * This function does not handle EVP_AEAD. |
424 | * See ssl_cipher_get_evp_aead instead. | 426 | * See ssl_cipher_get_evp_aead instead. |
425 | */ | 427 | */ |
426 | if (ss->cipher->algorithm_mac & SSL_AEAD) | 428 | if (cipher->algorithm_mac & SSL_AEAD) |
427 | return 0; | 429 | return 0; |
428 | 430 | ||
429 | switch (ss->cipher->algorithm_enc) { | 431 | switch (cipher->algorithm_enc) { |
430 | case SSL_3DES: | 432 | case SSL_3DES: |
431 | *enc = EVP_des_ede3_cbc(); | 433 | *enc = EVP_des_ede3_cbc(); |
432 | break; | 434 | break; |
@@ -450,7 +452,7 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc, | |||
450 | break; | 452 | break; |
451 | } | 453 | } |
452 | 454 | ||
453 | switch (ss->cipher->algorithm_mac) { | 455 | switch (cipher->algorithm_mac) { |
454 | case SSL_MD5: | 456 | case SSL_MD5: |
455 | *md = EVP_md5(); | 457 | *md = EVP_md5(); |
456 | break; | 458 | break; |
@@ -487,16 +489,18 @@ ssl_cipher_get_evp(const SSL_SESSION *ss, const EVP_CIPHER **enc, | |||
487 | * for s->cipher. It returns 1 on success and 0 on error. | 489 | * for s->cipher. It returns 1 on success and 0 on error. |
488 | */ | 490 | */ |
489 | int | 491 | int |
490 | ssl_cipher_get_evp_aead(const SSL_SESSION *ss, const EVP_AEAD **aead) | 492 | ssl_cipher_get_evp_aead(SSL *s, const EVP_AEAD **aead) |
491 | { | 493 | { |
494 | const SSL_CIPHER *cipher; | ||
495 | |||
492 | *aead = NULL; | 496 | *aead = NULL; |
493 | 497 | ||
494 | if (ss->cipher == NULL) | 498 | if ((cipher = s->s3->hs.cipher) == NULL) |
495 | return 0; | 499 | return 0; |
496 | if ((ss->cipher->algorithm_mac & SSL_AEAD) == 0) | 500 | if ((cipher->algorithm_mac & SSL_AEAD) == 0) |
497 | return 0; | 501 | return 0; |
498 | 502 | ||
499 | switch (ss->cipher->algorithm_enc) { | 503 | switch (cipher->algorithm_enc) { |
500 | case SSL_AES128GCM: | 504 | case SSL_AES128GCM: |
501 | *aead = EVP_aead_aes_128_gcm(); | 505 | *aead = EVP_aead_aes_128_gcm(); |
502 | return 1; | 506 | return 1; |
@@ -515,12 +519,14 @@ ssl_cipher_get_evp_aead(const SSL_SESSION *ss, const EVP_AEAD **aead) | |||
515 | int | 519 | int |
516 | ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md) | 520 | ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md) |
517 | { | 521 | { |
522 | const SSL_CIPHER *cipher; | ||
523 | |||
518 | *md = NULL; | 524 | *md = NULL; |
519 | 525 | ||
520 | if (s->s3->hs.cipher == NULL) | 526 | if ((cipher = s->s3->hs.cipher) == NULL) |
521 | return 0; | 527 | return 0; |
522 | 528 | ||
523 | switch (s->s3->hs.cipher->algorithm2 & SSL_HANDSHAKE_MAC_MASK) { | 529 | switch (cipher->algorithm2 & SSL_HANDSHAKE_MAC_MASK) { |
524 | case SSL_HANDSHAKE_MAC_SHA256: | 530 | case SSL_HANDSHAKE_MAC_SHA256: |
525 | *md = EVP_sha256(); | 531 | *md = EVP_sha256(); |
526 | return 1; | 532 | return 1; |