Improve internal version handling.

Add handshake fields for our minimum TLS version, our maximum TLS version and the TLS version negotiated during the handshake. Initialise our min/max versions at the start of the handshake and leave these unchanged. The negotiated TLS version is set in the client once we receive the ServerHello and in the server at the point we select the highest shared version. Provide an ssl_effective_version() function that returns the negotiated TLS version if known, otherwise our maximum TLS version - this is effectively what is stored in s->version currently. Convert most of the internal code to use one of these three version fields, which greatly simplifies code (especially in the TLS extension handling code). ok tb@
author: jsing <> 2021-03-10 18:27:02 +0000
committer: jsing <> 2021-03-10 18:27:02 +0000
commit: bec282ffa4cbd669be0dc9e8fab07c4c21ebcb66 (patch)
tree: d994b83bcf4c074517ad35a21855741c2995e67b /src/lib/libssl/ssl_clnt.c
parent: 9108b7f38107e9f7ce1aaa33e615a7935b057ad0 (diff)
download: openbsd-bec282ffa4cbd669be0dc9e8fab07c4c21ebcb66.tar.gz
openbsd-bec282ffa4cbd669be0dc9e8fab07c4c21ebcb66.tar.bz2
openbsd-bec282ffa4cbd669be0dc9e8fab07c4c21ebcb66.zip
1 files changed, 17 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 70bda982c6..97418f1ac7 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.84 2021/02/22 15:59:10 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.85 2021/03/10 18:27:01 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -218,7 +218,14 @@ ssl3_connect(SSL *s)
                                goto end;
                        }
-                        /* s->version=SSL3_VERSION; */
+                        if (!ssl_supported_tls_version_range(s,
+                            &S3I(s)->hs.our_min_tls_version,
+                            &S3I(s)->hs.our_max_tls_version)) {
+                                SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
+                                ret = -1;
+                                goto end;
+                        }
                        s->internal->type = SSL_ST_CONNECT;
                        if (!ssl3_setup_init_buffer(s)) {
@@ -904,6 +911,12 @@ ssl3_get_server_hello(SSL *s)
        }
        s->version = server_version;
+        S3I(s)->hs.negotiated_tls_version = ssl_tls_version(server_version);
+        if (S3I(s)->hs.negotiated_tls_version == 0) {
+                SSLerror(s, ERR_R_INTERNAL_ERROR);
+                goto err;
+        }
        if ((method = ssl_get_method(server_version)) == NULL) {
                SSLerror(s, ERR_R_INTERNAL_ERROR);
                goto err;
@@ -1019,7 +1032,7 @@ ssl3_get_server_hello(SSL *s)
        /* TLS v1.2 only ciphersuites require v1.2 or later. */
        if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
-            (TLS1_get_version(s) < TLS1_2_VERSION)) {
+            S3I(s)->hs.negotiated_tls_version < TLS1_2_VERSION) {
                al = SSL_AD_ILLEGAL_PARAMETER;
                SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);
                goto fatal_err;
@@ -1982,6 +1995,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
                goto err;
        }
+        /* XXX - our max protocol version. */
        pms[0] = s->client_version >> 8;
        pms[1] = s->client_version & 0xff;
        arc4random_buf(&pms[2], sizeof(pms) - 2);
author	jsing <>	2021-03-10 18:27:02 +0000
committer	jsing <>	2021-03-10 18:27:02 +0000
commit	bec282ffa4cbd669be0dc9e8fab07c4c21ebcb66 (patch)
tree	d994b83bcf4c074517ad35a21855741c2995e67b /src/lib/libssl/ssl_clnt.c
parent	9108b7f38107e9f7ce1aaa33e615a7935b057ad0 (diff)
download	openbsd-bec282ffa4cbd669be0dc9e8fab07c4c21ebcb66.tar.gz openbsd-bec282ffa4cbd669be0dc9e8fab07c4c21ebcb66.tar.bz2 openbsd-bec282ffa4cbd669be0dc9e8fab07c4c21ebcb66.zip