Remove NPN support.

NPN was never standardised and the last draft expired in October 2012. ALPN was standardised in July 2014 and has been supported in LibreSSL since December 2014. NPN has also been removed from Chromium in May 2016. TLS clients and servers that try to use/enable NPN will fail gracefully and fallback to the default protocol, since it will essentially appear that the otherside does not support NPN. At some point in the future we will actually remove the NPN related symbols entirely. ok bcook@ beck@ doug@
author: jsing <> 2017-08-12 21:03:08 +0000
committer: jsing <> 2017-08-12 21:03:08 +0000
commit: c648197458d45db4f93561e9497fac0532e6d0bc (patch)
tree: 942d907ed1f094ec2a23893a790715396a4d7e4f /src/lib/libssl/ssl_clnt.c
parent: be646f37c6508ed75a22ff21af60f2496b432c9d (diff)
download: openbsd-c648197458d45db4f93561e9497fac0532e6d0bc.tar.gz
openbsd-c648197458d45db4f93561e9497fac0532e6d0bc.tar.bz2
openbsd-c648197458d45db4f93561e9497fac0532e6d0bc.zip
1 files changed, 3 insertions, 53 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 865c961db7..ec4a4104fc 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.15 2017/08/12 02:55:22 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.16 2017/08/12 21:03:08 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -407,14 +407,11 @@ ssl3_connect(SSL *s)
                case SSL3_ST_CW_CHANGE_A:
                case SSL3_ST_CW_CHANGE_B:
                        ret = ssl3_send_change_cipher_spec(s,
-                        SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);
+                            SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);
                        if (ret <= 0)
                                goto end;
-                        if (S3I(s)->next_proto_neg_seen)
+                        S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
-                                S3I(s)->hs.state = SSL3_ST_CW_NEXT_PROTO_A;
-                        else
-                                S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
                        s->internal->init_num = 0;
                        s->session->cipher = S3I(s)->hs.new_cipher;
@@ -431,14 +428,6 @@ ssl3_connect(SSL *s)
                        break;
-                case SSL3_ST_CW_NEXT_PROTO_A:
-                case SSL3_ST_CW_NEXT_PROTO_B:
-                        ret = ssl3_send_next_proto(s);
-                        if (ret <= 0)
-                                goto end;
-                        S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
-                        break;
                case SSL3_ST_CW_FINISHED_A:
                case SSL3_ST_CW_FINISHED_B:
                        ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A,
@@ -2599,45 +2588,6 @@ err:
        return (0);
 }
-int
-ssl3_send_next_proto(SSL *s)
-{
-        CBB cbb, nextproto, npn, padding;
-        size_t pad_len;
-        uint8_t *pad;
-        memset(&cbb, 0, sizeof(cbb));
-        if (S3I(s)->hs.state == SSL3_ST_CW_NEXT_PROTO_A) {
-                pad_len = 32 - ((s->internal->next_proto_negotiated_len + 2) % 32);
-                if (!ssl3_handshake_msg_start_cbb(s, &cbb, &nextproto,
-                    SSL3_MT_NEXT_PROTO))
-                        goto err;
-                if (!CBB_add_u8_length_prefixed(&nextproto, &npn))
-                        goto err;
-                if (!CBB_add_bytes(&npn, s->internal->next_proto_negotiated,
-                    s->internal->next_proto_negotiated_len))
-                        goto err;
-                if (!CBB_add_u8_length_prefixed(&nextproto, &padding))
-                        goto err;
-                if (!CBB_add_space(&padding, &pad, pad_len))
-                        goto err;
-                memset(pad, 0, pad_len);
-                if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
-                        goto err;
-                S3I(s)->hs.state = SSL3_ST_CW_NEXT_PROTO_B;
-        }
-        return (ssl3_handshake_write(s));
- err:
-        CBB_cleanup(&cbb);
-        return (-1);
-}
 /*
 * Check to see if handshake is full or resumed. Usually this is just a
 * case of checking to see if a cache hit has occurred. In the case of
author	jsing <>	2017-08-12 21:03:08 +0000
committer	jsing <>	2017-08-12 21:03:08 +0000
commit	c648197458d45db4f93561e9497fac0532e6d0bc (patch)
tree	942d907ed1f094ec2a23893a790715396a4d7e4f /src/lib/libssl/ssl_clnt.c
parent	be646f37c6508ed75a22ff21af60f2496b432c9d (diff)
download	openbsd-c648197458d45db4f93561e9497fac0532e6d0bc.tar.gz openbsd-c648197458d45db4f93561e9497fac0532e6d0bc.tar.bz2 openbsd-c648197458d45db4f93561e9497fac0532e6d0bc.zip

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 865c961db7..ec4a4104fc 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.15 2017/08/12 02:55:22 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.16 2017/08/12 21:03:08 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -407,14 +407,11 @@ ssl3_connect(SSL *s)
407	case SSL3_ST_CW_CHANGE_A:	407	case SSL3_ST_CW_CHANGE_A:
408	case SSL3_ST_CW_CHANGE_B:	408	case SSL3_ST_CW_CHANGE_B:
409	ret = ssl3_send_change_cipher_spec(s,	409	ret = ssl3_send_change_cipher_spec(s,
410	SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);	410	SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);
411	if (ret <= 0)	411	if (ret <= 0)
412	goto end;	412	goto end;
413		413
414	if (S3I(s)->next_proto_neg_seen)	414	S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
415	S3I(s)->hs.state = SSL3_ST_CW_NEXT_PROTO_A;
416	else
417	S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
418	s->internal->init_num = 0;	415	s->internal->init_num = 0;
419		416
420	s->session->cipher = S3I(s)->hs.new_cipher;	417	s->session->cipher = S3I(s)->hs.new_cipher;
@@ -431,14 +428,6 @@ ssl3_connect(SSL *s)
431		428
432	break;	429	break;
433		430
434	case SSL3_ST_CW_NEXT_PROTO_A:
435	case SSL3_ST_CW_NEXT_PROTO_B:
436	ret = ssl3_send_next_proto(s);
437	if (ret <= 0)
438	goto end;
439	S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
440	break;
441
442	case SSL3_ST_CW_FINISHED_A:	431	case SSL3_ST_CW_FINISHED_A:
443	case SSL3_ST_CW_FINISHED_B:	432	case SSL3_ST_CW_FINISHED_B:
444	ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A,	433	ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A,
@@ -2599,45 +2588,6 @@ err:
2599	return (0);	2588	return (0);
2600	}	2589	}
2601		2590
2602	int
2603	ssl3_send_next_proto(SSL *s)
2604	{
2605	CBB cbb, nextproto, npn, padding;
2606	size_t pad_len;
2607	uint8_t *pad;
2608
2609	memset(&cbb, 0, sizeof(cbb));
2610
2611	if (S3I(s)->hs.state == SSL3_ST_CW_NEXT_PROTO_A) {
2612	pad_len = 32 - ((s->internal->next_proto_negotiated_len + 2) % 32);
2613
2614	if (!ssl3_handshake_msg_start_cbb(s, &cbb, &nextproto,
2615	SSL3_MT_NEXT_PROTO))
2616	goto err;
2617	if (!CBB_add_u8_length_prefixed(&nextproto, &npn))
2618	goto err;
2619	if (!CBB_add_bytes(&npn, s->internal->next_proto_negotiated,
2620	s->internal->next_proto_negotiated_len))
2621	goto err;
2622	if (!CBB_add_u8_length_prefixed(&nextproto, &padding))
2623	goto err;
2624	if (!CBB_add_space(&padding, &pad, pad_len))
2625	goto err;
2626	memset(pad, 0, pad_len);
2627	if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
2628	goto err;
2629
2630	S3I(s)->hs.state = SSL3_ST_CW_NEXT_PROTO_B;
2631	}
2632
2633	return (ssl3_handshake_write(s));
2634
2635	err:
2636	CBB_cleanup(&cbb);
2637
2638	return (-1);
2639	}
2640
2641	/*	2591	/*
2642	* Check to see if handshake is full or resumed. Usually this is just a	2592	* Check to see if handshake is full or resumed. Usually this is just a
2643	* case of checking to see if a cache hit has occurred. In the case of	2593	* case of checking to see if a cache hit has occurred. In the case of