diff options
| author | jsing <> | 2021-10-23 14:40:54 +0000 |
|---|---|---|
| committer | jsing <> | 2021-10-23 14:40:54 +0000 |
| commit | 48d78838532f827ee48f8f73f24be6e77d4bbf0f (patch) | |
| tree | ce6df35f3dc86483e4bf5fb3d4d1a4ada8d56b08 /src/lib/libssl/ssl_locl.h | |
| parent | 29938589622ccf645f7dc926feb10e611775c666 (diff) | |
| download | openbsd-48d78838532f827ee48f8f73f24be6e77d4bbf0f.tar.gz openbsd-48d78838532f827ee48f8f73f24be6e77d4bbf0f.tar.bz2 openbsd-48d78838532f827ee48f8f73f24be6e77d4bbf0f.zip | |
Provide a way to determine our maximum legacy version.
With the introduction of TLSv1.3, we need the ability to determine our
maximum legacy version and to track our peer's maximum legacy version.
This is needed for both the TLS record layer when using TLSv1.3, plus
it is needed for RSA key exhange in TLS prior to TLSv1.3, where the
maximum legacy version is incorporated in the pre-master secret to
avoid downgrade attacks.
This unbreaks RSA KEX for the TLS client when the non-version specific
method is used with TLSv1.0 or TLSv1.1 (clearly no one does this).
ok tb@
Diffstat (limited to 'src/lib/libssl/ssl_locl.h')
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index b41a5d803f..3c58e5ac21 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.362 2021/10/23 11:41:52 beck Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.363 2021/10/23 14:40:54 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -583,6 +583,13 @@ typedef struct ssl_handshake_st { | |||
| 583 | uint16_t negotiated_tls_version; | 583 | uint16_t negotiated_tls_version; |
| 584 | 584 | ||
| 585 | /* | 585 | /* |
| 586 | * Legacy version advertised by our peer. For a server this is the | ||
| 587 | * version specified by the client in the ClientHello message. For a | ||
| 588 | * client, this is the version provided in the ServerHello message. | ||
| 589 | */ | ||
| 590 | uint16_t peer_legacy_version; | ||
| 591 | |||
| 592 | /* | ||
| 586 | * Current handshake state - contains one of the SSL3_ST_* values and | 593 | * Current handshake state - contains one of the SSL3_ST_* values and |
| 587 | * is used by the TLSv1.2 state machine, as well as being updated by | 594 | * is used by the TLSv1.2 state machine, as well as being updated by |
| 588 | * the TLSv1.3 stack due to it being exposed externally. | 595 | * the TLSv1.3 stack due to it being exposed externally. |
| @@ -1291,6 +1298,7 @@ int ssl_supported_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver | |||
| 1291 | uint16_t ssl_tls_version(uint16_t version); | 1298 | uint16_t ssl_tls_version(uint16_t version); |
| 1292 | uint16_t ssl_effective_tls_version(SSL *s); | 1299 | uint16_t ssl_effective_tls_version(SSL *s); |
| 1293 | int ssl_max_supported_version(SSL *s, uint16_t *max_ver); | 1300 | int ssl_max_supported_version(SSL *s, uint16_t *max_ver); |
| 1301 | int ssl_max_legacy_version(SSL *s, uint16_t *max_ver); | ||
| 1294 | int ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver); | 1302 | int ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver); |
| 1295 | int ssl_check_version_from_server(SSL *s, uint16_t server_version); | 1303 | int ssl_check_version_from_server(SSL *s, uint16_t server_version); |
| 1296 | int ssl_legacy_stack_version(SSL *s, uint16_t version); | 1304 | int ssl_legacy_stack_version(SSL *s, uint16_t version); |