diff options
| author | beck <> | 2018-11-10 01:19:09 +0000 |
|---|---|---|
| committer | beck <> | 2018-11-10 01:19:09 +0000 |
| commit | a63c042c294065378076f342043234c8efa620b2 (patch) | |
| tree | 7a38d18aacac062bf470573f237552369c229a80 /src/lib/libssl/ssl_srvr.c | |
| parent | da35d1b222c4d16415d4e8a784a03c57b1bc56ed (diff) | |
| download | openbsd-a63c042c294065378076f342043234c8efa620b2.tar.gz openbsd-a63c042c294065378076f342043234c8efa620b2.tar.bz2 openbsd-a63c042c294065378076f342043234c8efa620b2.zip | |
Stop keeping track of sigalgs by guessing it from digest and pkey,
just keep the sigalg around so we can remember what we actually
decided to use.
ok jsing@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 35 |
1 files changed, 12 insertions, 23 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 51e5475f54..587a538060 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.54 2018/11/09 05:43:39 beck Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.55 2018/11/10 01:19:09 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1483,6 +1483,7 @@ int | |||
| 1483 | ssl3_send_server_key_exchange(SSL *s) | 1483 | ssl3_send_server_key_exchange(SSL *s) |
| 1484 | { | 1484 | { |
| 1485 | CBB cbb, cbb_params, cbb_signature, server_kex; | 1485 | CBB cbb, cbb_params, cbb_signature, server_kex; |
| 1486 | const struct ssl_sigalg *sigalg = NULL; | ||
| 1486 | unsigned char *signature = NULL; | 1487 | unsigned char *signature = NULL; |
| 1487 | unsigned int signature_len; | 1488 | unsigned int signature_len; |
| 1488 | unsigned char *params = NULL; | 1489 | unsigned char *params = NULL; |
| @@ -1529,28 +1530,14 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1529 | /* Add signature unless anonymous. */ | 1530 | /* Add signature unless anonymous. */ |
| 1530 | if (!(S3I(s)->hs.new_cipher->algorithm_auth & SSL_aNULL)) { | 1531 | if (!(S3I(s)->hs.new_cipher->algorithm_auth & SSL_aNULL)) { |
| 1531 | if ((pkey = ssl_get_sign_pkey(s, S3I(s)->hs.new_cipher, | 1532 | if ((pkey = ssl_get_sign_pkey(s, S3I(s)->hs.new_cipher, |
| 1532 | &md)) == NULL) { | 1533 | &md, &sigalg)) == NULL) { |
| 1533 | al = SSL_AD_DECODE_ERROR; | 1534 | al = SSL_AD_DECODE_ERROR; |
| 1534 | goto f_err; | 1535 | goto f_err; |
| 1535 | } | 1536 | } |
| 1536 | 1537 | ||
| 1537 | if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s)) | ||
| 1538 | md = EVP_md5_sha1(); | ||
| 1539 | |||
| 1540 | if (md == NULL) { | ||
| 1541 | /* Is this error check actually needed? */ | ||
| 1542 | al = SSL_AD_HANDSHAKE_FAILURE; | ||
| 1543 | SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE); | ||
| 1544 | goto f_err; | ||
| 1545 | } | ||
| 1546 | |||
| 1547 | /* Send signature algorithm. */ | 1538 | /* Send signature algorithm. */ |
| 1548 | if (SSL_USE_SIGALGS(s)) { | 1539 | if (SSL_USE_SIGALGS(s)) { |
| 1549 | uint16_t sigalg; | 1540 | if (!CBB_add_u16(&server_kex, sigalg->value)) { |
| 1550 | if ((sigalg = ssl_sigalg_value(pkey, md)) == | ||
| 1551 | SIGALG_NONE || | ||
| 1552 | !CBB_add_u16(&server_kex, sigalg)) { | ||
| 1553 | /* Should never happen */ | ||
| 1554 | al = SSL_AD_INTERNAL_ERROR; | 1541 | al = SSL_AD_INTERNAL_ERROR; |
| 1555 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 1542 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
| 1556 | goto f_err; | 1543 | goto f_err; |
| @@ -1595,7 +1582,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1595 | free(signature); | 1582 | free(signature); |
| 1596 | 1583 | ||
| 1597 | return (ssl3_handshake_write(s)); | 1584 | return (ssl3_handshake_write(s)); |
| 1598 | 1585 | ||
| 1599 | f_err: | 1586 | f_err: |
| 1600 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 1587 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 1601 | err: | 1588 | err: |
| @@ -2155,17 +2142,19 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2155 | goto err; | 2142 | goto err; |
| 2156 | } else { | 2143 | } else { |
| 2157 | if (SSL_USE_SIGALGS(s)) { | 2144 | if (SSL_USE_SIGALGS(s)) { |
| 2158 | uint16_t sigalg; | 2145 | const struct ssl_sigalg *sigalg; |
| 2146 | uint16_t sigalg_value; | ||
| 2159 | 2147 | ||
| 2160 | if (!CBS_get_u16(&cbs, &sigalg)) | 2148 | if (!CBS_get_u16(&cbs, &sigalg_value)) |
| 2161 | goto truncated; | 2149 | goto truncated; |
| 2162 | if ((md = ssl_sigalg_md(sigalg, tls12_sigalgs, | 2150 | if ((sigalg = ssl_sigalg(sigalg_value, tls12_sigalgs, |
| 2163 | tls12_sigalgs_len)) == NULL) { | 2151 | tls12_sigalgs_len)) == NULL || |
| 2152 | (md = sigalg->md()) == NULL) { | ||
| 2164 | SSLerror(s, SSL_R_UNKNOWN_DIGEST); | 2153 | SSLerror(s, SSL_R_UNKNOWN_DIGEST); |
| 2165 | al = SSL_AD_DECODE_ERROR; | 2154 | al = SSL_AD_DECODE_ERROR; |
| 2166 | goto f_err; | 2155 | goto f_err; |
| 2167 | } | 2156 | } |
| 2168 | if (!ssl_sigalg_pkey_check(sigalg, pkey)) { | 2157 | if (sigalg->key_type != pkey->type) { |
| 2169 | SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE); | 2158 | SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE); |
| 2170 | al = SSL_AD_DECODE_ERROR; | 2159 | al = SSL_AD_DECODE_ERROR; |
| 2171 | goto f_err; | 2160 | goto f_err; |