diff options
| author | jsing <> | 2018-01-27 15:30:05 +0000 |
|---|---|---|
| committer | jsing <> | 2018-01-27 15:30:05 +0000 |
| commit | 493e742f784a4d7d846e7a28b384c113d30ed942 (patch) | |
| tree | 3d53d5ec7c827462ec31ee3156e980e4c951418a /src/lib/libssl/ssl_srvr.c | |
| parent | d591e698ee2bf88b94fcbab7fc07c798cf0b3ba8 (diff) | |
| download | openbsd-493e742f784a4d7d846e7a28b384c113d30ed942.tar.gz openbsd-493e742f784a4d7d846e7a28b384c113d30ed942.tar.bz2 openbsd-493e742f784a4d7d846e7a28b384c113d30ed942.zip | |
Complete the TLS extension handling rewrite for the server-side.
This removes ssl_parse_clienthello_tlsext() and allows the CBS to be
passed all the way through from ssl3_get_client_hello(). The renegotation
check gets pulled up into ssl3_get_client_hello() which is where other
such checks exist.
The TLS extension parsing now also ensures that we do not get duplicates
of any known extensions (the old pre-rewrite code only did this for some
extensions).
ok inoguchi@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 5d741cdc81..6450623d4a 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.26 2017/10/12 15:52:50 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.27 2018/01/27 15:30:05 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -813,7 +813,6 @@ ssl3_get_client_hello(SSL *s) | |||
| 813 | int i, j, ok, al, ret = -1, cookie_valid = 0; | 813 | int i, j, ok, al, ret = -1, cookie_valid = 0; |
| 814 | long n; | 814 | long n; |
| 815 | unsigned long id; | 815 | unsigned long id; |
| 816 | unsigned char *p, *d; | ||
| 817 | SSL_CIPHER *c; | 816 | SSL_CIPHER *c; |
| 818 | STACK_OF(SSL_CIPHER) *ciphers = NULL; | 817 | STACK_OF(SSL_CIPHER) *ciphers = NULL; |
| 819 | unsigned long alg_k; | 818 | unsigned long alg_k; |
| @@ -843,8 +842,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 843 | if (n < 0) | 842 | if (n < 0) |
| 844 | goto err; | 843 | goto err; |
| 845 | 844 | ||
| 846 | d = p = (unsigned char *)s->internal->init_msg; | 845 | end = (unsigned char *)s->internal->init_msg + n; |
| 847 | end = d + n; | ||
| 848 | 846 | ||
| 849 | CBS_init(&cbs, s->internal->init_msg, n); | 847 | CBS_init(&cbs, s->internal->init_msg, n); |
| 850 | 848 | ||
| @@ -1038,14 +1036,17 @@ ssl3_get_client_hello(SSL *s) | |||
| 1038 | goto f_err; | 1036 | goto f_err; |
| 1039 | } | 1037 | } |
| 1040 | 1038 | ||
| 1041 | p = (unsigned char *)CBS_data(&cbs); | 1039 | if (!tlsext_clienthello_parse(s, &cbs, &al)) { |
| 1042 | |||
| 1043 | /* TLS extensions*/ | ||
| 1044 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { | ||
| 1045 | /* 'al' set by ssl_parse_clienthello_tlsext */ | ||
| 1046 | SSLerror(s, SSL_R_PARSE_TLSEXT); | 1040 | SSLerror(s, SSL_R_PARSE_TLSEXT); |
| 1047 | goto f_err; | 1041 | goto f_err; |
| 1048 | } | 1042 | } |
| 1043 | |||
| 1044 | if (!S3I(s)->renegotiate_seen && s->internal->renegotiate) { | ||
| 1045 | al = SSL_AD_HANDSHAKE_FAILURE; | ||
| 1046 | SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); | ||
| 1047 | goto f_err; | ||
| 1048 | } | ||
| 1049 | |||
| 1049 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { | 1050 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { |
| 1050 | SSLerror(s, SSL_R_CLIENTHELLO_TLSEXT); | 1051 | SSLerror(s, SSL_R_CLIENTHELLO_TLSEXT); |
| 1051 | goto err; | 1052 | goto err; |