diff options
| author | jsing <> | 2020-01-22 03:20:09 +0000 |
|---|---|---|
| committer | jsing <> | 2020-01-22 03:20:09 +0000 |
| commit | 24920ea442ae11d098818346d1b92cbf95582783 (patch) | |
| tree | 6be260c2ef2c4d197ebabe751ef785e63c626d4a /src/lib/libssl/tls13_client.c | |
| parent | b0f820dcfc24b9120618dc0c86f71400e314f16a (diff) | |
| download | openbsd-24920ea442ae11d098818346d1b92cbf95582783.tar.gz openbsd-24920ea442ae11d098818346d1b92cbf95582783.tar.bz2 openbsd-24920ea442ae11d098818346d1b92cbf95582783.zip | |
Correctly set the legacy version when TLSv1.3 is building a client hello.
The legacy version field is capped at TLSv1.2, however it may be lower than
this if we are only choosing to use TLSv1.0 or TLSv1.1.
ok beck@ tb@
Diffstat (limited to 'src/lib/libssl/tls13_client.c')
| -rw-r--r-- | src/lib/libssl/tls13_client.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c index e0041eadae..ef4c3de75f 100644 --- a/src/lib/libssl/tls13_client.c +++ b/src/lib/libssl/tls13_client.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_client.c,v 1.24 2020/01/22 02:39:45 tb Exp $ */ | 1 | /* $OpenBSD: tls13_client.c,v 1.25 2020/01/22 03:20:09 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -152,12 +152,19 @@ tls13_use_legacy_client(struct tls13_ctx *ctx) | |||
| 152 | } | 152 | } |
| 153 | 153 | ||
| 154 | static int | 154 | static int |
| 155 | tls13_client_hello_build(SSL *s, CBB *cbb) | 155 | tls13_client_hello_build(struct tls13_ctx *ctx, CBB *cbb) |
| 156 | { | 156 | { |
| 157 | CBB cipher_suites, compression_methods, session_id; | 157 | CBB cipher_suites, compression_methods, session_id; |
| 158 | uint16_t client_version; | ||
| 159 | SSL *s = ctx->ssl; | ||
| 158 | uint8_t *sid; | 160 | uint8_t *sid; |
| 159 | 161 | ||
| 160 | if (!CBB_add_u16(cbb, TLS1_2_VERSION)) | 162 | /* Legacy client version is capped at TLS 1.2. */ |
| 163 | client_version = ctx->hs->max_version; | ||
| 164 | if (client_version > TLS1_2_VERSION) | ||
| 165 | client_version = TLS1_2_VERSION; | ||
| 166 | |||
| 167 | if (!CBB_add_u16(cbb, client_version)) | ||
| 161 | goto err; | 168 | goto err; |
| 162 | if (!CBB_add_bytes(cbb, s->s3->client_random, SSL3_RANDOM_SIZE)) | 169 | if (!CBB_add_bytes(cbb, s->s3->client_random, SSL3_RANDOM_SIZE)) |
| 163 | goto err; | 170 | goto err; |
| @@ -204,7 +211,7 @@ tls13_client_hello_send(struct tls13_ctx *ctx) | |||
| 204 | 211 | ||
| 205 | if (!tls13_handshake_msg_start(ctx->hs_msg, &body, TLS13_MT_CLIENT_HELLO)) | 212 | if (!tls13_handshake_msg_start(ctx->hs_msg, &body, TLS13_MT_CLIENT_HELLO)) |
| 206 | return 0; | 213 | return 0; |
| 207 | if (!tls13_client_hello_build(ctx->ssl, &body)) | 214 | if (!tls13_client_hello_build(ctx, &body)) |
| 208 | return 0; | 215 | return 0; |
| 209 | if (!tls13_handshake_msg_finish(ctx->hs_msg)) | 216 | if (!tls13_handshake_msg_finish(ctx->hs_msg)) |
| 210 | return 0; | 217 | return 0; |