diff options
| author | tb <> | 2020-12-14 15:26:36 +0000 |
|---|---|---|
| committer | tb <> | 2020-12-14 15:26:36 +0000 |
| commit | e26eeaa4a45f5c99de33c77e188d1d2a6beef5b2 (patch) | |
| tree | 49fb3745f2189bdd11aa680488c0db97f889f608 /src/lib/libssl/tls13_server.c | |
| parent | 9045cd98ac0d2004aac7cfc73e33e2d627023748 (diff) | |
| download | openbsd-e26eeaa4a45f5c99de33c77e188d1d2a6beef5b2.tar.gz openbsd-e26eeaa4a45f5c99de33c77e188d1d2a6beef5b2.tar.bz2 openbsd-e26eeaa4a45f5c99de33c77e188d1d2a6beef5b2.zip | |
Fix SSL_get{,_peer}_finished() with TLSv1.3
As reported by Steffen Ullrich and bluhm, the Finished tests in
p5-Net-SSLeay's t/local/43_misc_functions.t broke with with TLSv1.3.
The reason for this is that we don't copy the MDs over to the SSL, so
the API functions can't retrieve them. This commit fixes this part of
the test (one unrelated test still fails).
ok inoguchi jsing
Diffstat (limited to 'src/lib/libssl/tls13_server.c')
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index a3adf9e6b3..1c8644ab27 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.63 2020/11/17 07:02:30 tb Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.64 2020/12/14 15:26:36 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -776,6 +776,8 @@ tls13_server_finished_send(struct tls13_ctx *ctx, CBB *cbb) | |||
| 776 | size_t hmac_len; | 776 | size_t hmac_len; |
| 777 | unsigned int hlen; | 777 | unsigned int hlen; |
| 778 | HMAC_CTX *hmac_ctx = NULL; | 778 | HMAC_CTX *hmac_ctx = NULL; |
| 779 | CBS cbs; | ||
| 780 | SSL *s = ctx->ssl; | ||
| 779 | int ret = 0; | 781 | int ret = 0; |
| 780 | 782 | ||
| 781 | finished_key.data = key; | 783 | finished_key.data = key; |
| @@ -806,6 +808,11 @@ tls13_server_finished_send(struct tls13_ctx *ctx, CBB *cbb) | |||
| 806 | if (hlen != hmac_len) | 808 | if (hlen != hmac_len) |
| 807 | goto err; | 809 | goto err; |
| 808 | 810 | ||
| 811 | CBS_init(&cbs, verify_data, hmac_len); | ||
| 812 | if (!CBS_write_bytes(&cbs, S3I(s)->tmp.finish_md, | ||
| 813 | sizeof(S3I(s)->tmp.finish_md), &S3I(s)->tmp.finish_md_len)) | ||
| 814 | goto err; | ||
| 815 | |||
| 809 | ret = 1; | 816 | ret = 1; |
| 810 | 817 | ||
| 811 | err: | 818 | err: |
| @@ -1036,6 +1043,7 @@ tls13_client_finished_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 1036 | uint8_t key[EVP_MAX_MD_SIZE]; | 1043 | uint8_t key[EVP_MAX_MD_SIZE]; |
| 1037 | HMAC_CTX *hmac_ctx = NULL; | 1044 | HMAC_CTX *hmac_ctx = NULL; |
| 1038 | unsigned int hlen; | 1045 | unsigned int hlen; |
| 1046 | SSL *s = ctx->ssl; | ||
| 1039 | int ret = 0; | 1047 | int ret = 0; |
| 1040 | 1048 | ||
| 1041 | /* | 1049 | /* |
| @@ -1070,6 +1078,11 @@ tls13_client_finished_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 1070 | goto err; | 1078 | goto err; |
| 1071 | } | 1079 | } |
| 1072 | 1080 | ||
| 1081 | if (!CBS_write_bytes(cbs, S3I(s)->tmp.peer_finish_md, | ||
| 1082 | sizeof(S3I(s)->tmp.peer_finish_md), | ||
| 1083 | &S3I(s)->tmp.peer_finish_md_len)) | ||
| 1084 | goto err; | ||
| 1085 | |||
| 1073 | if (!CBS_skip(cbs, verify_data_len)) | 1086 | if (!CBS_skip(cbs, verify_data_len)) |
| 1074 | goto err; | 1087 | goto err; |
| 1075 | 1088 | ||