diff options
| author | tb <> | 2022-06-03 13:31:49 +0000 |
|---|---|---|
| committer | tb <> | 2022-06-03 13:31:49 +0000 |
| commit | 2caafd751c9c4e121a80400e066e85dab685cc21 (patch) | |
| tree | bdb7e020fb9de6303e716c3d7b5153aab90cff3f /src/lib | |
| parent | 7cb311c754f101f16354b2e8efc8f44a20dcdd22 (diff) | |
| download | openbsd-2caafd751c9c4e121a80400e066e85dab685cc21.tar.gz openbsd-2caafd751c9c4e121a80400e066e85dab685cc21.tar.bz2 openbsd-2caafd751c9c4e121a80400e066e85dab685cc21.zip | |
Add stubbed out handlers for the pre_shared_key extension
ok jsing
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 58 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.h | 9 |
2 files changed, 65 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index de2c1c19d2..f0490de508 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.111 2022/06/03 13:29:39 tb Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.112 2022/06/03 13:31:49 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -1902,6 +1902,46 @@ tlsext_psk_kex_modes_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, | |||
| 1902 | return 0; | 1902 | return 0; |
| 1903 | } | 1903 | } |
| 1904 | 1904 | ||
| 1905 | /* | ||
| 1906 | * Pre-Shared Key Extension - RFC 8446, 4.2.11 | ||
| 1907 | */ | ||
| 1908 | |||
| 1909 | int | ||
| 1910 | tlsext_psk_client_needs(SSL *s, uint16_t msg_type) | ||
| 1911 | { | ||
| 1912 | return 0; | ||
| 1913 | } | ||
| 1914 | |||
| 1915 | int | ||
| 1916 | tlsext_psk_client_build(SSL *s, uint16_t msg_type, CBB *cbb) | ||
| 1917 | { | ||
| 1918 | return 0; | ||
| 1919 | } | ||
| 1920 | |||
| 1921 | int | ||
| 1922 | tlsext_psk_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | ||
| 1923 | { | ||
| 1924 | return 0; | ||
| 1925 | } | ||
| 1926 | |||
| 1927 | int | ||
| 1928 | tlsext_psk_server_needs(SSL *s, uint16_t msg_type) | ||
| 1929 | { | ||
| 1930 | return 0; | ||
| 1931 | } | ||
| 1932 | |||
| 1933 | int | ||
| 1934 | tlsext_psk_server_build(SSL *s, uint16_t msg_type, CBB *cbb) | ||
| 1935 | { | ||
| 1936 | return 0; | ||
| 1937 | } | ||
| 1938 | |||
| 1939 | int | ||
| 1940 | tlsext_psk_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | ||
| 1941 | { | ||
| 1942 | return 0; | ||
| 1943 | } | ||
| 1944 | |||
| 1905 | struct tls_extension_funcs { | 1945 | struct tls_extension_funcs { |
| 1906 | int (*needs)(SSL *s, uint16_t msg_type); | 1946 | int (*needs)(SSL *s, uint16_t msg_type); |
| 1907 | int (*build)(SSL *s, uint16_t msg_type, CBB *cbb); | 1947 | int (*build)(SSL *s, uint16_t msg_type, CBB *cbb); |
| @@ -2104,6 +2144,22 @@ static const struct tls_extension tls_extensions[] = { | |||
| 2104 | .parse = tlsext_psk_kex_modes_server_parse, | 2144 | .parse = tlsext_psk_kex_modes_server_parse, |
| 2105 | }, | 2145 | }, |
| 2106 | }, | 2146 | }, |
| 2147 | { | ||
| 2148 | /* MUST be last extension in CH per RFC 8446 section 4.2. */ | ||
| 2149 | |||
| 2150 | .type = TLSEXT_TYPE_pre_shared_key, | ||
| 2151 | .messages = SSL_TLSEXT_MSG_CH | SSL_TLSEXT_MSG_SH, | ||
| 2152 | .client = { | ||
| 2153 | .needs = tlsext_psk_client_needs, | ||
| 2154 | .build = tlsext_psk_client_build, | ||
| 2155 | .parse = tlsext_psk_client_parse, | ||
| 2156 | }, | ||
| 2157 | .server = { | ||
| 2158 | .needs = tlsext_psk_server_needs, | ||
| 2159 | .build = tlsext_psk_server_build, | ||
| 2160 | .parse = tlsext_psk_server_parse, | ||
| 2161 | }, | ||
| 2162 | }, | ||
| 2107 | }; | 2163 | }; |
| 2108 | 2164 | ||
| 2109 | #define N_TLS_EXTENSIONS (sizeof(tls_extensions) / sizeof(*tls_extensions)) | 2165 | #define N_TLS_EXTENSIONS (sizeof(tls_extensions) / sizeof(*tls_extensions)) |
diff --git a/src/lib/libssl/ssl_tlsext.h b/src/lib/libssl/ssl_tlsext.h index 5f5a852abe..3439255fd6 100644 --- a/src/lib/libssl/ssl_tlsext.h +++ b/src/lib/libssl/ssl_tlsext.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.h,v 1.28 2022/06/03 13:29:39 tb Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.h,v 1.29 2022/06/03 13:31:49 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -128,6 +128,13 @@ int tlsext_psk_kex_modes_server_build(SSL *s, uint16_t msg_type, CBB *cbb); | |||
| 128 | int tlsext_psk_kex_modes_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, | 128 | int tlsext_psk_kex_modes_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, |
| 129 | int *alert); | 129 | int *alert); |
| 130 | 130 | ||
| 131 | int tlsext_psk_client_needs(SSL *s, uint16_t msg_type); | ||
| 132 | int tlsext_psk_client_build(SSL *s, uint16_t msg_type, CBB *cbb); | ||
| 133 | int tlsext_psk_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert); | ||
| 134 | int tlsext_psk_server_needs(SSL *s, uint16_t msg_type); | ||
| 135 | int tlsext_psk_server_build(SSL *s, uint16_t msg_type, CBB *cbb); | ||
| 136 | int tlsext_psk_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert); | ||
| 137 | |||
| 131 | #ifndef OPENSSL_NO_SRTP | 138 | #ifndef OPENSSL_NO_SRTP |
| 132 | int tlsext_srtp_client_needs(SSL *s, uint16_t msg_type); | 139 | int tlsext_srtp_client_needs(SSL *s, uint16_t msg_type); |
| 133 | int tlsext_srtp_client_build(SSL *s, uint16_t msg_type, CBB *cbb); | 140 | int tlsext_srtp_client_build(SSL *s, uint16_t msg_type, CBB *cbb); |