Rewrite and move the last remnants of the ServerHello SNI handling into

tlsext_sni_serverhello_parse(). This also adds a check to ensure that
if we have an existing session, the name matches what we specified via
SNI.

ok doug@

2 files changed, 25 insertions, 29 deletions

diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 539c380fb9..400c69fa87 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.2 2017/07/24 17:10:31 jsing Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.3 2017/07/24 17:39:43 jsing Exp $ */
 /*
  * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
  *
@@ -259,6 +259,28 @@ tlsext_sni_serverhello_parse(SSL *s, CBS *cbs, int *alert)
                 return 0;
         }
 
+        if (s->internal->hit) {
+                if (s->session->tlsext_hostname == NULL) {
+                        *alert = TLS1_AD_UNRECOGNIZED_NAME;
+                        return 0;
+                }
+                if (strcmp(s->tlsext_hostname,
+                    s->session->tlsext_hostname) != 0) {
+                        *alert = TLS1_AD_UNRECOGNIZED_NAME;
+                        return 0;
+                }
+        } else {
+                if (s->session->tlsext_hostname != NULL) {
+                        *alert = SSL_AD_DECODE_ERROR;
+                        return 0;
+                }
+                if ((s->session->tlsext_hostname =
+                    strdup(s->tlsext_hostname)) == NULL) {
+                        *alert = TLS1_AD_INTERNAL_ERROR;
+                        return 0;
+                }
+        }
+
         return 1;
 }
 
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index bf5e2de80b..b061bd1100 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.121 2017/07/24 17:10:31 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.122 2017/07/24 17:39:43 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1504,7 +1504,6 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al)
         unsigned short len;
         unsigned char *data = *p;
         unsigned char *end = *p + n;
-        int tlsext_servername = 0;
         CBS cbs;
 
         S3I(s)->renegotiate_seen = 0;
@@ -1537,15 +1536,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al)
                 if (!tlsext_serverhello_parse_one(s, &cbs, type, al))
                         return 0;
 
-                if (type == TLSEXT_TYPE_server_name) {
-                        if (s->tlsext_hostname == NULL || size > 0) {
-                                *al = TLS1_AD_UNRECOGNIZED_NAME;
-                                return 0;
-                        }
-                        tlsext_servername = 1;
-
-                }
-                else if (type == TLSEXT_TYPE_ec_point_formats &&
+                if (type == TLSEXT_TYPE_ec_point_formats &&
                     s->version != DTLS1_VERSION) {
                         unsigned char *sdata = data;
                         size_t formatslen;
@@ -1688,23 +1679,6 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al)
                 return 0;
         }
 
-        if (!s->internal->hit && tlsext_servername == 1) {
-                if (s->tlsext_hostname) {
-                        if (s->session->tlsext_hostname == NULL) {
-                                s->session->tlsext_hostname =
-                                    strdup(s->tlsext_hostname);
-
-                                if (!s->session->tlsext_hostname) {
-                                        *al = SSL_AD_UNRECOGNIZED_NAME;
-                                        return 0;
-                                }
-                        } else {
-                                *al = SSL_AD_DECODE_ERROR;
-                                return 0;
-                        }
-                }
-        }
-
         *p = data;
 
 ri_check: