diff options
| author | jsing <> | 2020-02-06 13:14:17 +0000 |
|---|---|---|
| committer | jsing <> | 2020-02-06 13:14:17 +0000 |
| commit | 0a603f6ba38c0a87a61171ce8cf9545da70287d4 (patch) | |
| tree | 5aa99d8ba098449bdeb77a6900567ebca2686f5b /src | |
| parent | eb4895a6c4e6a61a07bc7525508c056ceca15fcf (diff) | |
| download | openbsd-0a603f6ba38c0a87a61171ce8cf9545da70287d4.tar.gz openbsd-0a603f6ba38c0a87a61171ce8cf9545da70287d4.tar.bz2 openbsd-0a603f6ba38c0a87a61171ce8cf9545da70287d4.zip | |
Correctly handle key share extensions in a hello retry request.
In a hello retry request the server will only send the selected group and
not actually provide a key exchange. In this case we need to store the
server selected group for further processing.
ok tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 3 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 12 |
2 files changed, 11 insertions, 4 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 7f3e8a63a8..b3f7e9b2a5 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.262 2020/02/05 17:30:30 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.263 2020/02/06 13:14:17 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -463,6 +463,7 @@ typedef struct ssl_handshake_tls13_st { | |||
| 463 | /* Version proposed by peer server. */ | 463 | /* Version proposed by peer server. */ |
| 464 | uint16_t server_version; | 464 | uint16_t server_version; |
| 465 | 465 | ||
| 466 | uint16_t server_group; | ||
| 466 | struct tls13_key_share *key_share; | 467 | struct tls13_key_share *key_share; |
| 467 | struct tls13_secrets *secrets; | 468 | struct tls13_secrets *secrets; |
| 468 | 469 | ||
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 58ba11954d..3d1d1c8b7b 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.59 2020/02/01 12:41:58 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.60 2020/02/06 13:14:17 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -1338,11 +1338,17 @@ tlsext_keyshare_client_parse(SSL *s, CBS *cbs, int *alert) | |||
| 1338 | /* Unpack server share. */ | 1338 | /* Unpack server share. */ |
| 1339 | if (!CBS_get_u16(cbs, &group)) | 1339 | if (!CBS_get_u16(cbs, &group)) |
| 1340 | goto err; | 1340 | goto err; |
| 1341 | |||
| 1342 | if (CBS_len(cbs) == 0) { | ||
| 1343 | /* HRR does not include an actual key share. */ | ||
| 1344 | /* XXX - we should know that we are in a HRR... */ | ||
| 1345 | S3I(s)->hs_tls13.server_group = group; | ||
| 1346 | return 1; | ||
| 1347 | } | ||
| 1348 | |||
| 1341 | if (!CBS_get_u16_length_prefixed(cbs, &key_exchange)) | 1349 | if (!CBS_get_u16_length_prefixed(cbs, &key_exchange)) |
| 1342 | return 0; | 1350 | return 0; |
| 1343 | 1351 | ||
| 1344 | /* XXX - Handle other groups and verify that they're valid. */ | ||
| 1345 | |||
| 1346 | if (!tls13_key_share_peer_public(S3I(s)->hs_tls13.key_share, | 1352 | if (!tls13_key_share_peer_public(S3I(s)->hs_tls13.key_share, |
| 1347 | group, &key_exchange)) | 1353 | group, &key_exchange)) |
| 1348 | goto err; | 1354 | goto err; |