Back out server side CCS sending. It breaks TLSv1.3 client communication

with TLSv1.2 servers, since it makes clients send their dummy CCS too early... There's an obvious but dirty bandaid which I can't bring myself to applying - this business is already disgusting enough. Issue found the hard way by sthen
author: tb <> 2020-05-09 20:38:19 +0000
committer: tb <> 2020-05-09 20:38:19 +0000
commit: 2a4fe9ed015f84f0020469e2ffae41ce8272e589 (patch)
tree: 1c2a03fa66763a699d83162b42558515f1d27581 /src
parent: a7d1d6888203cb7211c1423e27096fbea68be440 (diff)
download: openbsd-2a4fe9ed015f84f0020469e2ffae41ce8272e589.tar.gz
openbsd-2a4fe9ed015f84f0020469e2ffae41ce8272e589.tar.bz2
openbsd-2a4fe9ed015f84f0020469e2ffae41ce8272e589.zip
3 files changed, 3 insertions, 34 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 1825bfbf6c..d3333a2e4a 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_handshake.c,v 1.58 2020/05/09 16:43:05 tb Exp $ */
+/*      $OpenBSD: tls13_handshake.c,v 1.59 2020/05/09 20:38:19 tb Exp $ */
 /*
 * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -102,7 +102,6 @@ static const struct tls13_handshake_action state_machine[] = {
                .sender = TLS13_HS_SERVER,
                .send = tls13_server_hello_retry_request_send,
                .recv = tls13_server_hello_retry_request_recv,
-                .sent = tls13_server_hello_retry_request_sent,
        },
        [SERVER_ENCRYPTED_EXTENSIONS] = {
                .handshake_type = TLS13_MT_ENCRYPTED_EXTENSIONS,
@@ -374,12 +373,6 @@ tls13_handshake_send_action(struct tls13_ctx *ctx,
        if (action->sent != NULL && !action->sent(ctx))
                return TLS13_IO_FAILURE;
-        if (ctx->send_dummy_ccs) {
-                if ((ret = tls13_send_dummy_ccs(ctx->rl)) != TLS13_IO_SUCCESS)
-                        return ret;
-                ctx->send_dummy_ccs = 0;
-        }
        return TLS13_IO_SUCCESS;
 }
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index e3aaf634c3..050ad15df8 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.71 2020/05/09 16:43:05 tb Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.72 2020/05/09 20:38:19 tb Exp $ */
 /*
 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -323,7 +323,6 @@ int tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb);
 int tls13_server_hello_sent(struct tls13_ctx *ctx);
 int tls13_server_hello_retry_request_recv(struct tls13_ctx *ctx, CBS *cbs);
 int tls13_server_hello_retry_request_send(struct tls13_ctx *ctx, CBB *cbb);
-int tls13_server_hello_retry_request_sent(struct tls13_ctx *ctx);
 int tls13_server_encrypted_extensions_recv(struct tls13_ctx *ctx, CBS *cbs);
 int tls13_server_encrypted_extensions_send(struct tls13_ctx *ctx, CBB *cbb);
 int tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs);
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index 5e2711d4d4..0b040fb51d 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.39 2020/05/09 16:43:05 tb Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.40 2020/05/09 20:38:19 tb Exp $ */
 /*
 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -335,20 +335,6 @@ tls13_server_hello_retry_request_send(struct tls13_ctx *ctx, CBB *cbb)
 }
 int
-tls13_server_hello_retry_request_sent(struct tls13_ctx *ctx)
-{
-        /*
-         * If the client has requested middlebox compatibility mode,
-         * we MUST send a dummy CCS following our first handshake message.
-         * See RFC 8446 Appendix D.4.
-         */
-        if (ctx->hs->legacy_session_id_len > 0)
-                ctx->send_dummy_ccs = 1;
-        return 1;
-}
-int
 tls13_client_hello_retry_recv(struct tls13_ctx *ctx, CBS *cbs)
 {
        SSL *s = ctx->ssl;
@@ -382,15 +368,6 @@ tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb)
 int
 tls13_server_hello_sent(struct tls13_ctx *ctx)
 {
-        /*
-         * If the client has requested middlebox compatibility mode,
-         * we MUST send a dummy CCS following our first handshake message.
-         * See RFC 8446 Appendix D.4.
-         */
-        if ((ctx->handshake_stage.hs_type & WITHOUT_HRR) &&
-            ctx->hs->legacy_session_id_len > 0)
-                ctx->send_dummy_ccs = 1;
        return tls13_server_engage_record_protection(ctx);
 }
author	tb <>	2020-05-09 20:38:19 +0000
committer	tb <>	2020-05-09 20:38:19 +0000
commit	2a4fe9ed015f84f0020469e2ffae41ce8272e589 (patch)
tree	1c2a03fa66763a699d83162b42558515f1d27581 /src
parent	a7d1d6888203cb7211c1423e27096fbea68be440 (diff)
download	openbsd-2a4fe9ed015f84f0020469e2ffae41ce8272e589.tar.gz openbsd-2a4fe9ed015f84f0020469e2ffae41ce8272e589.tar.bz2 openbsd-2a4fe9ed015f84f0020469e2ffae41ce8272e589.zip