diff options
| author | beck <> | 2020-05-17 19:07:15 +0000 |
|---|---|---|
| committer | beck <> | 2020-05-17 19:07:15 +0000 |
| commit | 3f64337bd4976e6c77b4bad1903d910370470705 (patch) | |
| tree | e74be150ac50d5de5b6b9f46abbb8530fde15396 /src | |
| parent | 94f8dc4972c7ef3e485ec57a9a62ccb7c3720c1c (diff) | |
| download | openbsd-3f64337bd4976e6c77b4bad1903d910370470705.tar.gz openbsd-3f64337bd4976e6c77b4bad1903d910370470705.tar.bz2 openbsd-3f64337bd4976e6c77b4bad1903d910370470705.zip | |
Send alerts back correctly when handling key shares, including
sending back illegal parameter if our phh key share request type
is not 0 or 1.
ok jsing@ tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/tls13_lib.c | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index c1a0d89f81..3527539095 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_lib.c,v 1.44 2020/05/17 18:22:30 beck Exp $ */ | 1 | /* $OpenBSD: tls13_lib.c,v 1.45 2020/05/17 19:07:15 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2019 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2019 Bob Beck <beck@openbsd.org> |
| @@ -257,28 +257,41 @@ tls13_phh_limit_check(struct tls13_ctx *ctx) | |||
| 257 | static ssize_t | 257 | static ssize_t |
| 258 | tls13_key_update_recv(struct tls13_ctx *ctx, CBS *cbs) | 258 | tls13_key_update_recv(struct tls13_ctx *ctx, CBS *cbs) |
| 259 | { | 259 | { |
| 260 | ssize_t ret = TLS13_IO_FAILURE; | 260 | uint8_t alert = TLS13_ALERT_INTERNAL_ERROR; |
| 261 | uint8_t key_update_request; | ||
| 262 | ssize_t ret; | ||
| 261 | 263 | ||
| 262 | if (!CBS_get_u8(cbs, &ctx->key_update_request)) | 264 | if (!CBS_get_u8(cbs, &key_update_request)) { |
| 265 | alert = TLS13_ALERT_DECODE_ERROR; | ||
| 266 | goto err; | ||
| 267 | } | ||
| 268 | if (CBS_len(cbs) != 0) { | ||
| 269 | alert = TLS13_ALERT_DECODE_ERROR; | ||
| 263 | goto err; | 270 | goto err; |
| 264 | if (CBS_len(cbs) != 0) | 271 | } |
| 272 | if (key_update_request > 1) { | ||
| 273 | alert = TLS13_ALERT_ILLEGAL_PARAMETER; | ||
| 265 | goto err; | 274 | goto err; |
| 275 | } | ||
| 266 | 276 | ||
| 267 | if (!tls13_phh_update_peer_traffic_secret(ctx)) | 277 | if (!tls13_phh_update_peer_traffic_secret(ctx)) |
| 268 | goto err; | 278 | goto err; |
| 269 | 279 | ||
| 270 | if (ctx->key_update_request) { | 280 | if (key_update_request) { |
| 271 | CBB cbb; | 281 | CBB cbb; |
| 272 | CBS cbs; /* XXX */ | 282 | CBS cbs; /* XXX */ |
| 273 | 283 | ||
| 274 | tls13_handshake_msg_free(ctx->hs_msg); | 284 | tls13_handshake_msg_free(ctx->hs_msg); |
| 275 | ctx->hs_msg = tls13_handshake_msg_new(); | 285 | ctx->hs_msg = tls13_handshake_msg_new(); |
| 286 | |||
| 276 | if (!tls13_handshake_msg_start(ctx->hs_msg, &cbb, TLS13_MT_KEY_UPDATE)) | 287 | if (!tls13_handshake_msg_start(ctx->hs_msg, &cbb, TLS13_MT_KEY_UPDATE)) |
| 277 | goto err; | 288 | goto err; |
| 278 | if (!CBB_add_u8(&cbb, 0)) | 289 | if (!CBB_add_u8(&cbb, 0)) |
| 279 | goto err; | 290 | goto err; |
| 280 | if (!tls13_handshake_msg_finish(ctx->hs_msg)) | 291 | if (!tls13_handshake_msg_finish(ctx->hs_msg)) |
| 281 | goto err; | 292 | goto err; |
| 293 | |||
| 294 | ctx->key_update_request = key_update_request; | ||
| 282 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); | 295 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); |
| 283 | ret = tls13_record_layer_phh(ctx->rl, &cbs); | 296 | ret = tls13_record_layer_phh(ctx->rl, &cbs); |
| 284 | 297 | ||
| @@ -289,9 +302,7 @@ tls13_key_update_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 289 | 302 | ||
| 290 | return ret; | 303 | return ret; |
| 291 | err: | 304 | err: |
| 292 | ctx->key_update_request = 0; | 305 | return tls13_send_alert(ctx->rl, alert); |
| 293 | /* XXX alert */ | ||
| 294 | return TLS13_IO_FAILURE; | ||
| 295 | } | 306 | } |
| 296 | 307 | ||
| 297 | static void | 308 | static void |