diff options
| author | beck <> | 2020-01-20 22:04:17 +0000 |
|---|---|---|
| committer | beck <> | 2020-01-20 22:04:17 +0000 |
| commit | 5acce3f58ab8ea3f51a29f1fd7044fcf134f5b06 (patch) | |
| tree | 1b10cb169b3a1fa109007f5567f048751d227345 /src | |
| parent | b9ba33b0c7f77fc7b3e33c32ded38da7ee4c7c55 (diff) | |
| download | openbsd-5acce3f58ab8ea3f51a29f1fd7044fcf134f5b06.tar.gz openbsd-5acce3f58ab8ea3f51a29f1fd7044fcf134f5b06.tar.bz2 openbsd-5acce3f58ab8ea3f51a29f1fd7044fcf134f5b06.zip | |
Add alerts to the tls 1.3 record layer and handshake layer
ok jsing@, inoguchi@, tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/tls13_handshake.c | 8 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_record_layer.c | 70 |
2 files changed, 29 insertions, 49 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c index 9f087888e1..c86187caec 100644 --- a/src/lib/libssl/tls13_handshake.c +++ b/src/lib/libssl/tls13_handshake.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_handshake.c,v 1.36 2019/11/17 06:43:46 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_handshake.c,v 1.37 2020/01/20 22:04:17 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> | 3 | * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> |
| 4 | * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> | 4 | * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> |
| @@ -382,10 +382,8 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx, | |||
| 382 | msg_type = tls13_handshake_msg_type(ctx->hs_msg); | 382 | msg_type = tls13_handshake_msg_type(ctx->hs_msg); |
| 383 | if (msg_type != action->handshake_type && | 383 | if (msg_type != action->handshake_type && |
| 384 | (msg_type != TLS13_MT_CERTIFICATE || | 384 | (msg_type != TLS13_MT_CERTIFICATE || |
| 385 | action->handshake_type != TLS13_MT_CERTIFICATE_REQUEST)) { | 385 | action->handshake_type != TLS13_MT_CERTIFICATE_REQUEST)) |
| 386 | /* XXX send unexpected message alert */ | 386 | return tls13_send_alert(ctx->rl, SSL_AD_UNEXPECTED_MESSAGE); |
| 387 | return TLS13_IO_FAILURE; | ||
| 388 | } | ||
| 389 | 387 | ||
| 390 | /* XXX provide CBS and check all consumed. */ | 388 | /* XXX provide CBS and check all consumed. */ |
| 391 | ret = TLS13_IO_FAILURE; | 389 | ret = TLS13_IO_FAILURE; |
diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c index feaca53181..e1007b3f7b 100644 --- a/src/lib/libssl/tls13_record_layer.c +++ b/src/lib/libssl/tls13_record_layer.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_record_layer.c,v 1.16 2019/11/26 23:46:18 beck Exp $ */ | 1 | /* $OpenBSD: tls13_record_layer.c,v 1.17 2020/01/20 22:04:17 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -223,17 +223,19 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl) | |||
| 223 | * read channel closure (close_notify) or termination (all others). | 223 | * read channel closure (close_notify) or termination (all others). |
| 224 | */ | 224 | */ |
| 225 | if (rl->rbuf == NULL) | 225 | if (rl->rbuf == NULL) |
| 226 | goto err; | 226 | return TLS13_IO_FAILURE; |
| 227 | |||
| 227 | if (rl->rbuf_content_type != SSL3_RT_ALERT) | 228 | if (rl->rbuf_content_type != SSL3_RT_ALERT) |
| 228 | goto err; | 229 | return TLS13_IO_FAILURE; |
| 229 | 230 | ||
| 230 | if (!CBS_get_u8(&rl->rbuf_cbs, &alert_level)) | 231 | if (!CBS_get_u8(&rl->rbuf_cbs, &alert_level)) |
| 231 | goto err; /* XXX - decode error alert. */ | 232 | return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR); |
| 233 | |||
| 232 | if (!CBS_get_u8(&rl->rbuf_cbs, &alert_desc)) | 234 | if (!CBS_get_u8(&rl->rbuf_cbs, &alert_desc)) |
| 233 | goto err; /* XXX - decode error alert. */ | 235 | return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR); |
| 234 | 236 | ||
| 235 | if (CBS_len(&rl->rbuf_cbs) != 0) | 237 | if (CBS_len(&rl->rbuf_cbs) != 0) |
| 236 | goto err; /* XXX - decode error alert. */ | 238 | return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR); |
| 237 | 239 | ||
| 238 | tls13_record_layer_rbuf_free(rl); | 240 | tls13_record_layer_rbuf_free(rl); |
| 239 | 241 | ||
| @@ -252,14 +254,10 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl) | |||
| 252 | rl->read_closed = 1; | 254 | rl->read_closed = 1; |
| 253 | rl->write_closed = 1; | 255 | rl->write_closed = 1; |
| 254 | ret = TLS13_IO_FAILURE; /* XXX - ALERT? */ | 256 | ret = TLS13_IO_FAILURE; /* XXX - ALERT? */ |
| 255 | } else { | 257 | } else |
| 256 | /* XXX - decode error alert. */ | 258 | return tls13_send_alert(rl, SSL_AD_ILLEGAL_PARAMETER); |
| 257 | return TLS13_IO_FAILURE; | ||
| 258 | } | ||
| 259 | 259 | ||
| 260 | rl->alert_cb(alert_desc, rl->cb_arg); | 260 | rl->alert_cb(alert_desc, rl->cb_arg); |
| 261 | |||
| 262 | err: | ||
| 263 | return ret; | 261 | return ret; |
| 264 | } | 262 | } |
| 265 | 263 | ||
| @@ -735,22 +733,14 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl) | |||
| 735 | */ | 733 | */ |
| 736 | if (content_type == SSL3_RT_CHANGE_CIPHER_SPEC) { | 734 | if (content_type == SSL3_RT_CHANGE_CIPHER_SPEC) { |
| 737 | /* XXX - need to check after ClientHello, before Finished. */ | 735 | /* XXX - need to check after ClientHello, before Finished. */ |
| 738 | if (rl->handshake_completed || rl->change_cipher_spec_seen) { | 736 | if (rl->handshake_completed || rl->change_cipher_spec_seen) |
| 739 | /* XXX - unexpected message alert. */ | 737 | return tls13_send_alert(rl, SSL_AD_UNEXPECTED_MESSAGE); |
| 740 | goto err; | 738 | if (!tls13_record_content(rl->rrec, &cbs)) |
| 741 | } | 739 | return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR); |
| 742 | if (!tls13_record_content(rl->rrec, &cbs)) { | 740 | if (!CBS_get_u8(&cbs, &ccs)) |
| 743 | /* XXX - decode error alert. */ | 741 | return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR); |
| 744 | goto err; | 742 | if (ccs != 1) |
| 745 | } | 743 | return tls13_send_alert(rl, SSL_AD_ILLEGAL_PARAMETER); |
| 746 | if (!CBS_get_u8(&cbs, &ccs)) { | ||
| 747 | /* XXX - decode error alert. */ | ||
| 748 | goto err; | ||
| 749 | } | ||
| 750 | if (ccs != 1) { | ||
| 751 | /* XXX - something alert. */ | ||
| 752 | goto err; | ||
| 753 | } | ||
| 754 | rl->change_cipher_spec_seen = 1; | 744 | rl->change_cipher_spec_seen = 1; |
| 755 | tls13_record_layer_rrec_free(rl); | 745 | tls13_record_layer_rrec_free(rl); |
| 756 | return TLS13_IO_WANT_POLLIN; | 746 | return TLS13_IO_WANT_POLLIN; |
| @@ -761,10 +751,8 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl) | |||
| 761 | * protected application data messages (aside from the | 751 | * protected application data messages (aside from the |
| 762 | * dummy ChangeCipherSpec messages, handled above). | 752 | * dummy ChangeCipherSpec messages, handled above). |
| 763 | */ | 753 | */ |
| 764 | if (rl->aead != NULL && content_type != SSL3_RT_APPLICATION_DATA) { | 754 | if (rl->aead != NULL && content_type != SSL3_RT_APPLICATION_DATA) |
| 765 | /* XXX - unexpected message alert. */ | 755 | return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE); |
| 766 | goto err; | ||
| 767 | } | ||
| 768 | 756 | ||
| 769 | if (!tls13_record_layer_open_record(rl)) | 757 | if (!tls13_record_layer_open_record(rl)) |
| 770 | goto err; | 758 | goto err; |
| @@ -779,15 +767,12 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl) | |||
| 779 | break; | 767 | break; |
| 780 | 768 | ||
| 781 | case SSL3_RT_APPLICATION_DATA: | 769 | case SSL3_RT_APPLICATION_DATA: |
| 782 | if (!rl->handshake_completed) { | 770 | if (!rl->handshake_completed) |
| 783 | /* XXX - unexpected message alert. */ | 771 | return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE); |
| 784 | goto err; | ||
| 785 | } | ||
| 786 | break; | 772 | break; |
| 787 | 773 | ||
| 788 | default: | 774 | default: |
| 789 | /* XXX - unexpected message alert. */ | 775 | return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE); |
| 790 | goto err; | ||
| 791 | } | 776 | } |
| 792 | 777 | ||
| 793 | return TLS13_IO_SUCCESS; | 778 | return TLS13_IO_SUCCESS; |
| @@ -820,10 +805,8 @@ tls13_record_layer_read(struct tls13_record_layer *rl, uint8_t content_type, | |||
| 820 | * If we are in post handshake handshake mode, we may not see | 805 | * If we are in post handshake handshake mode, we may not see |
| 821 | * any record type that isn't a handshake until we are done. | 806 | * any record type that isn't a handshake until we are done. |
| 822 | */ | 807 | */ |
| 823 | if (rl->phh && rl->rbuf_content_type != SSL3_RT_HANDSHAKE) { | 808 | if (rl->phh && rl->rbuf_content_type != SSL3_RT_HANDSHAKE) |
| 824 | /* XXX send unexpected message alert */ | 809 | return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE); |
| 825 | return TLS13_IO_FAILURE; | ||
| 826 | } | ||
| 827 | 810 | ||
| 828 | if (rl->rbuf_content_type != content_type) { | 811 | if (rl->rbuf_content_type != content_type) { |
| 829 | /* | 812 | /* |
| @@ -877,8 +860,7 @@ tls13_record_layer_read(struct tls13_record_layer *rl, uint8_t content_type, | |||
| 877 | } | 860 | } |
| 878 | } | 861 | } |
| 879 | 862 | ||
| 880 | /* XXX - unexpected message alert. */ | 863 | return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE); |
| 881 | goto err; | ||
| 882 | } | 864 | } |
| 883 | 865 | ||
| 884 | if (n > CBS_len(&rl->rbuf_cbs)) | 866 | if (n > CBS_len(&rl->rbuf_cbs)) |