diff options
| author | jsing <> | 2020-07-14 18:55:59 +0000 |
|---|---|---|
| committer | jsing <> | 2020-07-14 18:55:59 +0000 |
| commit | ef9e219c0f3e7bb1b407f5c40535bc494508797e (patch) | |
| tree | 65e973057ef4ce9586b745049601ef82ecca264e /src | |
| parent | ada595bf91598989bfe89b4f3291739f4d848c5f (diff) | |
| download | openbsd-ef9e219c0f3e7bb1b407f5c40535bc494508797e.tar.gz openbsd-ef9e219c0f3e7bb1b407f5c40535bc494508797e.tar.bz2 openbsd-ef9e219c0f3e7bb1b407f5c40535bc494508797e.zip | |
Dedup the use legacy stack code.
ok inoguchi@ tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/tls13_legacy.c | 81 |
1 files changed, 25 insertions, 56 deletions
diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c index 39e34ab93c..23f9c5f664 100644 --- a/src/lib/libssl/tls13_legacy.c +++ b/src/lib/libssl/tls13_legacy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_legacy.c,v 1.9 2020/06/24 18:04:33 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_legacy.c,v 1.10 2020/07/14 18:55:59 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -282,22 +282,18 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *vbuf, int len) | |||
| 282 | } | 282 | } |
| 283 | } | 283 | } |
| 284 | 284 | ||
| 285 | int | 285 | static int |
| 286 | tls13_use_legacy_client(struct tls13_ctx *ctx) | 286 | tls13_use_legacy_stack(struct tls13_ctx *ctx) |
| 287 | { | 287 | { |
| 288 | SSL *s = ctx->ssl; | 288 | SSL *s = ctx->ssl; |
| 289 | CBS cbs; | 289 | CBS cbs; |
| 290 | 290 | ||
| 291 | s->method = tls_legacy_client_method(); | ||
| 292 | s->internal->handshake_func = s->method->internal->ssl_connect; | ||
| 293 | s->client_version = s->version = s->method->internal->max_version; | ||
| 294 | |||
| 295 | if (!ssl3_setup_init_buffer(s)) | 291 | if (!ssl3_setup_init_buffer(s)) |
| 296 | goto err; | 292 | return 0; |
| 297 | if (!ssl3_setup_buffers(s)) | 293 | if (!ssl3_setup_buffers(s)) |
| 298 | goto err; | 294 | return 0; |
| 299 | if (!ssl_init_wbio_buffer(s, 0)) | 295 | if (!ssl_init_wbio_buffer(s, 0)) |
| 300 | goto err; | 296 | return 0; |
| 301 | 297 | ||
| 302 | if (s->bbio != s->wbio) | 298 | if (s->bbio != s->wbio) |
| 303 | s->wbio = BIO_push(s->bbio, s->wbio); | 299 | s->wbio = BIO_push(s->bbio, s->wbio); |
| @@ -308,7 +304,7 @@ tls13_use_legacy_client(struct tls13_ctx *ctx) | |||
| 308 | if (!CBS_write_bytes(&cbs, | 304 | if (!CBS_write_bytes(&cbs, |
| 309 | S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH, | 305 | S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH, |
| 310 | S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL)) | 306 | S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL)) |
| 311 | goto err; | 307 | return 0; |
| 312 | 308 | ||
| 313 | S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH; | 309 | S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH; |
| 314 | S3I(s)->rbuf.left = CBS_len(&cbs); | 310 | S3I(s)->rbuf.left = CBS_len(&cbs); |
| @@ -324,75 +320,48 @@ tls13_use_legacy_client(struct tls13_ctx *ctx) | |||
| 324 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); | 320 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); |
| 325 | if (!CBS_write_bytes(&cbs, s->internal->init_buf->data, | 321 | if (!CBS_write_bytes(&cbs, s->internal->init_buf->data, |
| 326 | s->internal->init_buf->length, NULL)) | 322 | s->internal->init_buf->length, NULL)) |
| 327 | goto err; | 323 | return 0; |
| 328 | 324 | ||
| 329 | S3I(s)->tmp.reuse_message = 1; | 325 | S3I(s)->tmp.reuse_message = 1; |
| 330 | S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg); | 326 | S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg); |
| 331 | S3I(s)->tmp.message_size = CBS_len(&cbs); | 327 | S3I(s)->tmp.message_size = CBS_len(&cbs); |
| 332 | 328 | ||
| 329 | return 1; | ||
| 330 | } | ||
| 331 | |||
| 332 | int | ||
| 333 | tls13_use_legacy_client(struct tls13_ctx *ctx) | ||
| 334 | { | ||
| 335 | SSL *s = ctx->ssl; | ||
| 336 | |||
| 337 | s->method = tls_legacy_client_method(); | ||
| 338 | s->internal->handshake_func = s->method->internal->ssl_connect; | ||
| 339 | s->client_version = s->version = s->method->internal->max_version; | ||
| 340 | |||
| 341 | if (!tls13_use_legacy_stack(ctx)) | ||
| 342 | return 0; | ||
| 343 | |||
| 333 | S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A; | 344 | S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A; |
| 334 | 345 | ||
| 335 | return 1; | 346 | return 1; |
| 336 | |||
| 337 | err: | ||
| 338 | return 0; | ||
| 339 | } | 347 | } |
| 340 | 348 | ||
| 341 | int | 349 | int |
| 342 | tls13_use_legacy_server(struct tls13_ctx *ctx) | 350 | tls13_use_legacy_server(struct tls13_ctx *ctx) |
| 343 | { | 351 | { |
| 344 | SSL *s = ctx->ssl; | 352 | SSL *s = ctx->ssl; |
| 345 | CBS cbs; | ||
| 346 | 353 | ||
| 347 | s->method = tls_legacy_server_method(); | 354 | s->method = tls_legacy_server_method(); |
| 348 | s->internal->handshake_func = s->method->internal->ssl_accept; | 355 | s->internal->handshake_func = s->method->internal->ssl_accept; |
| 349 | s->client_version = s->version = s->method->internal->max_version; | 356 | s->client_version = s->version = s->method->internal->max_version; |
| 350 | s->server = 1; | 357 | s->server = 1; |
| 351 | 358 | ||
| 352 | if (!ssl3_setup_init_buffer(s)) | 359 | if (!tls13_use_legacy_stack(ctx)) |
| 353 | goto err; | 360 | return 0; |
| 354 | if (!ssl3_setup_buffers(s)) | ||
| 355 | goto err; | ||
| 356 | if (!ssl_init_wbio_buffer(s, 0)) | ||
| 357 | goto err; | ||
| 358 | |||
| 359 | if (s->bbio != s->wbio) | ||
| 360 | s->wbio = BIO_push(s->bbio, s->wbio); | ||
| 361 | |||
| 362 | /* Stash any unprocessed data from the last record. */ | ||
| 363 | tls13_record_layer_rbuf(ctx->rl, &cbs); | ||
| 364 | if (CBS_len(&cbs) > 0) { | ||
| 365 | if (!CBS_write_bytes(&cbs, | ||
| 366 | S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH, | ||
| 367 | S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL)) | ||
| 368 | goto err; | ||
| 369 | |||
| 370 | S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH; | ||
| 371 | S3I(s)->rbuf.left = CBS_len(&cbs); | ||
| 372 | S3I(s)->rrec.type = SSL3_RT_HANDSHAKE; | ||
| 373 | S3I(s)->rrec.length = CBS_len(&cbs); | ||
| 374 | s->internal->rstate = SSL_ST_READ_BODY; | ||
| 375 | s->internal->packet = S3I(s)->rbuf.buf; | ||
| 376 | s->internal->packet_length = SSL3_RT_HEADER_LENGTH; | ||
| 377 | s->internal->mac_packet = 1; | ||
| 378 | } | ||
| 379 | |||
| 380 | /* Stash the current handshake message. */ | ||
| 381 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); | ||
| 382 | if (!CBS_write_bytes(&cbs, s->internal->init_buf->data, | ||
| 383 | s->internal->init_buf->length, NULL)) | ||
| 384 | goto err; | ||
| 385 | |||
| 386 | S3I(s)->tmp.reuse_message = 1; | ||
| 387 | S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg); | ||
| 388 | S3I(s)->tmp.message_size = CBS_len(&cbs); | ||
| 389 | 361 | ||
| 390 | S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A; | 362 | S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A; |
| 391 | 363 | ||
| 392 | return 1; | 364 | return 1; |
| 393 | |||
| 394 | err: | ||
| 395 | return 0; | ||
| 396 | } | 365 | } |
| 397 | 366 | ||
| 398 | int | 367 | int |