diff options
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index e56d4c16fd..3c832aec65 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.11 2020/01/23 10:48:36 beck Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.12 2020/01/23 11:47:13 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -45,6 +45,9 @@ tls13_server_init(struct tls13_ctx *ctx) | |||
| 45 | if (!tls1_transcript_init(s)) | 45 | if (!tls1_transcript_init(s)) |
| 46 | return 0; | 46 | return 0; |
| 47 | 47 | ||
| 48 | if ((s->session = SSL_SESSION_new()) == NULL) | ||
| 49 | return 0; | ||
| 50 | |||
| 48 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); | 51 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); |
| 49 | 52 | ||
| 50 | return 1; | 53 | return 1; |
| @@ -142,8 +145,8 @@ tls13_use_legacy_server(struct tls13_ctx *ctx) | |||
| 142 | static int | 145 | static int |
| 143 | tls13_client_hello_is_legacy(CBS *cbs) | 146 | tls13_client_hello_is_legacy(CBS *cbs) |
| 144 | { | 147 | { |
| 145 | CBS extensions_block, extensions, extension_data; | 148 | CBS extensions_block, extensions, extension_data, versions; |
| 146 | uint16_t selected_version = 0; | 149 | uint16_t version, max_version = 0; |
| 147 | uint16_t type; | 150 | uint16_t type; |
| 148 | 151 | ||
| 149 | CBS_dup(cbs, &extensions_block); | 152 | CBS_dup(cbs, &extensions_block); |
| @@ -159,13 +162,19 @@ tls13_client_hello_is_legacy(CBS *cbs) | |||
| 159 | 162 | ||
| 160 | if (type != TLSEXT_TYPE_supported_versions) | 163 | if (type != TLSEXT_TYPE_supported_versions) |
| 161 | continue; | 164 | continue; |
| 162 | if (!CBS_get_u16(&extension_data, &selected_version)) | 165 | if (!CBS_get_u8_length_prefixed(&extension_data, &versions)) |
| 163 | return 1; | 166 | return 1; |
| 167 | while (CBS_len(&versions) > 0) { | ||
| 168 | if (!CBS_get_u16(&versions, &version)) | ||
| 169 | return 1; | ||
| 170 | if (version >= max_version) | ||
| 171 | max_version = version; | ||
| 172 | } | ||
| 164 | if (CBS_len(&extension_data) != 0) | 173 | if (CBS_len(&extension_data) != 0) |
| 165 | return 1; | 174 | return 1; |
| 166 | } | 175 | } |
| 167 | 176 | ||
| 168 | return (selected_version < TLS1_3_VERSION); | 177 | return (max_version < TLS1_3_VERSION); |
| 169 | } | 178 | } |
| 170 | 179 | ||
| 171 | static int | 180 | static int |
| @@ -182,7 +191,7 @@ tls13_client_hello_process(struct tls13_ctx *ctx, CBS *cbs) | |||
| 182 | goto err; | 191 | goto err; |
| 183 | if (!CBS_get_u8_length_prefixed(cbs, &session_id)) | 192 | if (!CBS_get_u8_length_prefixed(cbs, &session_id)) |
| 184 | goto err; | 193 | goto err; |
| 185 | if (!CBS_get_u8_length_prefixed(cbs, &cipher_suites)) | 194 | if (!CBS_get_u16_length_prefixed(cbs, &cipher_suites)) |
| 186 | goto err; | 195 | goto err; |
| 187 | if (!CBS_get_u8_length_prefixed(cbs, &compression_methods)) | 196 | if (!CBS_get_u8_length_prefixed(cbs, &compression_methods)) |
| 188 | goto err; | 197 | goto err; |