summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/ssl_locl.h7
-rw-r--r--src/lib/libssl/ssl_sess.c13
-rw-r--r--src/lib/libssl/ssl_srvr.c6
-rw-r--r--src/lib/libssl/t1_lib.c26
4 files changed, 32 insertions, 20 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index e41465419a..036c1dacb2 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.284 2020/08/30 15:40:20 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.285 2020/08/31 14:04:51 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1161,7 +1161,8 @@ int ssl_cert_add1_chain_cert(CERT *c, X509 *cert);
1161SESS_CERT *ssl_sess_cert_new(void); 1161SESS_CERT *ssl_sess_cert_new(void);
1162void ssl_sess_cert_free(SESS_CERT *sc); 1162void ssl_sess_cert_free(SESS_CERT *sc);
1163int ssl_get_new_session(SSL *s, int session); 1163int ssl_get_new_session(SSL *s, int session);
1164int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block); 1164int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block,
1165 int *alert);
1165int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b); 1166int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
1166SSL_CIPHER *OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, 1167SSL_CIPHER *OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base,
1167 int num); 1168 int num);
@@ -1397,7 +1398,7 @@ int ssl_check_clienthello_tlsext_late(SSL *s);
1397int ssl_check_serverhello_tlsext(SSL *s); 1398int ssl_check_serverhello_tlsext(SSL *s);
1398 1399
1399int tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, 1400int tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block,
1400 SSL_SESSION **ret); 1401 int *alert, SSL_SESSION **ret);
1401 1402
1402long ssl_get_algorithm2(SSL *s); 1403long ssl_get_algorithm2(SSL *s);
1403 1404
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 16b4b75bc4..827360176b 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_sess.c,v 1.85 2019/04/22 15:12:20 jsing Exp $ */ 1/* $OpenBSD: ssl_sess.c,v 1.86 2020/08/31 14:04:51 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -435,10 +435,10 @@ sess_id_done:
435 * to 1 if the server should issue a new session ticket (to 0 otherwise). 435 * to 1 if the server should issue a new session ticket (to 0 otherwise).
436 */ 436 */
437int 437int
438ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block) 438ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, int *alert)
439{ 439{
440 SSL_SESSION *ret = NULL; 440 SSL_SESSION *ret = NULL;
441 int fatal = 0; 441 int alert_desc = SSL_AD_INTERNAL_ERROR, fatal = 0;
442 int try_session_cache = 1; 442 int try_session_cache = 1;
443 int r; 443 int r;
444 444
@@ -451,7 +451,7 @@ ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block)
451 try_session_cache = 0; 451 try_session_cache = 0;
452 452
453 /* Sets s->internal->tlsext_ticket_expected. */ 453 /* Sets s->internal->tlsext_ticket_expected. */
454 r = tls1_process_ticket(s, session_id, ext_block, &ret); 454 r = tls1_process_ticket(s, session_id, ext_block, &alert_desc, &ret);
455 switch (r) { 455 switch (r) {
456 case -1: /* Error during processing */ 456 case -1: /* Error during processing */
457 fatal = 1; 457 fatal = 1;
@@ -591,9 +591,10 @@ err:
591 s->internal->tlsext_ticket_expected = 1; 591 s->internal->tlsext_ticket_expected = 1;
592 } 592 }
593 } 593 }
594 if (fatal) 594 if (fatal) {
595 *alert = alert_desc;
595 return -1; 596 return -1;
596 else 597 } else
597 return 0; 598 return 0;
598} 599}
599 600
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 67671f276c..745b15aad0 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.80 2020/07/03 04:12:50 tb Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.81 2020/08/31 14:04:51 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -920,11 +920,11 @@ ssl3_get_client_hello(SSL *s)
920 920
921 CBS_dup(&cbs, &ext_block); 921 CBS_dup(&cbs, &ext_block);
922 922
923 i = ssl_get_prev_session(s, &session_id, &ext_block); 923 i = ssl_get_prev_session(s, &session_id, &ext_block, &al);
924 if (i == 1) { /* previous session */ 924 if (i == 1) { /* previous session */
925 s->internal->hit = 1; 925 s->internal->hit = 1;
926 } else if (i == -1) 926 } else if (i == -1)
927 goto err; 927 goto f_err;
928 else { 928 else {
929 /* i == 0 */ 929 /* i == 0 */
930 if (!ssl_get_new_session(s, 1)) 930 if (!ssl_get_new_session(s, 1))
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 1191f9201e..59146eb767 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.169 2020/08/09 16:25:54 jsing Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.170 2020/08/31 14:04:51 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -122,7 +122,7 @@
122#include "ssl_sigalgs.h" 122#include "ssl_sigalgs.h"
123#include "ssl_tlsext.h" 123#include "ssl_tlsext.h"
124 124
125static int tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, 125static int tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert,
126 SSL_SESSION **psess); 126 SSL_SESSION **psess);
127 127
128SSL3_ENC_METHOD TLSv1_enc_data = { 128SSL3_ENC_METHOD TLSv1_enc_data = {
@@ -782,7 +782,8 @@ ssl_check_serverhello_tlsext(SSL *s)
782 * Otherwise, s->internal->tlsext_ticket_expected is set to 0. 782 * Otherwise, s->internal->tlsext_ticket_expected is set to 0.
783 */ 783 */
784int 784int
785tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, SSL_SESSION **ret) 785tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, int *alert,
786 SSL_SESSION **ret)
786{ 787{
787 CBS extensions, ext_data; 788 CBS extensions, ext_data;
788 uint16_t ext_type = 0; 789 uint16_t ext_type = 0;
@@ -805,13 +806,17 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, SSL_SESSION **ret)
805 if (CBS_len(ext_block) == 0) 806 if (CBS_len(ext_block) == 0)
806 return 0; 807 return 0;
807 808
808 if (!CBS_get_u16_length_prefixed(ext_block, &extensions)) 809 if (!CBS_get_u16_length_prefixed(ext_block, &extensions)) {
810 *alert = SSL_AD_DECODE_ERROR;
809 return -1; 811 return -1;
812 }
810 813
811 while (CBS_len(&extensions) > 0) { 814 while (CBS_len(&extensions) > 0) {
812 if (!CBS_get_u16(&extensions, &ext_type) || 815 if (!CBS_get_u16(&extensions, &ext_type) ||
813 !CBS_get_u16_length_prefixed(&extensions, &ext_data)) 816 !CBS_get_u16_length_prefixed(&extensions, &ext_data)) {
817 *alert = SSL_AD_DECODE_ERROR;
814 return -1; 818 return -1;
819 }
815 820
816 if (ext_type == TLSEXT_TYPE_session_ticket) 821 if (ext_type == TLSEXT_TYPE_session_ticket)
817 break; 822 break;
@@ -839,7 +844,7 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, SSL_SESSION **ret)
839 return 2; 844 return 2;
840 } 845 }
841 846
842 r = tls_decrypt_ticket(s, session_id, &ext_data, ret); 847 r = tls_decrypt_ticket(s, session_id, &ext_data, alert, ret);
843 switch (r) { 848 switch (r) {
844 case 2: /* ticket couldn't be decrypted */ 849 case 2: /* ticket couldn't be decrypted */
845 s->internal->tlsext_ticket_expected = 1; 850 s->internal->tlsext_ticket_expected = 1;
@@ -868,7 +873,8 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, SSL_SESSION **ret)
868 * 4: same as 3, but the ticket needs to be renewed. 873 * 4: same as 3, but the ticket needs to be renewed.
869 */ 874 */
870static int 875static int
871tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess) 876tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert,
877 SSL_SESSION **psess)
872{ 878{
873 CBS ticket_name, ticket_iv, ticket_encdata, ticket_hmac; 879 CBS ticket_name, ticket_iv, ticket_encdata, ticket_hmac;
874 SSL_SESSION *sess = NULL; 880 SSL_SESSION *sess = NULL;
@@ -883,6 +889,7 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
883 int slen, hlen; 889 int slen, hlen;
884 int renew_ticket = 0; 890 int renew_ticket = 0;
885 int ret = -1; 891 int ret = -1;
892 int alert_desc = SSL_AD_INTERNAL_ERROR;
886 893
887 *psess = NULL; 894 *psess = NULL;
888 895
@@ -956,8 +963,10 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
956 goto derr; 963 goto derr;
957 if (!CBS_get_bytes(ticket, &ticket_hmac, hlen)) 964 if (!CBS_get_bytes(ticket, &ticket_hmac, hlen))
958 goto derr; 965 goto derr;
959 if (CBS_len(ticket) != 0) 966 if (CBS_len(ticket) != 0) {
967 alert_desc = SSL_AD_DECODE_ERROR;
960 goto err; 968 goto err;
969 }
961 970
962 /* Check HMAC of encrypted ticket. */ 971 /* Check HMAC of encrypted ticket. */
963 if (HMAC_Update(hctx, CBS_data(&ticket_name), 972 if (HMAC_Update(hctx, CBS_data(&ticket_name),
@@ -1020,6 +1029,7 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess)
1020 goto done; 1029 goto done;
1021 1030
1022 err: 1031 err:
1032 *alert = alert_desc;
1023 ret = -1; 1033 ret = -1;
1024 goto done; 1034 goto done;
1025 1035
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 23:27:11 +0000