1 files changed, 11 insertions, 19 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 7f7a176950..aa1b62c8db 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.134 2022/01/08 12:59:59 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.135 2022/01/09 15:28:47 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -539,15 +539,11 @@ ssl3_accept(SSL *s)
                        }
                        alg_k = S3I(s)->hs.cipher->algorithm_mkey;
-                        if (ret == 2) {
+                        if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
                                /*
-                                 * For the ECDH ciphersuites when
+                                 * A GOST client may use the key from its
-                                 * the client sends its ECDH pub key in
+                                 * certificate for key exchange, in which case
-                                 * a certificate, the CertificateVerify
+                                 * the CertificateVerify message is not sent.
-                                 * message is not sent.
-                                 * Also for GOST ciphersuites when
-                                 * the client uses its key from the certificate
-                                 * for key exchange.
                                 */
                                S3I(s)->hs.state = SSL3_ST_SR_FINISHED_A;
                                s->internal->init_num = 0;
@@ -1780,7 +1776,6 @@ ssl3_get_client_kex_gost(SSL *s, CBS *cbs)
        size_t outlen = 32;
        CBS gostblob;
        int al;
-        int ret = 0;
        /* Get our certificate private key*/
        alg_a = S3I(s)->hs.cipher->algorithm_auth;
@@ -1820,18 +1815,15 @@ ssl3_get_client_kex_gost(SSL *s, CBS *cbs)
                goto err;
        /* Check if pubkey from client certificate was used */
-        if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1,
+        if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY,
-            EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
+            2, NULL) > 0)
-                ret = 2;
+                s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
-        else
-                ret = 1;
 gerr:
        EVP_PKEY_free(client_pub_pkey);
        EVP_PKEY_CTX_free(pkey_ctx);
-        if (ret)
-                return (ret);
+        return 1;
-        else
-                goto err;
 decode_err:
        al = SSL_AD_DECODE_ERROR;

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 7f7a176950..aa1b62c8db 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_srvr.c,v 1.134 2022/01/08 12:59:59 jsing Exp $ */	1	/* $OpenBSD: ssl_srvr.c,v 1.135 2022/01/09 15:28:47 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -539,15 +539,11 @@ ssl3_accept(SSL *s)
539	}	539	}
540		540
541	alg_k = S3I(s)->hs.cipher->algorithm_mkey;	541	alg_k = S3I(s)->hs.cipher->algorithm_mkey;
542	if (ret == 2) {	542	if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
543	/*	543	/*
544	* For the ECDH ciphersuites when	544	* A GOST client may use the key from its
545	* the client sends its ECDH pub key in	545	* certificate for key exchange, in which case
546	* a certificate, the CertificateVerify	546	* the CertificateVerify message is not sent.
547	* message is not sent.
548	* Also for GOST ciphersuites when
549	* the client uses its key from the certificate
550	* for key exchange.
551	*/	547	*/
552	S3I(s)->hs.state = SSL3_ST_SR_FINISHED_A;	548	S3I(s)->hs.state = SSL3_ST_SR_FINISHED_A;
553	s->internal->init_num = 0;	549	s->internal->init_num = 0;
@@ -1780,7 +1776,6 @@ ssl3_get_client_kex_gost(SSL s, CBS cbs)
1780	size_t outlen = 32;	1776	size_t outlen = 32;
1781	CBS gostblob;	1777	CBS gostblob;
1782	int al;	1778	int al;
1783	int ret = 0;
1784		1779
1785	/* Get our certificate private key*/	1780	/* Get our certificate private key*/
1786	alg_a = S3I(s)->hs.cipher->algorithm_auth;	1781	alg_a = S3I(s)->hs.cipher->algorithm_auth;
@@ -1820,18 +1815,15 @@ ssl3_get_client_kex_gost(SSL s, CBS cbs)
1820	goto err;	1815	goto err;
1821		1816
1822	/* Check if pubkey from client certificate was used */	1817	/* Check if pubkey from client certificate was used */
1823	if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1,	1818	if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY,
1824	EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)	1819	2, NULL) > 0)
1825	ret = 2;	1820	s->s3->flags \|= TLS1_FLAGS_SKIP_CERT_VERIFY;
1826	else	1821
1827	ret = 1;
1828	gerr:	1822	gerr:
1829	EVP_PKEY_free(client_pub_pkey);	1823	EVP_PKEY_free(client_pub_pkey);
1830	EVP_PKEY_CTX_free(pkey_ctx);	1824	EVP_PKEY_CTX_free(pkey_ctx);
1831	if (ret)	1825
1832	return (ret);	1826	return 1;
1833	else
1834	goto err;
1835		1827
1836	decode_err:	1828	decode_err:
1837	al = SSL_AD_DECODE_ERROR;	1829	al = SSL_AD_DECODE_ERROR;