diff options
Diffstat (limited to 'src/lib/libssl/ssl_tlsext.c')
-rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index a0e2f7320b..cb2b2cadc7 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssl_tlsext.c,v 1.63 2020/04/21 17:06:16 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.64 2020/05/09 10:51:55 jsing Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> |
4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
@@ -222,6 +222,31 @@ tlsext_supportedgroups_server_parse(SSL *s, CBS *cbs, int *alert) | |||
222 | uint16_t *groups; | 222 | uint16_t *groups; |
223 | int i; | 223 | int i; |
224 | 224 | ||
225 | if (SSI(s)->tlsext_supportedgroups != NULL) { | ||
226 | /* | ||
227 | * We should only end up here in the case of a TLSv1.3 | ||
228 | * HelloRetryRequest... and the client cannot change | ||
229 | * supported groups. | ||
230 | */ | ||
231 | /* XXX - we should know this is a HRR. */ | ||
232 | if (groups_len != SSI(s)->tlsext_supportedgroups_length) { | ||
233 | *alert = SSL_AD_ILLEGAL_PARAMETER; | ||
234 | return 0; | ||
235 | } | ||
236 | for (i = 0; i < groups_len; i++) { | ||
237 | uint16_t group; | ||
238 | |||
239 | if (!CBS_get_u16(&grouplist, &group)) | ||
240 | goto err; | ||
241 | if (SSI(s)->tlsext_supportedgroups[i] != group) { | ||
242 | *alert = SSL_AD_ILLEGAL_PARAMETER; | ||
243 | return 0; | ||
244 | } | ||
245 | } | ||
246 | |||
247 | return 1; | ||
248 | } | ||
249 | |||
225 | if (SSI(s)->tlsext_supportedgroups != NULL) | 250 | if (SSI(s)->tlsext_supportedgroups != NULL) |
226 | goto err; | 251 | goto err; |
227 | 252 | ||
@@ -672,7 +697,7 @@ tlsext_sni_server_parse(SSL *s, CBS *cbs, int *alert) | |||
672 | return 0; | 697 | return 0; |
673 | } | 698 | } |
674 | 699 | ||
675 | if (s->internal->hit) { | 700 | if (s->internal->hit || S3I(s)->hs_tls13.hrr) { |
676 | if (s->session->tlsext_hostname == NULL) { | 701 | if (s->session->tlsext_hostname == NULL) { |
677 | *alert = TLS1_AD_UNRECOGNIZED_NAME; | 702 | *alert = TLS1_AD_UNRECOGNIZED_NAME; |
678 | return 0; | 703 | return 0; |
@@ -1333,6 +1358,11 @@ tlsext_keyshare_server_needs(SSL *s) | |||
1333 | int | 1358 | int |
1334 | tlsext_keyshare_server_build(SSL *s, CBB *cbb) | 1359 | tlsext_keyshare_server_build(SSL *s, CBB *cbb) |
1335 | { | 1360 | { |
1361 | /* In the case of a HRR, we only send the server selected group. */ | ||
1362 | /* XXX - we should know this is a HRR. */ | ||
1363 | if (S3I(s)->hs_tls13.server_group != 0) | ||
1364 | return CBB_add_u16(cbb, S3I(s)->hs_tls13.server_group); | ||
1365 | |||
1336 | if (S3I(s)->hs_tls13.key_share == NULL) | 1366 | if (S3I(s)->hs_tls13.key_share == NULL) |
1337 | return 0; | 1367 | return 0; |
1338 | 1368 | ||