diff options
Diffstat (limited to 'src/lib/libssl/ssl_tlsext.c')
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 60 |
1 files changed, 30 insertions, 30 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 4f4a39d4bb..5ffab919a2 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.87 2021/03/10 18:27:02 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.88 2021/03/21 18:36:34 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -226,7 +226,7 @@ tlsext_supportedgroups_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, | |||
| 226 | uint16_t *groups; | 226 | uint16_t *groups; |
| 227 | int i; | 227 | int i; |
| 228 | 228 | ||
| 229 | if (S3I(s)->hs_tls13.hrr) { | 229 | if (S3I(s)->hs.tls13.hrr) { |
| 230 | if (SSI(s)->tlsext_supportedgroups == NULL) { | 230 | if (SSI(s)->tlsext_supportedgroups == NULL) { |
| 231 | *alert = SSL_AD_HANDSHAKE_FAILURE; | 231 | *alert = SSL_AD_HANDSHAKE_FAILURE; |
| 232 | return 0; | 232 | return 0; |
| @@ -759,7 +759,7 @@ tlsext_sni_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 759 | goto err; | 759 | goto err; |
| 760 | } | 760 | } |
| 761 | 761 | ||
| 762 | if (s->internal->hit || S3I(s)->hs_tls13.hrr) { | 762 | if (s->internal->hit || S3I(s)->hs.tls13.hrr) { |
| 763 | if (s->session->tlsext_hostname == NULL) { | 763 | if (s->session->tlsext_hostname == NULL) { |
| 764 | *alert = TLS1_AD_UNRECOGNIZED_NAME; | 764 | *alert = TLS1_AD_UNRECOGNIZED_NAME; |
| 765 | goto err; | 765 | goto err; |
| @@ -1416,7 +1416,7 @@ tlsext_keyshare_client_build(SSL *s, uint16_t msg_type, CBB *cbb) | |||
| 1416 | if (!CBB_add_u16_length_prefixed(cbb, &client_shares)) | 1416 | if (!CBB_add_u16_length_prefixed(cbb, &client_shares)) |
| 1417 | return 0; | 1417 | return 0; |
| 1418 | 1418 | ||
| 1419 | if (!tls13_key_share_public(S3I(s)->hs_tls13.key_share, | 1419 | if (!tls13_key_share_public(S3I(s)->hs.tls13.key_share, |
| 1420 | &client_shares)) | 1420 | &client_shares)) |
| 1421 | return 0; | 1421 | return 0; |
| 1422 | 1422 | ||
| @@ -1454,7 +1454,7 @@ tlsext_keyshare_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 1454 | */ | 1454 | */ |
| 1455 | if (S3I(s)->hs.our_max_tls_version < TLS1_3_VERSION) | 1455 | if (S3I(s)->hs.our_max_tls_version < TLS1_3_VERSION) |
| 1456 | continue; | 1456 | continue; |
| 1457 | if (S3I(s)->hs_tls13.key_share != NULL) | 1457 | if (S3I(s)->hs.tls13.key_share != NULL) |
| 1458 | continue; | 1458 | continue; |
| 1459 | 1459 | ||
| 1460 | /* XXX - consider implementing server preference. */ | 1460 | /* XXX - consider implementing server preference. */ |
| @@ -1462,10 +1462,10 @@ tlsext_keyshare_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 1462 | continue; | 1462 | continue; |
| 1463 | 1463 | ||
| 1464 | /* Decode and store the selected key share. */ | 1464 | /* Decode and store the selected key share. */ |
| 1465 | S3I(s)->hs_tls13.key_share = tls13_key_share_new(group); | 1465 | S3I(s)->hs.tls13.key_share = tls13_key_share_new(group); |
| 1466 | if (S3I(s)->hs_tls13.key_share == NULL) | 1466 | if (S3I(s)->hs.tls13.key_share == NULL) |
| 1467 | goto err; | 1467 | goto err; |
| 1468 | if (!tls13_key_share_peer_public(S3I(s)->hs_tls13.key_share, | 1468 | if (!tls13_key_share_peer_public(S3I(s)->hs.tls13.key_share, |
| 1469 | group, &key_exchange)) | 1469 | group, &key_exchange)) |
| 1470 | goto err; | 1470 | goto err; |
| 1471 | } | 1471 | } |
| @@ -1488,16 +1488,16 @@ int | |||
| 1488 | tlsext_keyshare_server_build(SSL *s, uint16_t msg_type, CBB *cbb) | 1488 | tlsext_keyshare_server_build(SSL *s, uint16_t msg_type, CBB *cbb) |
| 1489 | { | 1489 | { |
| 1490 | /* In the case of a HRR, we only send the server selected group. */ | 1490 | /* In the case of a HRR, we only send the server selected group. */ |
| 1491 | if (S3I(s)->hs_tls13.hrr) { | 1491 | if (S3I(s)->hs.tls13.hrr) { |
| 1492 | if (S3I(s)->hs_tls13.server_group == 0) | 1492 | if (S3I(s)->hs.tls13.server_group == 0) |
| 1493 | return 0; | 1493 | return 0; |
| 1494 | return CBB_add_u16(cbb, S3I(s)->hs_tls13.server_group); | 1494 | return CBB_add_u16(cbb, S3I(s)->hs.tls13.server_group); |
| 1495 | } | 1495 | } |
| 1496 | 1496 | ||
| 1497 | if (S3I(s)->hs_tls13.key_share == NULL) | 1497 | if (S3I(s)->hs.tls13.key_share == NULL) |
| 1498 | return 0; | 1498 | return 0; |
| 1499 | 1499 | ||
| 1500 | if (!tls13_key_share_public(S3I(s)->hs_tls13.key_share, cbb)) | 1500 | if (!tls13_key_share_public(S3I(s)->hs.tls13.key_share, cbb)) |
| 1501 | return 0; | 1501 | return 0; |
| 1502 | 1502 | ||
| 1503 | return 1; | 1503 | return 1; |
| @@ -1516,17 +1516,17 @@ tlsext_keyshare_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 1516 | if (CBS_len(cbs) == 0) { | 1516 | if (CBS_len(cbs) == 0) { |
| 1517 | /* HRR does not include an actual key share. */ | 1517 | /* HRR does not include an actual key share. */ |
| 1518 | /* XXX - we should know that we are in a HRR... */ | 1518 | /* XXX - we should know that we are in a HRR... */ |
| 1519 | S3I(s)->hs_tls13.server_group = group; | 1519 | S3I(s)->hs.tls13.server_group = group; |
| 1520 | return 1; | 1520 | return 1; |
| 1521 | } | 1521 | } |
| 1522 | 1522 | ||
| 1523 | if (!CBS_get_u16_length_prefixed(cbs, &key_exchange)) | 1523 | if (!CBS_get_u16_length_prefixed(cbs, &key_exchange)) |
| 1524 | return 0; | 1524 | return 0; |
| 1525 | 1525 | ||
| 1526 | if (S3I(s)->hs_tls13.key_share == NULL) | 1526 | if (S3I(s)->hs.tls13.key_share == NULL) |
| 1527 | return 0; | 1527 | return 0; |
| 1528 | 1528 | ||
| 1529 | if (!tls13_key_share_peer_public(S3I(s)->hs_tls13.key_share, | 1529 | if (!tls13_key_share_peer_public(S3I(s)->hs.tls13.key_share, |
| 1530 | group, &key_exchange)) | 1530 | group, &key_exchange)) |
| 1531 | goto err; | 1531 | goto err; |
| 1532 | 1532 | ||
| @@ -1639,7 +1639,7 @@ tlsext_versions_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 1639 | } | 1639 | } |
| 1640 | 1640 | ||
| 1641 | /* XXX test between min and max once initialization code goes in */ | 1641 | /* XXX test between min and max once initialization code goes in */ |
| 1642 | S3I(s)->hs_tls13.server_version = selected_version; | 1642 | S3I(s)->hs.tls13.server_version = selected_version; |
| 1643 | 1643 | ||
| 1644 | return 1; | 1644 | return 1; |
| 1645 | } | 1645 | } |
| @@ -1653,7 +1653,7 @@ int | |||
| 1653 | tlsext_cookie_client_needs(SSL *s, uint16_t msg_type) | 1653 | tlsext_cookie_client_needs(SSL *s, uint16_t msg_type) |
| 1654 | { | 1654 | { |
| 1655 | return (S3I(s)->hs.our_max_tls_version >= TLS1_3_VERSION && | 1655 | return (S3I(s)->hs.our_max_tls_version >= TLS1_3_VERSION && |
| 1656 | S3I(s)->hs_tls13.cookie_len > 0 && S3I(s)->hs_tls13.cookie != NULL); | 1656 | S3I(s)->hs.tls13.cookie_len > 0 && S3I(s)->hs.tls13.cookie != NULL); |
| 1657 | } | 1657 | } |
| 1658 | 1658 | ||
| 1659 | int | 1659 | int |
| @@ -1664,8 +1664,8 @@ tlsext_cookie_client_build(SSL *s, uint16_t msg_type, CBB *cbb) | |||
| 1664 | if (!CBB_add_u16_length_prefixed(cbb, &cookie)) | 1664 | if (!CBB_add_u16_length_prefixed(cbb, &cookie)) |
| 1665 | return 0; | 1665 | return 0; |
| 1666 | 1666 | ||
| 1667 | if (!CBB_add_bytes(&cookie, S3I(s)->hs_tls13.cookie, | 1667 | if (!CBB_add_bytes(&cookie, S3I(s)->hs.tls13.cookie, |
| 1668 | S3I(s)->hs_tls13.cookie_len)) | 1668 | S3I(s)->hs.tls13.cookie_len)) |
| 1669 | return 0; | 1669 | return 0; |
| 1670 | 1670 | ||
| 1671 | if (!CBB_flush(cbb)) | 1671 | if (!CBB_flush(cbb)) |
| @@ -1682,7 +1682,7 @@ tlsext_cookie_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 1682 | if (!CBS_get_u16_length_prefixed(cbs, &cookie)) | 1682 | if (!CBS_get_u16_length_prefixed(cbs, &cookie)) |
| 1683 | goto err; | 1683 | goto err; |
| 1684 | 1684 | ||
| 1685 | if (CBS_len(&cookie) != S3I(s)->hs_tls13.cookie_len) | 1685 | if (CBS_len(&cookie) != S3I(s)->hs.tls13.cookie_len) |
| 1686 | goto err; | 1686 | goto err; |
| 1687 | 1687 | ||
| 1688 | /* | 1688 | /* |
| @@ -1690,8 +1690,8 @@ tlsext_cookie_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 1690 | * sent - client *MUST* send the same cookie with new CR after | 1690 | * sent - client *MUST* send the same cookie with new CR after |
| 1691 | * a cookie is sent by the server with an HRR. | 1691 | * a cookie is sent by the server with an HRR. |
| 1692 | */ | 1692 | */ |
| 1693 | if (!CBS_mem_equal(&cookie, S3I(s)->hs_tls13.cookie, | 1693 | if (!CBS_mem_equal(&cookie, S3I(s)->hs.tls13.cookie, |
| 1694 | S3I(s)->hs_tls13.cookie_len)) { | 1694 | S3I(s)->hs.tls13.cookie_len)) { |
| 1695 | /* XXX special cookie mismatch alert? */ | 1695 | /* XXX special cookie mismatch alert? */ |
| 1696 | *alert = SSL_AD_ILLEGAL_PARAMETER; | 1696 | *alert = SSL_AD_ILLEGAL_PARAMETER; |
| 1697 | return 0; | 1697 | return 0; |
| @@ -1712,7 +1712,7 @@ tlsext_cookie_server_needs(SSL *s, uint16_t msg_type) | |||
| 1712 | * in order to send one, should only be sent with HRR. | 1712 | * in order to send one, should only be sent with HRR. |
| 1713 | */ | 1713 | */ |
| 1714 | return (S3I(s)->hs.our_max_tls_version >= TLS1_3_VERSION && | 1714 | return (S3I(s)->hs.our_max_tls_version >= TLS1_3_VERSION && |
| 1715 | S3I(s)->hs_tls13.cookie_len > 0 && S3I(s)->hs_tls13.cookie != NULL); | 1715 | S3I(s)->hs.tls13.cookie_len > 0 && S3I(s)->hs.tls13.cookie != NULL); |
| 1716 | } | 1716 | } |
| 1717 | 1717 | ||
| 1718 | int | 1718 | int |
| @@ -1725,8 +1725,8 @@ tlsext_cookie_server_build(SSL *s, uint16_t msg_type, CBB *cbb) | |||
| 1725 | if (!CBB_add_u16_length_prefixed(cbb, &cookie)) | 1725 | if (!CBB_add_u16_length_prefixed(cbb, &cookie)) |
| 1726 | return 0; | 1726 | return 0; |
| 1727 | 1727 | ||
| 1728 | if (!CBB_add_bytes(&cookie, S3I(s)->hs_tls13.cookie, | 1728 | if (!CBB_add_bytes(&cookie, S3I(s)->hs.tls13.cookie, |
| 1729 | S3I(s)->hs_tls13.cookie_len)) | 1729 | S3I(s)->hs.tls13.cookie_len)) |
| 1730 | return 0; | 1730 | return 0; |
| 1731 | 1731 | ||
| 1732 | if (!CBB_flush(cbb)) | 1732 | if (!CBB_flush(cbb)) |
| @@ -1745,8 +1745,8 @@ tlsext_cookie_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 1745 | * HRR from a server with a cookie to process after accepting | 1745 | * HRR from a server with a cookie to process after accepting |
| 1746 | * one from the server in the same handshake | 1746 | * one from the server in the same handshake |
| 1747 | */ | 1747 | */ |
| 1748 | if (S3I(s)->hs_tls13.cookie != NULL || | 1748 | if (S3I(s)->hs.tls13.cookie != NULL || |
| 1749 | S3I(s)->hs_tls13.cookie_len != 0) { | 1749 | S3I(s)->hs.tls13.cookie_len != 0) { |
| 1750 | *alert = SSL_AD_ILLEGAL_PARAMETER; | 1750 | *alert = SSL_AD_ILLEGAL_PARAMETER; |
| 1751 | return 0; | 1751 | return 0; |
| 1752 | } | 1752 | } |
| @@ -1754,8 +1754,8 @@ tlsext_cookie_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 1754 | if (!CBS_get_u16_length_prefixed(cbs, &cookie)) | 1754 | if (!CBS_get_u16_length_prefixed(cbs, &cookie)) |
| 1755 | goto err; | 1755 | goto err; |
| 1756 | 1756 | ||
| 1757 | if (!CBS_stow(&cookie, &S3I(s)->hs_tls13.cookie, | 1757 | if (!CBS_stow(&cookie, &S3I(s)->hs.tls13.cookie, |
| 1758 | &S3I(s)->hs_tls13.cookie_len)) | 1758 | &S3I(s)->hs.tls13.cookie_len)) |
| 1759 | goto err; | 1759 | goto err; |
| 1760 | 1760 | ||
| 1761 | return 1; | 1761 | return 1; |