diff options
Diffstat (limited to 'src/lib/libssl/t1_lib.c')
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 140 | 
1 files changed, 70 insertions, 70 deletions
| diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 0dbd83fecf..f0a9ed5dc1 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.102 2017/01/23 05:13:02 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.103 2017/01/23 06:45:30 beck Exp $ */ | 
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 
| 3 | * All rights reserved. | 3 | * All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -201,7 +201,7 @@ tls1_free(SSL *s) | |||
| 201 | if (s == NULL) | 201 | if (s == NULL) | 
| 202 | return; | 202 | return; | 
| 203 | 203 | ||
| 204 | free(s->tlsext_session_ticket); | 204 | free(s->internal->tlsext_session_ticket); | 
| 205 | ssl3_free(s); | 205 | ssl3_free(s); | 
| 206 | } | 206 | } | 
| 207 | 207 | ||
| @@ -376,8 +376,8 @@ tls1_get_formatlist(SSL *s, int client_formats, const uint8_t **pformats, | |||
| 376 | return; | 376 | return; | 
| 377 | } | 377 | } | 
| 378 | 378 | ||
| 379 | *pformats = s->tlsext_ecpointformatlist; | 379 | *pformats = s->internal->tlsext_ecpointformatlist; | 
| 380 | *pformatslen = s->tlsext_ecpointformatlist_length; | 380 | *pformatslen = s->internal->tlsext_ecpointformatlist_length; | 
| 381 | if (*pformats == NULL) { | 381 | if (*pformats == NULL) { | 
| 382 | *pformats = ecformats_default; | 382 | *pformats = ecformats_default; | 
| 383 | *pformatslen = sizeof(ecformats_default); | 383 | *pformatslen = sizeof(ecformats_default); | 
| @@ -399,8 +399,8 @@ tls1_get_curvelist(SSL *s, int client_curves, const uint16_t **pcurves, | |||
| 399 | return; | 399 | return; | 
| 400 | } | 400 | } | 
| 401 | 401 | ||
| 402 | *pcurves = s->tlsext_ellipticcurvelist; | 402 | *pcurves = s->internal->tlsext_ellipticcurvelist; | 
| 403 | *pcurveslen = s->tlsext_ellipticcurvelist_length; | 403 | *pcurveslen = s->internal->tlsext_ellipticcurvelist_length; | 
| 404 | if (*pcurves == NULL) { | 404 | if (*pcurves == NULL) { | 
| 405 | *pcurves = eccurves_default; | 405 | *pcurves = eccurves_default; | 
| 406 | *pcurveslen = sizeof(eccurves_default) / 2; | 406 | *pcurveslen = sizeof(eccurves_default) / 2; | 
| @@ -690,7 +690,7 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 690 | } | 690 | } | 
| 691 | 691 | ||
| 692 | /* Add RI if renegotiating */ | 692 | /* Add RI if renegotiating */ | 
| 693 | if (s->renegotiate) { | 693 | if (s->internal->renegotiate) { | 
| 694 | int el; | 694 | int el; | 
| 695 | 695 | ||
| 696 | if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) { | 696 | if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) { | 
| @@ -775,21 +775,21 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 775 | 775 | ||
| 776 | if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { | 776 | if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { | 
| 777 | int ticklen; | 777 | int ticklen; | 
| 778 | if (!s->new_session && s->session && s->session->tlsext_tick) | 778 | if (!s->internal->new_session && s->session && s->session->tlsext_tick) | 
| 779 | ticklen = s->session->tlsext_ticklen; | 779 | ticklen = s->session->tlsext_ticklen; | 
| 780 | else if (s->session && s->tlsext_session_ticket && | 780 | else if (s->session && s->internal->tlsext_session_ticket && | 
| 781 | s->tlsext_session_ticket->data) { | 781 | s->internal->tlsext_session_ticket->data) { | 
| 782 | ticklen = s->tlsext_session_ticket->length; | 782 | ticklen = s->internal->tlsext_session_ticket->length; | 
| 783 | s->session->tlsext_tick = malloc(ticklen); | 783 | s->session->tlsext_tick = malloc(ticklen); | 
| 784 | if (!s->session->tlsext_tick) | 784 | if (!s->session->tlsext_tick) | 
| 785 | return NULL; | 785 | return NULL; | 
| 786 | memcpy(s->session->tlsext_tick, | 786 | memcpy(s->session->tlsext_tick, | 
| 787 | s->tlsext_session_ticket->data, ticklen); | 787 | s->internal->tlsext_session_ticket->data, ticklen); | 
| 788 | s->session->tlsext_ticklen = ticklen; | 788 | s->session->tlsext_ticklen = ticklen; | 
| 789 | } else | 789 | } else | 
| 790 | ticklen = 0; | 790 | ticklen = 0; | 
| 791 | if (ticklen == 0 && s->tlsext_session_ticket && | 791 | if (ticklen == 0 && s->internal->tlsext_session_ticket && | 
| 792 | s->tlsext_session_ticket->data == NULL) | 792 | s->internal->tlsext_session_ticket->data == NULL) | 
| 793 | goto skip_ext; | 793 | goto skip_ext; | 
| 794 | /* Check for enough room 2 for extension type, 2 for len | 794 | /* Check for enough room 2 for extension type, 2 for len | 
| 795 | * rest for ticket | 795 | * rest for ticket | 
| @@ -824,16 +824,16 @@ skip_ext: | |||
| 824 | OCSP_RESPID *id; | 824 | OCSP_RESPID *id; | 
| 825 | 825 | ||
| 826 | idlen = 0; | 826 | idlen = 0; | 
| 827 | for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) { | 827 | for (i = 0; i < sk_OCSP_RESPID_num(s->internal->tlsext_ocsp_ids); i++) { | 
| 828 | id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i); | 828 | id = sk_OCSP_RESPID_value(s->internal->tlsext_ocsp_ids, i); | 
| 829 | itmp = i2d_OCSP_RESPID(id, NULL); | 829 | itmp = i2d_OCSP_RESPID(id, NULL); | 
| 830 | if (itmp <= 0) | 830 | if (itmp <= 0) | 
| 831 | return NULL; | 831 | return NULL; | 
| 832 | idlen += itmp + 2; | 832 | idlen += itmp + 2; | 
| 833 | } | 833 | } | 
| 834 | 834 | ||
| 835 | if (s->tlsext_ocsp_exts) { | 835 | if (s->internal->tlsext_ocsp_exts) { | 
| 836 | extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL); | 836 | extlen = i2d_X509_EXTENSIONS(s->internal->tlsext_ocsp_exts, NULL); | 
| 837 | if (extlen < 0) | 837 | if (extlen < 0) | 
| 838 | return NULL; | 838 | return NULL; | 
| 839 | } else | 839 | } else | 
| @@ -847,10 +847,10 @@ skip_ext: | |||
| 847 | s2n(extlen + idlen + 5, ret); | 847 | s2n(extlen + idlen + 5, ret); | 
| 848 | *(ret++) = TLSEXT_STATUSTYPE_ocsp; | 848 | *(ret++) = TLSEXT_STATUSTYPE_ocsp; | 
| 849 | s2n(idlen, ret); | 849 | s2n(idlen, ret); | 
| 850 | for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) { | 850 | for (i = 0; i < sk_OCSP_RESPID_num(s->internal->tlsext_ocsp_ids); i++) { | 
| 851 | /* save position of id len */ | 851 | /* save position of id len */ | 
| 852 | unsigned char *q = ret; | 852 | unsigned char *q = ret; | 
| 853 | id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i); | 853 | id = sk_OCSP_RESPID_value(s->internal->tlsext_ocsp_ids, i); | 
| 854 | /* skip over id len */ | 854 | /* skip over id len */ | 
| 855 | ret += 2; | 855 | ret += 2; | 
| 856 | itmp = i2d_OCSP_RESPID(id, &ret); | 856 | itmp = i2d_OCSP_RESPID(id, &ret); | 
| @@ -859,7 +859,7 @@ skip_ext: | |||
| 859 | } | 859 | } | 
| 860 | s2n(extlen, ret); | 860 | s2n(extlen, ret); | 
| 861 | if (extlen > 0) | 861 | if (extlen > 0) | 
| 862 | i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret); | 862 | i2d_X509_EXTENSIONS(s->internal->tlsext_ocsp_exts, &ret); | 
| 863 | } | 863 | } | 
| 864 | 864 | ||
| 865 | if (s->ctx->internal->next_proto_select_cb && | 865 | if (s->ctx->internal->next_proto_select_cb && | 
| @@ -917,7 +917,7 @@ skip_ext: | |||
| 917 | * extensions it MUST always appear last. | 917 | * extensions it MUST always appear last. | 
| 918 | */ | 918 | */ | 
| 919 | if (s->options & SSL_OP_TLSEXT_PADDING) { | 919 | if (s->options & SSL_OP_TLSEXT_PADDING) { | 
| 920 | int hlen = ret - (unsigned char *)s->init_buf->data; | 920 | int hlen = ret - (unsigned char *)s->internal->init_buf->data; | 
| 921 | 921 | ||
| 922 | /* | 922 | /* | 
| 923 | * The code in s23_clnt.c to build ClientHello messages | 923 | * The code in s23_clnt.c to build ClientHello messages | 
| @@ -964,7 +964,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 964 | if (ret >= limit) | 964 | if (ret >= limit) | 
| 965 | return NULL; /* this really never occurs, but ... */ | 965 | return NULL; /* this really never occurs, but ... */ | 
| 966 | 966 | ||
| 967 | if (!s->hit && s->servername_done == 1 && | 967 | if (!s->internal->hit && s->internal->servername_done == 1 && | 
| 968 | s->session->tlsext_hostname != NULL) { | 968 | s->session->tlsext_hostname != NULL) { | 
| 969 | if ((size_t)(limit - ret) < 4) | 969 | if ((size_t)(limit - ret) < 4) | 
| 970 | return NULL; | 970 | return NULL; | 
| @@ -1030,7 +1030,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 1030 | * extension. | 1030 | * extension. | 
| 1031 | */ | 1031 | */ | 
| 1032 | 1032 | ||
| 1033 | if (s->tlsext_ticket_expected && | 1033 | if (s->internal->tlsext_ticket_expected && | 
| 1034 | !(SSL_get_options(s) & SSL_OP_NO_TICKET)) { | 1034 | !(SSL_get_options(s) & SSL_OP_NO_TICKET)) { | 
| 1035 | if ((size_t)(limit - ret) < 4) | 1035 | if ((size_t)(limit - ret) < 4) | 
| 1036 | return NULL; | 1036 | return NULL; | 
| @@ -1039,7 +1039,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 1039 | s2n(0, ret); | 1039 | s2n(0, ret); | 
| 1040 | } | 1040 | } | 
| 1041 | 1041 | ||
| 1042 | if (s->tlsext_status_expected) { | 1042 | if (s->internal->tlsext_status_expected) { | 
| 1043 | if ((size_t)(limit - ret) < 4) | 1043 | if ((size_t)(limit - ret) < 4) | 
| 1044 | return NULL; | 1044 | return NULL; | 
| 1045 | 1045 | ||
| @@ -1048,7 +1048,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 1048 | } | 1048 | } | 
| 1049 | 1049 | ||
| 1050 | #ifndef OPENSSL_NO_SRTP | 1050 | #ifndef OPENSSL_NO_SRTP | 
| 1051 | if (SSL_IS_DTLS(s) && s->srtp_profile) { | 1051 | if (SSL_IS_DTLS(s) && s->internal->srtp_profile) { | 
| 1052 | int el; | 1052 | int el; | 
| 1053 | 1053 | ||
| 1054 | ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0); | 1054 | ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0); | 
| @@ -1203,12 +1203,12 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1203 | int renegotiate_seen = 0; | 1203 | int renegotiate_seen = 0; | 
| 1204 | int sigalg_seen = 0; | 1204 | int sigalg_seen = 0; | 
| 1205 | 1205 | ||
| 1206 | s->servername_done = 0; | 1206 | s->internal->servername_done = 0; | 
| 1207 | s->tlsext_status_type = -1; | 1207 | s->tlsext_status_type = -1; | 
| 1208 | S3I(s)->next_proto_neg_seen = 0; | 1208 | S3I(s)->next_proto_neg_seen = 0; | 
| 1209 | free(S3I(s)->alpn_selected); | 1209 | free(S3I(s)->alpn_selected); | 
| 1210 | S3I(s)->alpn_selected = NULL; | 1210 | S3I(s)->alpn_selected = NULL; | 
| 1211 | s->srtp_profile = NULL; | 1211 | s->internal->srtp_profile = NULL; | 
| 1212 | 1212 | ||
| 1213 | if (data == end) | 1213 | if (data == end) | 
| 1214 | goto ri_check; | 1214 | goto ri_check; | 
| @@ -1281,10 +1281,10 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1281 | *al = SSL_AD_DECODE_ERROR; | 1281 | *al = SSL_AD_DECODE_ERROR; | 
| 1282 | return 0; | 1282 | return 0; | 
| 1283 | } | 1283 | } | 
| 1284 | if (s->servername_done == 0) | 1284 | if (s->internal->servername_done == 0) | 
| 1285 | switch (servname_type) { | 1285 | switch (servname_type) { | 
| 1286 | case TLSEXT_NAMETYPE_host_name: | 1286 | case TLSEXT_NAMETYPE_host_name: | 
| 1287 | if (!s->hit) { | 1287 | if (!s->internal->hit) { | 
| 1288 | if (s->session->tlsext_hostname) { | 1288 | if (s->session->tlsext_hostname) { | 
| 1289 | *al = SSL_AD_DECODE_ERROR; | 1289 | *al = SSL_AD_DECODE_ERROR; | 
| 1290 | return 0; | 1290 | return 0; | 
| @@ -1306,11 +1306,11 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1306 | *al = TLS1_AD_UNRECOGNIZED_NAME; | 1306 | *al = TLS1_AD_UNRECOGNIZED_NAME; | 
| 1307 | return 0; | 1307 | return 0; | 
| 1308 | } | 1308 | } | 
| 1309 | s->servername_done = 1; | 1309 | s->internal->servername_done = 1; | 
| 1310 | 1310 | ||
| 1311 | 1311 | ||
| 1312 | } else { | 1312 | } else { | 
| 1313 | s->servername_done = s->session->tlsext_hostname && | 1313 | s->internal->servername_done = s->session->tlsext_hostname && | 
| 1314 | strlen(s->session->tlsext_hostname) == len && | 1314 | strlen(s->session->tlsext_hostname) == len && | 
| 1315 | strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0; | 1315 | strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0; | 
| 1316 | } | 1316 | } | 
| @@ -1345,7 +1345,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1345 | return 0; | 1345 | return 0; | 
| 1346 | } | 1346 | } | 
| 1347 | 1347 | ||
| 1348 | if (!s->hit) { | 1348 | if (!s->internal->hit) { | 
| 1349 | free(SSI(s)->tlsext_ecpointformatlist); | 1349 | free(SSI(s)->tlsext_ecpointformatlist); | 
| 1350 | SSI(s)->tlsext_ecpointformatlist = NULL; | 1350 | SSI(s)->tlsext_ecpointformatlist = NULL; | 
| 1351 | SSI(s)->tlsext_ecpointformatlist_length = 0; | 1351 | SSI(s)->tlsext_ecpointformatlist_length = 0; | 
| @@ -1377,7 +1377,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1377 | } | 1377 | } | 
| 1378 | curveslen /= 2; | 1378 | curveslen /= 2; | 
| 1379 | 1379 | ||
| 1380 | if (!s->hit) { | 1380 | if (!s->internal->hit) { | 
| 1381 | if (SSI(s)->tlsext_ellipticcurvelist) { | 1381 | if (SSI(s)->tlsext_ellipticcurvelist) { | 
| 1382 | *al = TLS1_AD_DECODE_ERROR; | 1382 | *al = TLS1_AD_DECODE_ERROR; | 
| 1383 | return 0; | 1383 | return 0; | 
| @@ -1447,13 +1447,13 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1447 | * previous handshake to prevent | 1447 | * previous handshake to prevent | 
| 1448 | * unbounded memory growth. | 1448 | * unbounded memory growth. | 
| 1449 | */ | 1449 | */ | 
| 1450 | sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, | 1450 | sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, | 
| 1451 | OCSP_RESPID_free); | 1451 | OCSP_RESPID_free); | 
| 1452 | s->tlsext_ocsp_ids = NULL; | 1452 | s->internal->tlsext_ocsp_ids = NULL; | 
| 1453 | if (dsize > 0) { | 1453 | if (dsize > 0) { | 
| 1454 | s->tlsext_ocsp_ids = | 1454 | s->internal->tlsext_ocsp_ids = | 
| 1455 | sk_OCSP_RESPID_new_null(); | 1455 | sk_OCSP_RESPID_new_null(); | 
| 1456 | if (s->tlsext_ocsp_ids == NULL) { | 1456 | if (s->internal->tlsext_ocsp_ids == NULL) { | 
| 1457 | *al = SSL_AD_INTERNAL_ERROR; | 1457 | *al = SSL_AD_INTERNAL_ERROR; | 
| 1458 | return 0; | 1458 | return 0; | 
| 1459 | } | 1459 | } | 
| @@ -1487,7 +1487,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1487 | return 0; | 1487 | return 0; | 
| 1488 | } | 1488 | } | 
| 1489 | if (!sk_OCSP_RESPID_push( | 1489 | if (!sk_OCSP_RESPID_push( | 
| 1490 | s->tlsext_ocsp_ids, id)) { | 1490 | s->internal->tlsext_ocsp_ids, id)) { | 
| 1491 | OCSP_RESPID_free(id); | 1491 | OCSP_RESPID_free(id); | 
| 1492 | *al = SSL_AD_INTERNAL_ERROR; | 1492 | *al = SSL_AD_INTERNAL_ERROR; | 
| 1493 | return 0; | 1493 | return 0; | 
| @@ -1507,15 +1507,15 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1507 | } | 1507 | } | 
| 1508 | sdata = data; | 1508 | sdata = data; | 
| 1509 | if (dsize > 0) { | 1509 | if (dsize > 0) { | 
| 1510 | if (s->tlsext_ocsp_exts) { | 1510 | if (s->internal->tlsext_ocsp_exts) { | 
| 1511 | sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, | 1511 | sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, | 
| 1512 | X509_EXTENSION_free); | 1512 | X509_EXTENSION_free); | 
| 1513 | } | 1513 | } | 
| 1514 | 1514 | ||
| 1515 | s->tlsext_ocsp_exts = | 1515 | s->internal->tlsext_ocsp_exts = | 
| 1516 | d2i_X509_EXTENSIONS(NULL, | 1516 | d2i_X509_EXTENSIONS(NULL, | 
| 1517 | &sdata, dsize); | 1517 | &sdata, dsize); | 
| 1518 | if (!s->tlsext_ocsp_exts || | 1518 | if (!s->internal->tlsext_ocsp_exts || | 
| 1519 | (data + dsize != sdata)) { | 1519 | (data + dsize != sdata)) { | 
| 1520 | *al = SSL_AD_DECODE_ERROR; | 1520 | *al = SSL_AD_DECODE_ERROR; | 
| 1521 | return 0; | 1521 | return 0; | 
| @@ -1534,7 +1534,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1534 | /* We shouldn't accept this extension on a | 1534 | /* We shouldn't accept this extension on a | 
| 1535 | * renegotiation. | 1535 | * renegotiation. | 
| 1536 | * | 1536 | * | 
| 1537 | * s->new_session will be set on renegotiation, but we | 1537 | * s->internal->new_session will be set on renegotiation, but we | 
| 1538 | * probably shouldn't rely that it couldn't be set on | 1538 | * probably shouldn't rely that it couldn't be set on | 
| 1539 | * the initial renegotation too in certain cases (when | 1539 | * the initial renegotation too in certain cases (when | 
| 1540 | * there's some other reason to disallow resuming an | 1540 | * there's some other reason to disallow resuming an | 
| @@ -1580,7 +1580,7 @@ ri_check: | |||
| 1580 | 1580 | ||
| 1581 | /* Need RI if renegotiating */ | 1581 | /* Need RI if renegotiating */ | 
| 1582 | 1582 | ||
| 1583 | if (!renegotiate_seen && s->renegotiate) { | 1583 | if (!renegotiate_seen && s->internal->renegotiate) { | 
| 1584 | *al = SSL_AD_HANDSHAKE_FAILURE; | 1584 | *al = SSL_AD_HANDSHAKE_FAILURE; | 
| 1585 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, | 1585 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, | 
| 1586 | SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); | 1586 | SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); | 
| @@ -1673,7 +1673,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al) | |||
| 1673 | return 0; | 1673 | return 0; | 
| 1674 | } | 1674 | } | 
| 1675 | 1675 | ||
| 1676 | if (!s->hit) { | 1676 | if (!s->internal->hit) { | 
| 1677 | free(SSI(s)->tlsext_ecpointformatlist); | 1677 | free(SSI(s)->tlsext_ecpointformatlist); | 
| 1678 | SSI(s)->tlsext_ecpointformatlist = NULL; | 1678 | SSI(s)->tlsext_ecpointformatlist = NULL; | 
| 1679 | SSI(s)->tlsext_ecpointformatlist_length = 0; | 1679 | SSI(s)->tlsext_ecpointformatlist_length = 0; | 
| @@ -1699,7 +1699,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al) | |||
| 1699 | *al = TLS1_AD_UNSUPPORTED_EXTENSION; | 1699 | *al = TLS1_AD_UNSUPPORTED_EXTENSION; | 
| 1700 | return 0; | 1700 | return 0; | 
| 1701 | } | 1701 | } | 
| 1702 | s->tlsext_ticket_expected = 1; | 1702 | s->internal->tlsext_ticket_expected = 1; | 
| 1703 | } | 1703 | } | 
| 1704 | else if (type == TLSEXT_TYPE_status_request && | 1704 | else if (type == TLSEXT_TYPE_status_request && | 
| 1705 | s->version != DTLS1_VERSION) { | 1705 | s->version != DTLS1_VERSION) { | 
| @@ -1711,7 +1711,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al) | |||
| 1711 | return 0; | 1711 | return 0; | 
| 1712 | } | 1712 | } | 
| 1713 | /* Set flag to expect CertificateStatus message */ | 1713 | /* Set flag to expect CertificateStatus message */ | 
| 1714 | s->tlsext_status_expected = 1; | 1714 | s->internal->tlsext_status_expected = 1; | 
| 1715 | } | 1715 | } | 
| 1716 | else if (type == TLSEXT_TYPE_next_proto_neg && | 1716 | else if (type == TLSEXT_TYPE_next_proto_neg && | 
| 1717 | S3I(s)->tmp.finish_md_len == 0) { | 1717 | S3I(s)->tmp.finish_md_len == 0) { | 
| @@ -1804,7 +1804,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al) | |||
| 1804 | return 0; | 1804 | return 0; | 
| 1805 | } | 1805 | } | 
| 1806 | 1806 | ||
| 1807 | if (!s->hit && tlsext_servername == 1) { | 1807 | if (!s->internal->hit && tlsext_servername == 1) { | 
| 1808 | if (s->tlsext_hostname) { | 1808 | if (s->tlsext_hostname) { | 
| 1809 | if (s->session->tlsext_hostname == NULL) { | 1809 | if (s->session->tlsext_hostname == NULL) { | 
| 1810 | s->session->tlsext_hostname = | 1810 | s->session->tlsext_hostname = | 
| @@ -1874,7 +1874,7 @@ ssl_check_clienthello_tlsext_early(SSL *s) | |||
| 1874 | ssl3_send_alert(s, SSL3_AL_WARNING, al); | 1874 | ssl3_send_alert(s, SSL3_AL_WARNING, al); | 
| 1875 | return 1; | 1875 | return 1; | 
| 1876 | case SSL_TLSEXT_ERR_NOACK: | 1876 | case SSL_TLSEXT_ERR_NOACK: | 
| 1877 | s->servername_done = 0; | 1877 | s->internal->servername_done = 0; | 
| 1878 | default: | 1878 | default: | 
| 1879 | return 1; | 1879 | return 1; | 
| 1880 | } | 1880 | } | 
| @@ -1898,7 +1898,7 @@ ssl_check_clienthello_tlsext_late(SSL *s) | |||
| 1898 | certpkey = ssl_get_server_send_pkey(s); | 1898 | certpkey = ssl_get_server_send_pkey(s); | 
| 1899 | /* If no certificate can't return certificate status */ | 1899 | /* If no certificate can't return certificate status */ | 
| 1900 | if (certpkey == NULL) { | 1900 | if (certpkey == NULL) { | 
| 1901 | s->tlsext_status_expected = 0; | 1901 | s->internal->tlsext_status_expected = 0; | 
| 1902 | return 1; | 1902 | return 1; | 
| 1903 | } | 1903 | } | 
| 1904 | /* Set current certificate to one we will use so | 1904 | /* Set current certificate to one we will use so | 
| @@ -1910,14 +1910,14 @@ ssl_check_clienthello_tlsext_late(SSL *s) | |||
| 1910 | switch (r) { | 1910 | switch (r) { | 
| 1911 | /* We don't want to send a status request response */ | 1911 | /* We don't want to send a status request response */ | 
| 1912 | case SSL_TLSEXT_ERR_NOACK: | 1912 | case SSL_TLSEXT_ERR_NOACK: | 
| 1913 | s->tlsext_status_expected = 0; | 1913 | s->internal->tlsext_status_expected = 0; | 
| 1914 | break; | 1914 | break; | 
| 1915 | /* status request response should be sent */ | 1915 | /* status request response should be sent */ | 
| 1916 | case SSL_TLSEXT_ERR_OK: | 1916 | case SSL_TLSEXT_ERR_OK: | 
| 1917 | if (s->tlsext_ocsp_resp) | 1917 | if (s->internal->tlsext_ocsp_resp) | 
| 1918 | s->tlsext_status_expected = 1; | 1918 | s->internal->tlsext_status_expected = 1; | 
| 1919 | else | 1919 | else | 
| 1920 | s->tlsext_status_expected = 0; | 1920 | s->internal->tlsext_status_expected = 0; | 
| 1921 | break; | 1921 | break; | 
| 1922 | /* something bad happened */ | 1922 | /* something bad happened */ | 
| 1923 | case SSL_TLSEXT_ERR_ALERT_FATAL: | 1923 | case SSL_TLSEXT_ERR_ALERT_FATAL: | 
| @@ -1926,7 +1926,7 @@ ssl_check_clienthello_tlsext_late(SSL *s) | |||
| 1926 | goto err; | 1926 | goto err; | 
| 1927 | } | 1927 | } | 
| 1928 | } else | 1928 | } else | 
| 1929 | s->tlsext_status_expected = 0; | 1929 | s->internal->tlsext_status_expected = 0; | 
| 1930 | 1930 | ||
| 1931 | err: | 1931 | err: | 
| 1932 | switch (ret) { | 1932 | switch (ret) { | 
| @@ -1953,8 +1953,8 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 1953 | */ | 1953 | */ | 
| 1954 | unsigned long alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey; | 1954 | unsigned long alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey; | 
| 1955 | unsigned long alg_a = S3I(s)->tmp.new_cipher->algorithm_auth; | 1955 | unsigned long alg_a = S3I(s)->tmp.new_cipher->algorithm_auth; | 
| 1956 | if ((s->tlsext_ecpointformatlist != NULL) && | 1956 | if ((s->internal->tlsext_ecpointformatlist != NULL) && | 
| 1957 | (s->tlsext_ecpointformatlist_length > 0) && | 1957 | (s->internal->tlsext_ecpointformatlist_length > 0) && | 
| 1958 | (SSI(s)->tlsext_ecpointformatlist != NULL) && | 1958 | (SSI(s)->tlsext_ecpointformatlist != NULL) && | 
| 1959 | (SSI(s)->tlsext_ecpointformatlist_length > 0) && | 1959 | (SSI(s)->tlsext_ecpointformatlist_length > 0) && | 
| 1960 | ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))) { | 1960 | ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))) { | 
| @@ -1986,15 +1986,15 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 1986 | /* If we've requested certificate status and we wont get one | 1986 | /* If we've requested certificate status and we wont get one | 
| 1987 | * tell the callback | 1987 | * tell the callback | 
| 1988 | */ | 1988 | */ | 
| 1989 | if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected) && | 1989 | if ((s->tlsext_status_type != -1) && !(s->internal->tlsext_status_expected) && | 
| 1990 | s->ctx && s->ctx->internal->tlsext_status_cb) { | 1990 | s->ctx && s->ctx->internal->tlsext_status_cb) { | 
| 1991 | int r; | 1991 | int r; | 
| 1992 | /* Set resp to NULL, resplen to -1 so callback knows | 1992 | /* Set resp to NULL, resplen to -1 so callback knows | 
| 1993 | * there is no response. | 1993 | * there is no response. | 
| 1994 | */ | 1994 | */ | 
| 1995 | free(s->tlsext_ocsp_resp); | 1995 | free(s->internal->tlsext_ocsp_resp); | 
| 1996 | s->tlsext_ocsp_resp = NULL; | 1996 | s->internal->tlsext_ocsp_resp = NULL; | 
| 1997 | s->tlsext_ocsp_resplen = -1; | 1997 | s->internal->tlsext_ocsp_resplen = -1; | 
| 1998 | r = s->ctx->internal->tlsext_status_cb(s, | 1998 | r = s->ctx->internal->tlsext_status_cb(s, | 
| 1999 | s->ctx->internal->tlsext_status_arg); | 1999 | s->ctx->internal->tlsext_status_arg); | 
| 2000 | if (r == 0) { | 2000 | if (r == 0) { | 
| @@ -2017,7 +2017,7 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 2017 | 2017 | ||
| 2018 | return 1; | 2018 | return 1; | 
| 2019 | case SSL_TLSEXT_ERR_NOACK: | 2019 | case SSL_TLSEXT_ERR_NOACK: | 
| 2020 | s->servername_done = 0; | 2020 | s->internal->servername_done = 0; | 
| 2021 | default: | 2021 | default: | 
| 2022 | return 1; | 2022 | return 1; | 
| 2023 | } | 2023 | } | 
| @@ -2037,7 +2037,7 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 2037 | * | 2037 | * | 
| 2038 | * If s->internal->tls_session_secret_cb is set then we are expecting a pre-shared key | 2038 | * If s->internal->tls_session_secret_cb is set then we are expecting a pre-shared key | 
| 2039 | * ciphersuite, in which case we have no use for session tickets and one will | 2039 | * ciphersuite, in which case we have no use for session tickets and one will | 
| 2040 | * never be decrypted, nor will s->tlsext_ticket_expected be set to 1. | 2040 | * never be decrypted, nor will s->internal->tlsext_ticket_expected be set to 1. | 
| 2041 | * | 2041 | * | 
| 2042 | * Returns: | 2042 | * Returns: | 
| 2043 | * -1: fatal error, either from parsing or decrypting the ticket. | 2043 | * -1: fatal error, either from parsing or decrypting the ticket. | 
| @@ -2049,12 +2049,12 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 2049 | * 3: a ticket was successfully decrypted and *ret was set. | 2049 | * 3: a ticket was successfully decrypted and *ret was set. | 
| 2050 | * | 2050 | * | 
| 2051 | * Side effects: | 2051 | * Side effects: | 
| 2052 | * Sets s->tlsext_ticket_expected to 1 if the server will have to issue | 2052 | * Sets s->internal->tlsext_ticket_expected to 1 if the server will have to issue | 
| 2053 | * a new session ticket to the client because the client indicated support | 2053 | * a new session ticket to the client because the client indicated support | 
| 2054 | * (and s->internal->tls_session_secret_cb is NULL) but the client either doesn't have | 2054 | * (and s->internal->tls_session_secret_cb is NULL) but the client either doesn't have | 
| 2055 | * a session ticket or we couldn't use the one it gave us, or if | 2055 | * a session ticket or we couldn't use the one it gave us, or if | 
| 2056 | * s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket. | 2056 | * s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket. | 
| 2057 | * Otherwise, s->tlsext_ticket_expected is set to 0. | 2057 | * Otherwise, s->internal->tlsext_ticket_expected is set to 0. | 
| 2058 | */ | 2058 | */ | 
| 2059 | int | 2059 | int | 
| 2060 | tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | 2060 | tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | 
| @@ -2064,7 +2064,7 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2064 | CBS session_id, cookie, cipher_list, compress_algo, extensions; | 2064 | CBS session_id, cookie, cipher_list, compress_algo, extensions; | 
| 2065 | 2065 | ||
| 2066 | *ret = NULL; | 2066 | *ret = NULL; | 
| 2067 | s->tlsext_ticket_expected = 0; | 2067 | s->internal->tlsext_ticket_expected = 0; | 
| 2068 | 2068 | ||
| 2069 | /* If tickets disabled behave as if no ticket present | 2069 | /* If tickets disabled behave as if no ticket present | 
| 2070 | * to permit stateful resumption. | 2070 | * to permit stateful resumption. | 
| @@ -2116,7 +2116,7 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2116 | if (CBS_len(&ext_data) == 0) { | 2116 | if (CBS_len(&ext_data) == 0) { | 
| 2117 | /* The client will accept a ticket but doesn't | 2117 | /* The client will accept a ticket but doesn't | 
| 2118 | * currently have one. */ | 2118 | * currently have one. */ | 
| 2119 | s->tlsext_ticket_expected = 1; | 2119 | s->internal->tlsext_ticket_expected = 1; | 
| 2120 | return 1; | 2120 | return 1; | 
| 2121 | } | 2121 | } | 
| 2122 | if (s->internal->tls_session_secret_cb) { | 2122 | if (s->internal->tls_session_secret_cb) { | 
| @@ -2133,12 +2133,12 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2133 | 2133 | ||
| 2134 | switch (r) { | 2134 | switch (r) { | 
| 2135 | case 2: /* ticket couldn't be decrypted */ | 2135 | case 2: /* ticket couldn't be decrypted */ | 
| 2136 | s->tlsext_ticket_expected = 1; | 2136 | s->internal->tlsext_ticket_expected = 1; | 
| 2137 | return 2; | 2137 | return 2; | 
| 2138 | case 3: /* ticket was decrypted */ | 2138 | case 3: /* ticket was decrypted */ | 
| 2139 | return r; | 2139 | return r; | 
| 2140 | case 4: /* ticket decrypted but need to renew */ | 2140 | case 4: /* ticket decrypted but need to renew */ | 
| 2141 | s->tlsext_ticket_expected = 1; | 2141 | s->internal->tlsext_ticket_expected = 1; | 
| 2142 | return 3; | 2142 | return 3; | 
| 2143 | default: /* fatal error */ | 2143 | default: /* fatal error */ | 
| 2144 | return -1; | 2144 | return -1; | 
