1 files changed, 21 insertions, 44 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 1b2e0844fb..0a00e4da7f 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.143 2018/08/19 15:38:03 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.144 2018/08/24 18:10:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -815,11 +815,9 @@ ssl_check_serverhello_tlsext(SSL *s)
 * ClientHello, and other operations depend on the result, we need to handle
 * any TLS session ticket extension at the same time.
 *
- *   session_id: points at the session ID in the ClientHello. This code will
+ *   session_id: points at the session ID in the ClientHello.
- *       read past the end of this in order to parse out the session ticket
+ *   session_id_len: the length of the session ID.
- *       extension, if any.
+ *   ext_block: a CBS for the ClientHello extensions block.
- *   len: the length of the session ID.
- *   limit: a pointer to the first byte after the ClientHello.
 *   ret: (output) on return, if a ticket was decrypted, then this is set to
 *       point to the resulting session.
 *
@@ -845,55 +843,34 @@ ssl_check_serverhello_tlsext(SSL *s)
 *   Otherwise, s->internal->tlsext_ticket_expected is set to 0.
 */
 int
-tls1_process_ticket(SSL *s, const unsigned char *session, int session_len,
+tls1_process_ticket(SSL *s, const unsigned char *session_id, int session_id_len,
-    const unsigned char *limit, SSL_SESSION **ret)
+    CBS *ext_block, SSL_SESSION **ret)
 {
-        /* Point after session ID in client hello */
+        CBS extensions;
-        CBS session_id, cookie, cipher_list, compress_algo, extensions;
-        *ret = NULL;
        s->internal->tlsext_ticket_expected = 0;
+        *ret = NULL;
-        /* If tickets disabled behave as if no ticket present
+        /*
-         * to permit stateful resumption.
+         * If tickets disabled behave as if no ticket present to permit stateful
+         * resumption.
         */
        if (SSL_get_options(s) & SSL_OP_NO_TICKET)
                return 0;
-        if (!limit)
-                return 0;
-        if (limit < session)
-                return -1;
-        CBS_init(&session_id, session, limit - session);
+        /*
+         * An empty extensions block is valid, but obviously does not contain
-        /* Skip past the session id */
+         * a session ticket.
-        if (!CBS_skip(&session_id, session_len))
+         */
-                return -1;
+        if (CBS_len(ext_block) == 0)
-        /* Skip past DTLS cookie */
-        if (SSL_IS_DTLS(s)) {
-                if (!CBS_get_u8_length_prefixed(&session_id, &cookie))
-                        return -1;
-        }
-        /* Skip past cipher list */
-        if (!CBS_get_u16_length_prefixed(&session_id, &cipher_list))
-                return -1;
-        /* Skip past compression algorithm list */
-        if (!CBS_get_u8_length_prefixed(&session_id, &compress_algo))
-                return -1;
-        /* Now at start of extensions */
-        if (CBS_len(&session_id) == 0)
                return 0;
-        if (!CBS_get_u16_length_prefixed(&session_id, &extensions))
+        if (!CBS_get_u16_length_prefixed(ext_block, &extensions))
                return -1;
        while (CBS_len(&extensions) > 0) {
-                CBS ext_data;
                uint16_t ext_type;
+                CBS ext_data;
                if (!CBS_get_u16(&extensions, &ext_type) ||
                    !CBS_get_u16_length_prefixed(&extensions, &ext_data))
@@ -907,7 +884,7 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len,
                                s->internal->tlsext_ticket_expected = 1;
                                return 1;
                        }
-                        if (s->internal->tls_session_secret_cb) {
+                        if (s->internal->tls_session_secret_cb != NULL) {
                                /* Indicate that the ticket couldn't be
                                 * decrypted rather than generating the session
                                 * from ticket now, trigger abbreviated
@@ -917,7 +894,7 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len,
                        }
                        r = tls_decrypt_ticket(s, CBS_data(&ext_data),
-                            CBS_len(&ext_data), session, session_len, ret);
+                            CBS_len(&ext_data), session_id, session_id_len, ret);
                        switch (r) {
                        case 2: /* ticket couldn't be decrypted */

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 1b2e0844fb..0a00e4da7f 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.143 2018/08/19 15:38:03 jsing Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.144 2018/08/24 18:10:25 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -815,11 +815,9 @@ ssl_check_serverhello_tlsext(SSL *s)
815	* ClientHello, and other operations depend on the result, we need to handle	815	* ClientHello, and other operations depend on the result, we need to handle
816	* any TLS session ticket extension at the same time.	816	* any TLS session ticket extension at the same time.
817	*	817	*
818	* session_id: points at the session ID in the ClientHello. This code will	818	* session_id: points at the session ID in the ClientHello.
819	* read past the end of this in order to parse out the session ticket	819	* session_id_len: the length of the session ID.
820	* extension, if any.	820	* ext_block: a CBS for the ClientHello extensions block.
821	* len: the length of the session ID.
822	* limit: a pointer to the first byte after the ClientHello.
823	* ret: (output) on return, if a ticket was decrypted, then this is set to	821	* ret: (output) on return, if a ticket was decrypted, then this is set to
824	* point to the resulting session.	822	* point to the resulting session.
825	*	823	*
@@ -845,55 +843,34 @@ ssl_check_serverhello_tlsext(SSL *s)
845	* Otherwise, s->internal->tlsext_ticket_expected is set to 0.	843	* Otherwise, s->internal->tlsext_ticket_expected is set to 0.
846	*/	844	*/
847	int	845	int
848	tls1_process_ticket(SSL s, const unsigned char session, int session_len,	846	tls1_process_ticket(SSL s, const unsigned char session_id, int session_id_len,
849	const unsigned char limit, SSL_SESSION *ret)	847	CBS ext_block, SSL_SESSION *ret)
850	{	848	{
851	/* Point after session ID in client hello */	849	CBS extensions;
852	CBS session_id, cookie, cipher_list, compress_algo, extensions;
853		850
854	*ret = NULL;
855	s->internal->tlsext_ticket_expected = 0;	851	s->internal->tlsext_ticket_expected = 0;
		852	*ret = NULL;
856		853
857	/* If tickets disabled behave as if no ticket present	854	/*
858	* to permit stateful resumption.	855	* If tickets disabled behave as if no ticket present to permit stateful
		856	* resumption.
859	*/	857	*/
860	if (SSL_get_options(s) & SSL_OP_NO_TICKET)	858	if (SSL_get_options(s) & SSL_OP_NO_TICKET)
861	return 0;	859	return 0;
862	if (!limit)
863	return 0;
864
865	if (limit < session)
866	return -1;
867		860
868	CBS_init(&session_id, session, limit - session);	861	/*
869		862	* An empty extensions block is valid, but obviously does not contain
870	/* Skip past the session id */	863	* a session ticket.
871	if (!CBS_skip(&session_id, session_len))	864	*/
872	return -1;	865	if (CBS_len(ext_block) == 0)
873
874	/* Skip past DTLS cookie */
875	if (SSL_IS_DTLS(s)) {
876	if (!CBS_get_u8_length_prefixed(&session_id, &cookie))
877	return -1;
878	}
879
880	/* Skip past cipher list */
881	if (!CBS_get_u16_length_prefixed(&session_id, &cipher_list))
882	return -1;
883
884	/* Skip past compression algorithm list */
885	if (!CBS_get_u8_length_prefixed(&session_id, &compress_algo))
886	return -1;
887
888	/* Now at start of extensions */
889	if (CBS_len(&session_id) == 0)
890	return 0;	866	return 0;
891	if (!CBS_get_u16_length_prefixed(&session_id, &extensions))	867
		868	if (!CBS_get_u16_length_prefixed(ext_block, &extensions))
892	return -1;	869	return -1;
893		870
894	while (CBS_len(&extensions) > 0) {	871	while (CBS_len(&extensions) > 0) {
895	CBS ext_data;
896	uint16_t ext_type;	872	uint16_t ext_type;
		873	CBS ext_data;
897		874
898	if (!CBS_get_u16(&extensions, &ext_type) \|\|	875	if (!CBS_get_u16(&extensions, &ext_type) \|\|
899	!CBS_get_u16_length_prefixed(&extensions, &ext_data))	876	!CBS_get_u16_length_prefixed(&extensions, &ext_data))
@@ -907,7 +884,7 @@ tls1_process_ticket(SSL s, const unsigned char session, int session_len,
907	s->internal->tlsext_ticket_expected = 1;	884	s->internal->tlsext_ticket_expected = 1;
908	return 1;	885	return 1;
909	}	886	}
910	if (s->internal->tls_session_secret_cb) {	887	if (s->internal->tls_session_secret_cb != NULL) {
911	/* Indicate that the ticket couldn't be	888	/* Indicate that the ticket couldn't be
912	* decrypted rather than generating the session	889	* decrypted rather than generating the session
913	* from ticket now, trigger abbreviated	890	* from ticket now, trigger abbreviated
@@ -917,7 +894,7 @@ tls1_process_ticket(SSL s, const unsigned char session, int session_len,
917	}	894	}
918		895
919	r = tls_decrypt_ticket(s, CBS_data(&ext_data),	896	r = tls_decrypt_ticket(s, CBS_data(&ext_data),
920	CBS_len(&ext_data), session, session_len, ret);	897	CBS_len(&ext_data), session_id, session_id_len, ret);
921		898
922	switch (r) {	899	switch (r) {
923	case 2: /* ticket couldn't be decrypted */	900	case 2: /* ticket couldn't be decrypted */