diff options
Diffstat (limited to 'src/lib/libssl/t1_lib.c')
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 1191f9201e..59146eb767 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.169 2020/08/09 16:25:54 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.170 2020/08/31 14:04:51 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -122,7 +122,7 @@ | |||
| 122 | #include "ssl_sigalgs.h" | 122 | #include "ssl_sigalgs.h" |
| 123 | #include "ssl_tlsext.h" | 123 | #include "ssl_tlsext.h" |
| 124 | 124 | ||
| 125 | static int tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, | 125 | static int tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert, |
| 126 | SSL_SESSION **psess); | 126 | SSL_SESSION **psess); |
| 127 | 127 | ||
| 128 | SSL3_ENC_METHOD TLSv1_enc_data = { | 128 | SSL3_ENC_METHOD TLSv1_enc_data = { |
| @@ -782,7 +782,8 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 782 | * Otherwise, s->internal->tlsext_ticket_expected is set to 0. | 782 | * Otherwise, s->internal->tlsext_ticket_expected is set to 0. |
| 783 | */ | 783 | */ |
| 784 | int | 784 | int |
| 785 | tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, SSL_SESSION **ret) | 785 | tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, int *alert, |
| 786 | SSL_SESSION **ret) | ||
| 786 | { | 787 | { |
| 787 | CBS extensions, ext_data; | 788 | CBS extensions, ext_data; |
| 788 | uint16_t ext_type = 0; | 789 | uint16_t ext_type = 0; |
| @@ -805,13 +806,17 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, SSL_SESSION **ret) | |||
| 805 | if (CBS_len(ext_block) == 0) | 806 | if (CBS_len(ext_block) == 0) |
| 806 | return 0; | 807 | return 0; |
| 807 | 808 | ||
| 808 | if (!CBS_get_u16_length_prefixed(ext_block, &extensions)) | 809 | if (!CBS_get_u16_length_prefixed(ext_block, &extensions)) { |
| 810 | *alert = SSL_AD_DECODE_ERROR; | ||
| 809 | return -1; | 811 | return -1; |
| 812 | } | ||
| 810 | 813 | ||
| 811 | while (CBS_len(&extensions) > 0) { | 814 | while (CBS_len(&extensions) > 0) { |
| 812 | if (!CBS_get_u16(&extensions, &ext_type) || | 815 | if (!CBS_get_u16(&extensions, &ext_type) || |
| 813 | !CBS_get_u16_length_prefixed(&extensions, &ext_data)) | 816 | !CBS_get_u16_length_prefixed(&extensions, &ext_data)) { |
| 817 | *alert = SSL_AD_DECODE_ERROR; | ||
| 814 | return -1; | 818 | return -1; |
| 819 | } | ||
| 815 | 820 | ||
| 816 | if (ext_type == TLSEXT_TYPE_session_ticket) | 821 | if (ext_type == TLSEXT_TYPE_session_ticket) |
| 817 | break; | 822 | break; |
| @@ -839,7 +844,7 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, SSL_SESSION **ret) | |||
| 839 | return 2; | 844 | return 2; |
| 840 | } | 845 | } |
| 841 | 846 | ||
| 842 | r = tls_decrypt_ticket(s, session_id, &ext_data, ret); | 847 | r = tls_decrypt_ticket(s, session_id, &ext_data, alert, ret); |
| 843 | switch (r) { | 848 | switch (r) { |
| 844 | case 2: /* ticket couldn't be decrypted */ | 849 | case 2: /* ticket couldn't be decrypted */ |
| 845 | s->internal->tlsext_ticket_expected = 1; | 850 | s->internal->tlsext_ticket_expected = 1; |
| @@ -868,7 +873,8 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, SSL_SESSION **ret) | |||
| 868 | * 4: same as 3, but the ticket needs to be renewed. | 873 | * 4: same as 3, but the ticket needs to be renewed. |
| 869 | */ | 874 | */ |
| 870 | static int | 875 | static int |
| 871 | tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess) | 876 | tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert, |
| 877 | SSL_SESSION **psess) | ||
| 872 | { | 878 | { |
| 873 | CBS ticket_name, ticket_iv, ticket_encdata, ticket_hmac; | 879 | CBS ticket_name, ticket_iv, ticket_encdata, ticket_hmac; |
| 874 | SSL_SESSION *sess = NULL; | 880 | SSL_SESSION *sess = NULL; |
| @@ -883,6 +889,7 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess) | |||
| 883 | int slen, hlen; | 889 | int slen, hlen; |
| 884 | int renew_ticket = 0; | 890 | int renew_ticket = 0; |
| 885 | int ret = -1; | 891 | int ret = -1; |
| 892 | int alert_desc = SSL_AD_INTERNAL_ERROR; | ||
| 886 | 893 | ||
| 887 | *psess = NULL; | 894 | *psess = NULL; |
| 888 | 895 | ||
| @@ -956,8 +963,10 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess) | |||
| 956 | goto derr; | 963 | goto derr; |
| 957 | if (!CBS_get_bytes(ticket, &ticket_hmac, hlen)) | 964 | if (!CBS_get_bytes(ticket, &ticket_hmac, hlen)) |
| 958 | goto derr; | 965 | goto derr; |
| 959 | if (CBS_len(ticket) != 0) | 966 | if (CBS_len(ticket) != 0) { |
| 967 | alert_desc = SSL_AD_DECODE_ERROR; | ||
| 960 | goto err; | 968 | goto err; |
| 969 | } | ||
| 961 | 970 | ||
| 962 | /* Check HMAC of encrypted ticket. */ | 971 | /* Check HMAC of encrypted ticket. */ |
| 963 | if (HMAC_Update(hctx, CBS_data(&ticket_name), | 972 | if (HMAC_Update(hctx, CBS_data(&ticket_name), |
| @@ -1020,6 +1029,7 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, SSL_SESSION **psess) | |||
| 1020 | goto done; | 1029 | goto done; |
| 1021 | 1030 | ||
| 1022 | err: | 1031 | err: |
| 1032 | *alert = alert_desc; | ||
| 1023 | ret = -1; | 1033 | ret = -1; |
| 1024 | goto done; | 1034 | goto done; |
| 1025 | 1035 | ||