summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/ssl_locl.h5
-rw-r--r--src/lib/libssl/ssl_sess.c19
-rw-r--r--src/lib/libssl/t1_lib.c26
3 files changed, 23 insertions, 27 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 2f8ba1fc09..bd210cdce5 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.287 2020/09/01 05:32:11 tb Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.288 2020/09/01 12:40:53 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1403,8 +1403,7 @@ int ssl_check_serverhello_tlsext(SSL *s);
1403#define TLS1_TICKET_NOT_DECRYPTED 2 1403#define TLS1_TICKET_NOT_DECRYPTED 2
1404#define TLS1_TICKET_DECRYPTED 3 1404#define TLS1_TICKET_DECRYPTED 3
1405 1405
1406int tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, 1406int tls1_process_ticket(SSL *s, CBS *ext_block, int *alert, SSL_SESSION **ret);
1407 int *alert, SSL_SESSION **ret);
1408 1407
1409long ssl_get_algorithm2(SSL *s); 1408long ssl_get_algorithm2(SSL *s);
1410 1409
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index b953580d65..460c5d85f1 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_sess.c,v 1.91 2020/09/01 06:05:09 tb Exp $ */ 1/* $OpenBSD: ssl_sess.c,v 1.92 2020/09/01 12:40:53 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -420,7 +420,6 @@ ssl_get_new_session(SSL *s, int session)
420 * session_id: points at the session ID in the ClientHello. This code will 420 * session_id: points at the session ID in the ClientHello. This code will
421 * read past the end of this in order to parse out the session ticket 421 * read past the end of this in order to parse out the session ticket
422 * extension, if any. 422 * extension, if any.
423 * session_id_len: the length of the session ID.
424 * ext_block: a CBS for the ClientHello extensions block. 423 * ext_block: a CBS for the ClientHello extensions block.
425 * 424 *
426 * Returns: 425 * Returns:
@@ -438,6 +437,7 @@ int
438ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, int *alert) 437ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, int *alert)
439{ 438{
440 SSL_SESSION *sess = NULL; 439 SSL_SESSION *sess = NULL;
440 size_t session_id_len;
441 int alert_desc = SSL_AD_INTERNAL_ERROR, fatal = 0; 441 int alert_desc = SSL_AD_INTERNAL_ERROR, fatal = 0;
442 int try_session_cache = 1; 442 int try_session_cache = 1;
443 443
@@ -450,7 +450,7 @@ ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, int *alert)
450 try_session_cache = 0; 450 try_session_cache = 0;
451 451
452 /* Sets s->internal->tlsext_ticket_expected. */ 452 /* Sets s->internal->tlsext_ticket_expected. */
453 switch (tls1_process_ticket(s, session_id, ext_block, &alert_desc, &sess)) { 453 switch (tls1_process_ticket(s, ext_block, &alert_desc, &sess)) {
454 case TLS1_TICKET_FATAL_ERROR: 454 case TLS1_TICKET_FATAL_ERROR:
455 fatal = 1; 455 fatal = 1;
456 goto err; 456 goto err;
@@ -458,8 +458,21 @@ ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, int *alert)
458 case TLS1_TICKET_EMPTY: 458 case TLS1_TICKET_EMPTY:
459 break; /* Ok to carry on processing session id. */ 459 break; /* Ok to carry on processing session id. */
460 case TLS1_TICKET_NOT_DECRYPTED: 460 case TLS1_TICKET_NOT_DECRYPTED:
461 try_session_cache = 0;
462 goto err;
461 case TLS1_TICKET_DECRYPTED: 463 case TLS1_TICKET_DECRYPTED:
462 try_session_cache = 0; 464 try_session_cache = 0;
465
466 /*
467 * The session ID is used by some clients to detect that the
468 * ticket has been accepted so we copy it into sess.
469 */
470 if (!CBS_write_bytes(session_id, sess->session_id,
471 sizeof(sess->session_id), &session_id_len)) {
472 fatal = 1;
473 goto err;
474 }
475 sess->session_id_length = (unsigned int)session_id_len;
463 break; 476 break;
464 default: 477 default:
465 SSLerror(s, ERR_R_INTERNAL_ERROR); 478 SSLerror(s, ERR_R_INTERNAL_ERROR);
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 8162259c66..dc6ffae418 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.173 2020/09/01 05:38:48 tb Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.174 2020/09/01 12:40:53 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -122,7 +122,7 @@
122#include "ssl_sigalgs.h" 122#include "ssl_sigalgs.h"
123#include "ssl_tlsext.h" 123#include "ssl_tlsext.h"
124 124
125static int tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert, 125static int tls_decrypt_ticket(SSL *s, CBS *ticket, int *alert,
126 SSL_SESSION **psess); 126 SSL_SESSION **psess);
127 127
128SSL3_ENC_METHOD TLSv1_enc_data = { 128SSL3_ENC_METHOD TLSv1_enc_data = {
@@ -755,7 +755,6 @@ ssl_check_serverhello_tlsext(SSL *s)
755 * ClientHello, and other operations depend on the result, we need to handle 755 * ClientHello, and other operations depend on the result, we need to handle
756 * any TLS session ticket extension at the same time. 756 * any TLS session ticket extension at the same time.
757 * 757 *
758 * session_id: a CBS containing the session ID.
759 * ext_block: a CBS for the ClientHello extensions block. 758 * ext_block: a CBS for the ClientHello extensions block.
760 * ret: (output) on return, if a ticket was decrypted, then this is set to 759 * ret: (output) on return, if a ticket was decrypted, then this is set to
761 * point to the resulting session. 760 * point to the resulting session.
@@ -783,8 +782,7 @@ ssl_check_serverhello_tlsext(SSL *s)
783 * Otherwise, s->internal->tlsext_ticket_expected is set to 0. 782 * Otherwise, s->internal->tlsext_ticket_expected is set to 0.
784 */ 783 */
785int 784int
786tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, int *alert, 785tls1_process_ticket(SSL *s, CBS *ext_block, int *alert, SSL_SESSION **ret)
787 SSL_SESSION **ret)
788{ 786{
789 CBS extensions, ext_data; 787 CBS extensions, ext_data;
790 uint16_t ext_type = 0; 788 uint16_t ext_type = 0;
@@ -844,12 +842,11 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, int *alert,
844 return TLS1_TICKET_NOT_DECRYPTED; 842 return TLS1_TICKET_NOT_DECRYPTED;
845 } 843 }
846 844
847 return tls_decrypt_ticket(s, session_id, &ext_data, alert, ret); 845 return tls_decrypt_ticket(s, &ext_data, alert, ret);
848} 846}
849 847
850/* tls_decrypt_ticket attempts to decrypt a session ticket. 848/* tls_decrypt_ticket attempts to decrypt a session ticket.
851 * 849 *
852 * session_id: a CBS containing the session ID.
853 * ticket: a CBS containing the body of the session ticket extension. 850 * ticket: a CBS containing the body of the session ticket extension.
854 * psess: (output) on return, if a ticket was decrypted, then this is set to 851 * psess: (output) on return, if a ticket was decrypted, then this is set to
855 * point to the resulting session. 852 * point to the resulting session.
@@ -860,14 +857,12 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, int *alert,
860 * TLS1_TICKET_DECRYPTED: a ticket was decrypted and *psess was set. 857 * TLS1_TICKET_DECRYPTED: a ticket was decrypted and *psess was set.
861 */ 858 */
862static int 859static int
863tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert, 860tls_decrypt_ticket(SSL *s, CBS *ticket, int *alert, SSL_SESSION **psess)
864 SSL_SESSION **psess)
865{ 861{
866 CBS ticket_name, ticket_iv, ticket_encdata, ticket_hmac; 862 CBS ticket_name, ticket_iv, ticket_encdata, ticket_hmac;
867 SSL_SESSION *sess = NULL; 863 SSL_SESSION *sess = NULL;
868 unsigned char *sdec = NULL; 864 unsigned char *sdec = NULL;
869 size_t sdec_len = 0; 865 size_t sdec_len = 0;
870 size_t session_id_len;
871 const unsigned char *p; 866 const unsigned char *p;
872 unsigned char hmac[EVP_MAX_MD_SIZE]; 867 unsigned char hmac[EVP_MAX_MD_SIZE];
873 HMAC_CTX *hctx = NULL; 868 HMAC_CTX *hctx = NULL;
@@ -990,17 +985,6 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert,
990 p = sdec; 985 p = sdec;
991 if ((sess = d2i_SSL_SESSION(NULL, &p, slen)) == NULL) 986 if ((sess = d2i_SSL_SESSION(NULL, &p, slen)) == NULL)
992 goto derr; 987 goto derr;
993
994 /*
995 * The session ID, if non-empty, is used by some clients to detect that
996 * the ticket has been accepted. So we copy it to the session structure.
997 * If it is empty set length to zero as required by standard.
998 */
999 if (!CBS_write_bytes(session_id, sess->session_id,
1000 sizeof(sess->session_id), &session_id_len))
1001 goto err;
1002 sess->session_id_length = (unsigned int)session_id_len;
1003
1004 *psess = sess; 988 *psess = sess;
1005 sess = NULL; 989 sess = NULL;
1006 990
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-19 12:51:37 +0000