summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/d1_both.c14
-rw-r--r--src/lib/libssl/ssl_both.c16
-rw-r--r--src/lib/libssl/ssl_clnt.c42
-rw-r--r--src/lib/libssl/ssl_locl.h19
-rw-r--r--src/lib/libssl/ssl_srvr.c22
-rw-r--r--src/lib/libssl/tls13_legacy.c8
6 files changed, 62 insertions, 59 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index f4c1cb95b0..ba05c2a354 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_both.c,v 1.68 2021/02/27 14:20:50 jsing Exp $ */ 1/* $OpenBSD: d1_both.c,v 1.69 2021/04/19 16:51:56 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -380,16 +380,16 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
380 * s3->internal->tmp is used to store messages that are unexpected, caused 380 * s3->internal->tmp is used to store messages that are unexpected, caused
381 * by the absence of an optional handshake message 381 * by the absence of an optional handshake message
382 */ 382 */
383 if (S3I(s)->tmp.reuse_message) { 383 if (S3I(s)->hs.tls12.reuse_message) {
384 S3I(s)->tmp.reuse_message = 0; 384 S3I(s)->hs.tls12.reuse_message = 0;
385 if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) { 385 if ((mt >= 0) && (S3I(s)->hs.tls12.message_type != mt)) {
386 al = SSL_AD_UNEXPECTED_MESSAGE; 386 al = SSL_AD_UNEXPECTED_MESSAGE;
387 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE); 387 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
388 goto fatal_err; 388 goto fatal_err;
389 } 389 }
390 *ok = 1; 390 *ok = 1;
391 s->internal->init_msg = s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH; 391 s->internal->init_msg = s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;
392 s->internal->init_num = (int)S3I(s)->tmp.message_size; 392 s->internal->init_num = (int)S3I(s)->hs.tls12.message_size;
393 return s->internal->init_num; 393 return s->internal->init_num;
394 } 394 }
395 395
@@ -466,9 +466,9 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
466 return SSL_AD_INTERNAL_ERROR; 466 return SSL_AD_INTERNAL_ERROR;
467 } 467 }
468 468
469 S3I(s)->tmp.message_size = msg_len; 469 S3I(s)->hs.tls12.message_size = msg_len;
470 D1I(s)->r_msg_hdr.msg_len = msg_len; 470 D1I(s)->r_msg_hdr.msg_len = msg_len;
471 S3I(s)->tmp.message_type = msg_hdr->type; 471 S3I(s)->hs.tls12.message_type = msg_hdr->type;
472 D1I(s)->r_msg_hdr.type = msg_hdr->type; 472 D1I(s)->r_msg_hdr.type = msg_hdr->type;
473 D1I(s)->r_msg_hdr.seq = msg_hdr->seq; 473 D1I(s)->r_msg_hdr.seq = msg_hdr->seq;
474 } else if (msg_len != D1I(s)->r_msg_hdr.msg_len) { 474 } else if (msg_len != D1I(s)->r_msg_hdr.msg_len) {
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index 4851231a8f..ad9b0ee257 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_both.c,v 1.27 2021/03/29 16:46:09 jsing Exp $ */ 1/* $OpenBSD: ssl_both.c,v 1.28 2021/04/19 16:51:56 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -445,16 +445,16 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
445 if (SSL_is_dtls(s)) 445 if (SSL_is_dtls(s))
446 return (dtls1_get_message(s, st1, stn, mt, max, ok)); 446 return (dtls1_get_message(s, st1, stn, mt, max, ok));
447 447
448 if (S3I(s)->tmp.reuse_message) { 448 if (S3I(s)->hs.tls12.reuse_message) {
449 S3I(s)->tmp.reuse_message = 0; 449 S3I(s)->hs.tls12.reuse_message = 0;
450 if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) { 450 if ((mt >= 0) && (S3I(s)->hs.tls12.message_type != mt)) {
451 al = SSL_AD_UNEXPECTED_MESSAGE; 451 al = SSL_AD_UNEXPECTED_MESSAGE;
452 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE); 452 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
453 goto fatal_err; 453 goto fatal_err;
454 } 454 }
455 *ok = 1; 455 *ok = 1;
456 s->internal->init_msg = s->internal->init_buf->data + 4; 456 s->internal->init_msg = s->internal->init_buf->data + 4;
457 s->internal->init_num = (int)S3I(s)->tmp.message_size; 457 s->internal->init_num = (int)S3I(s)->hs.tls12.message_size;
458 return s->internal->init_num; 458 return s->internal->init_num;
459 } 459 }
460 460
@@ -511,7 +511,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
511 SSLerror(s, ERR_R_BUF_LIB); 511 SSLerror(s, ERR_R_BUF_LIB);
512 goto err; 512 goto err;
513 } 513 }
514 S3I(s)->tmp.message_type = u8; 514 S3I(s)->hs.tls12.message_type = u8;
515 515
516 if (l > (unsigned long)max) { 516 if (l > (unsigned long)max) {
517 al = SSL_AD_ILLEGAL_PARAMETER; 517 al = SSL_AD_ILLEGAL_PARAMETER;
@@ -522,7 +522,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
522 SSLerror(s, ERR_R_BUF_LIB); 522 SSLerror(s, ERR_R_BUF_LIB);
523 goto err; 523 goto err;
524 } 524 }
525 S3I(s)->tmp.message_size = l; 525 S3I(s)->hs.tls12.message_size = l;
526 S3I(s)->hs.state = stn; 526 S3I(s)->hs.state = stn;
527 527
528 s->internal->init_msg = s->internal->init_buf->data + 4; 528 s->internal->init_msg = s->internal->init_buf->data + 4;
@@ -531,7 +531,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
531 531
532 /* next state (stn) */ 532 /* next state (stn) */
533 p = s->internal->init_msg; 533 p = s->internal->init_msg;
534 n = S3I(s)->tmp.message_size - s->internal->init_num; 534 n = S3I(s)->hs.tls12.message_size - s->internal->init_num;
535 while (n > 0) { 535 while (n > 0) {
536 i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, 536 i = s->method->internal->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
537 &p[s->internal->init_num], n, 0); 537 &p[s->internal->init_num], n, 0);
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 92113c2953..6b43b565b9 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.90 2021/04/11 07:06:01 tb Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.91 2021/04/19 16:51:56 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -623,7 +623,7 @@ ssl3_connect(SSL *s)
623 } 623 }
624 624
625 /* did we do anything */ 625 /* did we do anything */
626 if (!S3I(s)->tmp.reuse_message && !skip) { 626 if (!S3I(s)->hs.tls12.reuse_message && !skip) {
627 if (s->internal->debug) { 627 if (s->internal->debug) {
628 if ((ret = BIO_flush(s->wbio)) <= 0) 628 if ((ret = BIO_flush(s->wbio)) <= 0)
629 goto end; 629 goto end;
@@ -804,9 +804,9 @@ ssl3_get_dtls_hello_verify(SSL *s)
804 if (!ok) 804 if (!ok)
805 return ((int)n); 805 return ((int)n);
806 806
807 if (S3I(s)->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) { 807 if (S3I(s)->hs.tls12.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
808 D1I(s)->send_cookie = 0; 808 D1I(s)->send_cookie = 0;
809 S3I(s)->tmp.reuse_message = 1; 809 S3I(s)->hs.tls12.reuse_message = 1;
810 return (1); 810 return (1);
811 } 811 }
812 812
@@ -878,9 +878,9 @@ ssl3_get_server_hello(SSL *s)
878 CBS_init(&cbs, s->internal->init_msg, n); 878 CBS_init(&cbs, s->internal->init_msg, n);
879 879
880 if (SSL_is_dtls(s)) { 880 if (SSL_is_dtls(s)) {
881 if (S3I(s)->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) { 881 if (S3I(s)->hs.tls12.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
882 if (D1I(s)->send_cookie == 0) { 882 if (D1I(s)->send_cookie == 0) {
883 S3I(s)->tmp.reuse_message = 1; 883 S3I(s)->hs.tls12.reuse_message = 1;
884 return (1); 884 return (1);
885 } else { 885 } else {
886 /* Already sent a cookie. */ 886 /* Already sent a cookie. */
@@ -891,7 +891,7 @@ ssl3_get_server_hello(SSL *s)
891 } 891 }
892 } 892 }
893 893
894 if (S3I(s)->tmp.message_type != SSL3_MT_SERVER_HELLO) { 894 if (S3I(s)->hs.tls12.message_type != SSL3_MT_SERVER_HELLO) {
895 al = SSL_AD_UNEXPECTED_MESSAGE; 895 al = SSL_AD_UNEXPECTED_MESSAGE;
896 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE); 896 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
897 goto fatal_err; 897 goto fatal_err;
@@ -1128,12 +1128,12 @@ ssl3_get_server_certificate(SSL *s)
1128 if (!ok) 1128 if (!ok)
1129 return ((int)n); 1129 return ((int)n);
1130 1130
1131 if (S3I(s)->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) { 1131 if (S3I(s)->hs.tls12.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) {
1132 S3I(s)->tmp.reuse_message = 1; 1132 S3I(s)->hs.tls12.reuse_message = 1;
1133 return (1); 1133 return (1);
1134 } 1134 }
1135 1135
1136 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { 1136 if (S3I(s)->hs.tls12.message_type != SSL3_MT_CERTIFICATE) {
1137 al = SSL_AD_UNEXPECTED_MESSAGE; 1137 al = SSL_AD_UNEXPECTED_MESSAGE;
1138 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE); 1138 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
1139 goto fatal_err; 1139 goto fatal_err;
@@ -1498,7 +1498,7 @@ ssl3_get_server_key_exchange(SSL *s)
1498 1498
1499 CBS_init(&cbs, s->internal->init_msg, n); 1499 CBS_init(&cbs, s->internal->init_msg, n);
1500 1500
1501 if (S3I(s)->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) { 1501 if (S3I(s)->hs.tls12.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
1502 /* 1502 /*
1503 * Do not skip server key exchange if this cipher suite uses 1503 * Do not skip server key exchange if this cipher suite uses
1504 * ephemeral keys. 1504 * ephemeral keys.
@@ -1509,7 +1509,7 @@ ssl3_get_server_key_exchange(SSL *s)
1509 goto fatal_err; 1509 goto fatal_err;
1510 } 1510 }
1511 1511
1512 S3I(s)->tmp.reuse_message = 1; 1512 S3I(s)->hs.tls12.reuse_message = 1;
1513 EVP_MD_CTX_cleanup(&md_ctx); 1513 EVP_MD_CTX_cleanup(&md_ctx);
1514 return (1); 1514 return (1);
1515 } 1515 }
@@ -1663,8 +1663,8 @@ ssl3_get_certificate_request(SSL *s)
1663 1663
1664 S3I(s)->tmp.cert_req = 0; 1664 S3I(s)->tmp.cert_req = 0;
1665 1665
1666 if (S3I(s)->tmp.message_type == SSL3_MT_SERVER_DONE) { 1666 if (S3I(s)->hs.tls12.message_type == SSL3_MT_SERVER_DONE) {
1667 S3I(s)->tmp.reuse_message = 1; 1667 S3I(s)->hs.tls12.reuse_message = 1;
1668 /* 1668 /*
1669 * If we get here we don't need any cached handshake records 1669 * If we get here we don't need any cached handshake records
1670 * as we wont be doing client auth. 1670 * as we wont be doing client auth.
@@ -1673,7 +1673,7 @@ ssl3_get_certificate_request(SSL *s)
1673 return (1); 1673 return (1);
1674 } 1674 }
1675 1675
1676 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) { 1676 if (S3I(s)->hs.tls12.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
1677 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); 1677 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
1678 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE); 1678 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE);
1679 goto err; 1679 goto err;
@@ -1814,11 +1814,11 @@ ssl3_get_new_session_ticket(SSL *s)
1814 if (!ok) 1814 if (!ok)
1815 return ((int)n); 1815 return ((int)n);
1816 1816
1817 if (S3I(s)->tmp.message_type == SSL3_MT_FINISHED) { 1817 if (S3I(s)->hs.tls12.message_type == SSL3_MT_FINISHED) {
1818 S3I(s)->tmp.reuse_message = 1; 1818 S3I(s)->hs.tls12.reuse_message = 1;
1819 return (1); 1819 return (1);
1820 } 1820 }
1821 if (S3I(s)->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) { 1821 if (S3I(s)->hs.tls12.message_type != SSL3_MT_NEWSESSION_TICKET) {
1822 al = SSL_AD_UNEXPECTED_MESSAGE; 1822 al = SSL_AD_UNEXPECTED_MESSAGE;
1823 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE); 1823 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
1824 goto fatal_err; 1824 goto fatal_err;
@@ -2799,9 +2799,9 @@ ssl3_check_finished(SSL *s)
2799 if (!ok) 2799 if (!ok)
2800 return ((int)n); 2800 return ((int)n);
2801 2801
2802 S3I(s)->tmp.reuse_message = 1; 2802 S3I(s)->hs.tls12.reuse_message = 1;
2803 if ((S3I(s)->tmp.message_type == SSL3_MT_FINISHED) || 2803 if ((S3I(s)->hs.tls12.message_type == SSL3_MT_FINISHED) ||
2804 (S3I(s)->tmp.message_type == SSL3_MT_NEWSESSION_TICKET)) 2804 (S3I(s)->hs.tls12.message_type == SSL3_MT_NEWSESSION_TICKET))
2805 return (2); 2805 return (2);
2806 2806
2807 return (1); 2807 return (1);
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 3339c57390..3b86f5874b 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.333 2021/03/29 16:46:09 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.334 2021/04/19 16:51:56 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -420,9 +420,19 @@ typedef struct ssl_handshake_tls12_st {
420 /* Used when SSL_ST_FLUSH_DATA is entered. */ 420 /* Used when SSL_ST_FLUSH_DATA is entered. */
421 int next_state; 421 int next_state;
422 422
423 /* Handshake message type and size. */
424 int message_type;
425 unsigned long message_size;
426
427 /* Reuse current handshake message. */
428 int reuse_message;
429
423 /* Record-layer key block for TLS 1.2 and earlier. */ 430 /* Record-layer key block for TLS 1.2 and earlier. */
424 unsigned char *key_block; 431 unsigned char *key_block;
425 size_t key_block_len; 432 size_t key_block_len;
433
434 /* Transcript hash prior to sending certificate verify message. */
435 uint8_t cert_verify[EVP_MAX_MD_SIZE];
426} SSL_HANDSHAKE_TLS12; 436} SSL_HANDSHAKE_TLS12;
427 437
428typedef struct ssl_handshake_tls13_st { 438typedef struct ssl_handshake_tls13_st {
@@ -925,11 +935,6 @@ typedef struct ssl3_state_internal_st {
925 SSL_HANDSHAKE hs; 935 SSL_HANDSHAKE hs;
926 936
927 struct { 937 struct {
928 unsigned char cert_verify_md[EVP_MAX_MD_SIZE];
929
930 unsigned long message_size;
931 int message_type;
932
933 DH *dh; 938 DH *dh;
934 939
935 EC_KEY *ecdh; /* holds short lived ECDH key */ 940 EC_KEY *ecdh; /* holds short lived ECDH key */
@@ -937,8 +942,6 @@ typedef struct ssl3_state_internal_st {
937 942
938 uint8_t *x25519; 943 uint8_t *x25519;
939 944
940 int reuse_message;
941
942 /* used for certificate requests */ 945 /* used for certificate requests */
943 int cert_req; 946 int cert_req;
944 int ctype_num; 947 int ctype_num;
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 0f3572a678..8241a59ac0 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.101 2021/03/29 16:56:20 jsing Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.102 2021/04/19 16:51:56 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -576,8 +576,8 @@ ssl3_accept(SSL *s)
576 * a client cert, it can be verified. 576 * a client cert, it can be verified.
577 */ 577 */
578 if (!tls1_transcript_hash_value(s, 578 if (!tls1_transcript_hash_value(s,
579 S3I(s)->tmp.cert_verify_md, 579 S3I(s)->hs.tls12.cert_verify,
580 sizeof(S3I(s)->tmp.cert_verify_md), 580 sizeof(S3I(s)->hs.tls12.cert_verify),
581 NULL)) { 581 NULL)) {
582 ret = -1; 582 ret = -1;
583 goto end; 583 goto end;
@@ -733,7 +733,7 @@ ssl3_accept(SSL *s)
733 /* break; */ 733 /* break; */
734 } 734 }
735 735
736 if (!S3I(s)->tmp.reuse_message && !skip) { 736 if (!S3I(s)->hs.tls12.reuse_message && !skip) {
737 if (s->internal->debug) { 737 if (s->internal->debug) {
738 if ((ret = BIO_flush(s->wbio)) <= 0) 738 if ((ret = BIO_flush(s->wbio)) <= 0)
739 goto end; 739 goto end;
@@ -2149,8 +2149,8 @@ ssl3_get_cert_verify(SSL *s)
2149 type = X509_certificate_type(peer, pkey); 2149 type = X509_certificate_type(peer, pkey);
2150 } 2150 }
2151 2151
2152 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY) { 2152 if (S3I(s)->hs.tls12.message_type != SSL3_MT_CERTIFICATE_VERIFY) {
2153 S3I(s)->tmp.reuse_message = 1; 2153 S3I(s)->hs.tls12.reuse_message = 1;
2154 if (peer != NULL) { 2154 if (peer != NULL) {
2155 al = SSL_AD_UNEXPECTED_MESSAGE; 2155 al = SSL_AD_UNEXPECTED_MESSAGE;
2156 SSLerror(s, SSL_R_MISSING_VERIFY_MESSAGE); 2156 SSLerror(s, SSL_R_MISSING_VERIFY_MESSAGE);
@@ -2261,7 +2261,7 @@ ssl3_get_cert_verify(SSL *s)
2261 goto fatal_err; 2261 goto fatal_err;
2262 } 2262 }
2263 } else if (pkey->type == EVP_PKEY_RSA) { 2263 } else if (pkey->type == EVP_PKEY_RSA) {
2264 verify = RSA_verify(NID_md5_sha1, S3I(s)->tmp.cert_verify_md, 2264 verify = RSA_verify(NID_md5_sha1, S3I(s)->hs.tls12.cert_verify,
2265 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, CBS_data(&signature), 2265 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, CBS_data(&signature),
2266 CBS_len(&signature), pkey->pkey.rsa); 2266 CBS_len(&signature), pkey->pkey.rsa);
2267 if (verify < 0) { 2267 if (verify < 0) {
@@ -2276,7 +2276,7 @@ ssl3_get_cert_verify(SSL *s)
2276 } 2276 }
2277 } else if (pkey->type == EVP_PKEY_EC) { 2277 } else if (pkey->type == EVP_PKEY_EC) {
2278 verify = ECDSA_verify(pkey->save_type, 2278 verify = ECDSA_verify(pkey->save_type,
2279 &(S3I(s)->tmp.cert_verify_md[MD5_DIGEST_LENGTH]), 2279 &(S3I(s)->hs.tls12.cert_verify[MD5_DIGEST_LENGTH]),
2280 SHA_DIGEST_LENGTH, CBS_data(&signature), 2280 SHA_DIGEST_LENGTH, CBS_data(&signature),
2281 CBS_len(&signature), pkey->pkey.ec); 2281 CBS_len(&signature), pkey->pkey.ec);
2282 if (verify <= 0) { 2282 if (verify <= 0) {
@@ -2368,7 +2368,7 @@ ssl3_get_client_certificate(SSL *s)
2368 if (!ok) 2368 if (!ok)
2369 return ((int)n); 2369 return ((int)n);
2370 2370
2371 if (S3I(s)->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) { 2371 if (S3I(s)->hs.tls12.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
2372 if ((s->verify_mode & SSL_VERIFY_PEER) && 2372 if ((s->verify_mode & SSL_VERIFY_PEER) &&
2373 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { 2373 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
2374 SSLerror(s, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); 2374 SSLerror(s, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
@@ -2385,11 +2385,11 @@ ssl3_get_client_certificate(SSL *s)
2385 al = SSL_AD_UNEXPECTED_MESSAGE; 2385 al = SSL_AD_UNEXPECTED_MESSAGE;
2386 goto fatal_err; 2386 goto fatal_err;
2387 } 2387 }
2388 S3I(s)->tmp.reuse_message = 1; 2388 S3I(s)->hs.tls12.reuse_message = 1;
2389 return (1); 2389 return (1);
2390 } 2390 }
2391 2391
2392 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { 2392 if (S3I(s)->hs.tls12.message_type != SSL3_MT_CERTIFICATE) {
2393 al = SSL_AD_UNEXPECTED_MESSAGE; 2393 al = SSL_AD_UNEXPECTED_MESSAGE;
2394 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE); 2394 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE);
2395 goto fatal_err; 2395 goto fatal_err;
diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c
index 19271ef787..f71bac48cd 100644
--- a/src/lib/libssl/tls13_legacy.c
+++ b/src/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_legacy.c,v 1.23 2021/03/21 18:36:34 jsing Exp $ */ 1/* $OpenBSD: tls13_legacy.c,v 1.24 2021/04/19 16:51:56 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -338,9 +338,9 @@ tls13_use_legacy_stack(struct tls13_ctx *ctx)
338 s->internal->init_buf->length, NULL)) 338 s->internal->init_buf->length, NULL))
339 goto err; 339 goto err;
340 340
341 S3I(s)->tmp.reuse_message = 1; 341 S3I(s)->hs.tls12.reuse_message = 1;
342 S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg); 342 S3I(s)->hs.tls12.message_type = tls13_handshake_msg_type(ctx->hs_msg);
343 S3I(s)->tmp.message_size = CBS_len(&cbs); 343 S3I(s)->hs.tls12.message_size = CBS_len(&cbs);
344 344
345 return 1; 345 return 1;
346 346
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-01 15:46:15 +0000