From c033d8dd5f1b51daaea294f6d345521ac6566588 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Thu, 28 Feb 2019 17:56:43 +0000 Subject: Automatically complete the handshake from tls13_legacy_{read,write}_bytes() If the TLS handshake has not been completed, automatically complete the handshake as part of the read/write call, implementing the current SSL_read()/SSL_write() behaviour. Once the TLS handshake is completed we push a WANT_POLLIN or WANT_POLLOUT back up to the caller, since some applications appear to incorrectly call SSL_read() or SSL_write(), rather than repeating the previous call. This can lead to attempts to read data that does not exist, since the WANT_POLLIN was actually triggered as part of the handshake. ok inoguchi@ tb@ --- src/lib/libssl/tls13_lib.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'src/lib/libssl/tls13_lib.c') diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index e371d71750..c5e2faf3fc 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.7 2019/02/28 17:44:56 jsing Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.8 2019/02/28 17:56:43 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -241,6 +241,12 @@ tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int pee struct tls13_ctx *ctx = ssl->internal->tls13; ssize_t ret; + if (ctx == NULL || !ctx->handshake_completed) { + if ((ret = ssl->internal->handshake_func(ssl)) <= 0) + return ret; + return tls13_legacy_return_code(ssl, TLS13_IO_WANT_POLLIN); + } + if (peek) { /* XXX - support peek... */ SSLerror(ssl, ERR_R_INTERNAL_ERROR); @@ -266,6 +272,12 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len) struct tls13_ctx *ctx = ssl->internal->tls13; ssize_t ret; + if (ctx == NULL || !ctx->handshake_completed) { + if ((ret = ssl->internal->handshake_func(ssl)) <= 0) + return ret; + return tls13_legacy_return_code(ssl, TLS13_IO_WANT_POLLOUT); + } + if (type != SSL3_RT_APPLICATION_DATA) { SSLerror(ssl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; -- cgit v1.2.3-55-g6feb