From 8c1ed8b7e3af4b96d94cbf18ef16743f39476d74 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sat, 9 Dec 2017 13:43:25 +0000 Subject: MFC: Correct TLS extensions handling when no extensions are present. If no TLS extensions are present in a client hello or server hello, omit the entire extensions block, rather than including it with a length of zero. ok beck@ inoguchi@ Thanks to Eric Elena for providing packet captures and testing the fix. --- src/lib/libssl/bs_cbb.c | 16 +++++++++++++++- src/lib/libssl/bytestring.h | 8 +++++++- src/lib/libssl/ssl_tlsext.c | 14 +++++++++++++- 3 files changed, 35 insertions(+), 3 deletions(-) (limited to 'src/lib/libssl') diff --git a/src/lib/libssl/bs_cbb.c b/src/lib/libssl/bs_cbb.c index 9de75fbb02..1c02eaf0be 100644 --- a/src/lib/libssl/bs_cbb.c +++ b/src/lib/libssl/bs_cbb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bs_cbb.c,v 1.17 2017/08/12 02:50:05 jsing Exp $ */ +/* $OpenBSD: bs_cbb.c,v 1.17.4.1 2017/12/09 13:43:25 jsing Exp $ */ /* * Copyright (c) 2014, Google Inc. * @@ -271,6 +271,20 @@ CBB_flush(CBB *cbb) return 1; } +void +CBB_discard_child(CBB *cbb) +{ + if (cbb->child == NULL) + return; + + cbb->base->len = cbb->offset; + + cbb->child->base = NULL; + cbb->child = NULL; + cbb->pending_len_len = 0; + cbb->pending_is_asn1 = 0; + cbb->offset = 0; +} static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len) diff --git a/src/lib/libssl/bytestring.h b/src/lib/libssl/bytestring.h index d8c8e6ada6..42d3d5d6d1 100644 --- a/src/lib/libssl/bytestring.h +++ b/src/lib/libssl/bytestring.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bytestring.h,v 1.15 2016/11/04 18:28:58 guenther Exp $ */ +/* $OpenBSD: bytestring.h,v 1.15.6.1 2017/12/09 13:43:25 jsing Exp $ */ /* * Copyright (c) 2014, Google Inc. * @@ -393,6 +393,12 @@ int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len); */ int CBB_flush(CBB *cbb); +/* + * CBB_discard_child discards the current unflushed child of |cbb|. Neither the + * child's contents nor the length prefix will be included in the output. + */ +void CBB_discard_child(CBB *cbb); + /* * CBB_add_u8_length_prefixed sets |*out_contents| to a new child of |cbb|. The * data written to |*out_contents| will be prefixed in |cbb| with an 8-bit diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 835c413478..2abfa723d8 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_tlsext.c,v 1.17 2017/09/25 18:02:27 jsing Exp $ */ +/* $OpenBSD: ssl_tlsext.c,v 1.17.4.1 2017/12/09 13:43:25 jsing Exp $ */ /* * Copyright (c) 2016, 2017 Joel Sing * Copyright (c) 2017 Doug Hogan @@ -1296,6 +1296,7 @@ tlsext_clienthello_build(SSL *s, CBB *cbb) { CBB extensions, extension_data; struct tls_extension *tlsext; + int extensions_present = 0; size_t i; if (!CBB_add_u16_length_prefixed(cbb, &extensions)) @@ -1313,8 +1314,13 @@ tlsext_clienthello_build(SSL *s, CBB *cbb) return 0; if (!tls_extensions[i].clienthello_build(s, &extension_data)) return 0; + + extensions_present = 1; } + if (!extensions_present) + CBB_discard_child(cbb); + if (!CBB_flush(cbb)) return 0; @@ -1351,6 +1357,7 @@ tlsext_serverhello_build(SSL *s, CBB *cbb) { CBB extensions, extension_data; struct tls_extension *tlsext; + int extensions_present = 0; size_t i; if (!CBB_add_u16_length_prefixed(cbb, &extensions)) @@ -1368,8 +1375,13 @@ tlsext_serverhello_build(SSL *s, CBB *cbb) return 0; if (!tlsext->serverhello_build(s, &extension_data)) return 0; + + extensions_present = 1; } + if (!extensions_present) + CBB_discard_child(cbb); + if (!CBB_flush(cbb)) return 0; -- cgit v1.2.3-55-g6feb