From 574d6f0d7739a1810b9aad1f62716ceadbe58540 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Fri, 29 May 2020 17:47:30 +0000 Subject: Wire up the servername callback in the TLSv1.3 server. This makes SNI work correctly with TLSv1.3. Found the hard way by danj@, gonzalo@ and others. ok beck@ inoguchi@ tb@ --- src/lib/libssl/tls13_internal.h | 3 ++- src/lib/libssl/tls13_legacy.c | 28 +++++++++++++++++++++++++++- src/lib/libssl/tls13_server.c | 17 ++++++++++++++++- 3 files changed, 45 insertions(+), 3 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h index 770c18d6ad..96ed981959 100644 --- a/src/lib/libssl/tls13_internal.h +++ b/src/lib/libssl/tls13_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_internal.h,v 1.82 2020/05/23 11:57:41 jsing Exp $ */ +/* $OpenBSD: tls13_internal.h,v 1.83 2020/05/29 17:47:30 jsing Exp $ */ /* * Copyright (c) 2018 Bob Beck * Copyright (c) 2018 Theo Buehler @@ -311,6 +311,7 @@ int tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int peek); int tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len); int tls13_legacy_shutdown(SSL *ssl); +int tls13_legacy_servername_process(struct tls13_ctx *ctx, uint8_t *alert); /* * Message Types - RFC 8446, Section B.3. diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c index be89e9aa24..4d68287141 100644 --- a/src/lib/libssl/tls13_legacy.c +++ b/src/lib/libssl/tls13_legacy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_legacy.c,v 1.7 2020/05/16 14:42:35 jsing Exp $ */ +/* $OpenBSD: tls13_legacy.c,v 1.8 2020/05/29 17:47:30 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -519,3 +519,29 @@ tls13_legacy_shutdown(SSL *ssl) return 0; } + +int +tls13_legacy_servername_process(struct tls13_ctx *ctx, uint8_t *alert) +{ + int legacy_alert = SSL_AD_UNRECOGNIZED_NAME; + int ret = SSL_TLSEXT_ERR_NOACK; + SSL_CTX *ssl_ctx = ctx->ssl->ctx; + SSL *ssl = ctx->ssl; + + if (ssl_ctx->internal->tlsext_servername_callback == NULL) + ssl_ctx = ssl->initial_ctx; + if (ssl_ctx->internal->tlsext_servername_callback == NULL) + return 1; + + ret = ssl_ctx->internal->tlsext_servername_callback(ssl, &legacy_alert, + ssl_ctx->internal->tlsext_servername_arg); + + if (ret == SSL_TLSEXT_ERR_ALERT_FATAL || + ret == SSL_TLSEXT_ERR_ALERT_WARNING) { + if (legacy_alert >= 0 && legacy_alert <= 255) + *alert = legacy_alert; + return 0; + } + + return 1; +} diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index 621e51d501..181ba583a0 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.53 2020/05/23 11:58:46 jsing Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.54 2020/05/29 17:47:30 jsing Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing * Copyright (c) 2020 Bob Beck @@ -373,6 +373,19 @@ tls13_client_hello_retry_recv(struct tls13_ctx *ctx, CBS *cbs) return 1; } +static int +tls13_servername_process(struct tls13_ctx *ctx) +{ + uint8_t alert = TLS13_ALERT_INTERNAL_ERROR; + + if (!tls13_legacy_servername_process(ctx, &alert)) { + ctx->alert = alert; + return 0; + } + + return 1; +} + int tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb) { @@ -380,6 +393,8 @@ tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb) return 0; if (!tls13_key_share_generate(ctx->hs->key_share)) return 0; + if (!tls13_servername_process(ctx)) + return 0; ctx->hs->server_group = 0; -- cgit v1.2.3-55-g6feb