diff options
author | Joel Sing <jsing@cvs.openbsd.org> | 2019-02-28 17:56:44 +0000 |
---|---|---|
committer | Joel Sing <jsing@cvs.openbsd.org> | 2019-02-28 17:56:44 +0000 |
commit | f8fc6e1e9eab8ea932010b3bce16dc6bc4432977 (patch) | |
tree | 32223e0153c5d03cac143ba422ecc23d199e8264 | |
parent | 4b9ccbd8e580f0be83250b11b99a830cc10872ab (diff) |
Automatically complete the handshake from tls13_legacy_{read,write}_bytes()
If the TLS handshake has not been completed, automatically complete the
handshake as part of the read/write call, implementing the current
SSL_read()/SSL_write() behaviour.
Once the TLS handshake is completed we push a WANT_POLLIN or WANT_POLLOUT
back up to the caller, since some applications appear to incorrectly call
SSL_read() or SSL_write(), rather than repeating the previous call. This
can lead to attempts to read data that does not exist, since the
WANT_POLLIN was actually triggered as part of the handshake.
ok inoguchi@ tb@
-rw-r--r-- | lib/libssl/tls13_handshake.c | 3 | ||||
-rw-r--r-- | lib/libssl/tls13_internal.h | 3 | ||||
-rw-r--r-- | lib/libssl/tls13_lib.c | 14 |
3 files changed, 17 insertions, 3 deletions
diff --git a/lib/libssl/tls13_handshake.c b/lib/libssl/tls13_handshake.c index d4fc7cb6f79..536630ac33c 100644 --- a/lib/libssl/tls13_handshake.c +++ b/lib/libssl/tls13_handshake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_handshake.c,v 1.30 2019/02/28 17:39:36 jsing Exp $ */ +/* $OpenBSD: tls13_handshake.c,v 1.31 2019/02/28 17:56:43 jsing Exp $ */ /* * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> @@ -282,6 +282,7 @@ tls13_handshake_perform(struct tls13_ctx *ctx) return TLS13_IO_FAILURE; if (action->handshake_complete) { + ctx->handshake_completed = 1; tls13_record_layer_handshake_completed(ctx->rl); return TLS13_IO_SUCCESS; } diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h index c3b698e9874..f3cccc14a67 100644 --- a/lib/libssl/tls13_internal.h +++ b/lib/libssl/tls13_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_internal.h,v 1.24 2019/02/25 19:44:04 tb Exp $ */ +/* $OpenBSD: tls13_internal.h,v 1.25 2019/02/28 17:56:43 jsing Exp $ */ /* * Copyright (c) 2018 Bob Beck <beck@openbsd.org> * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> @@ -156,6 +156,7 @@ struct tls13_ctx { struct ssl_handshake_tls13_st *hs; uint8_t mode; struct tls13_handshake_stage handshake_stage; + int handshake_completed; const EVP_AEAD *aead; const EVP_MD *hash; diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c index e371d717506..c5e2faf3fc8 100644 --- a/lib/libssl/tls13_lib.c +++ b/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.7 2019/02/28 17:44:56 jsing Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.8 2019/02/28 17:56:43 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * @@ -241,6 +241,12 @@ tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int pee struct tls13_ctx *ctx = ssl->internal->tls13; ssize_t ret; + if (ctx == NULL || !ctx->handshake_completed) { + if ((ret = ssl->internal->handshake_func(ssl)) <= 0) + return ret; + return tls13_legacy_return_code(ssl, TLS13_IO_WANT_POLLIN); + } + if (peek) { /* XXX - support peek... */ SSLerror(ssl, ERR_R_INTERNAL_ERROR); @@ -266,6 +272,12 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len) struct tls13_ctx *ctx = ssl->internal->tls13; ssize_t ret; + if (ctx == NULL || !ctx->handshake_completed) { + if ((ret = ssl->internal->handshake_func(ssl)) <= 0) + return ret; + return tls13_legacy_return_code(ssl, TLS13_IO_WANT_POLLOUT); + } + if (type != SSL3_RT_APPLICATION_DATA) { SSLerror(ssl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; |