diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2017-01-31 15:35:47 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2017-01-31 15:35:47 +0000 |
| commit | 313d445c79c92def5c87fd0eb42705f681cf8a49 (patch) | |
| tree | cd85325cf3f05779d670583c2654aeb8bf525226 /lib/libssl | |
| parent | 16cee6c090145abe71658ed081310c36cfe7f74d (diff) | |
Provide an SSL_OP_NO_CLIENT_RENEGOTIATION option that disallows
client-initiated renegotiation. The current default behaviour remains
unchanged.
ok beck@ reyk@
Diffstat (limited to 'lib/libssl')
| -rw-r--r-- | lib/libssl/ssl.h | 4 | ||||
| -rw-r--r-- | lib/libssl/ssl_pkt.c | 10 |
2 files changed, 12 insertions, 2 deletions
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h index 2122fea9363..72de5c15a98 100644 --- a/lib/libssl/ssl.h +++ b/lib/libssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.125 2017/01/26 07:20:57 beck Exp $ */ +/* $OpenBSD: ssl.h,v 1.126 2017/01/31 15:35:46 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -501,6 +501,8 @@ struct ssl_session_st { /* As server, disallow session resumption on renegotiation */ #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L +/* Disallow client initiated renegotiation. */ +#define SSL_OP_NO_CLIENT_RENEGOTIATION 0x00020000L /* If set, always create a new key when using tmp_ecdh parameters */ #define SSL_OP_SINGLE_ECDH_USE 0x00080000L /* If set, always create a new key when using tmp_dh parameters */ diff --git a/lib/libssl/ssl_pkt.c b/lib/libssl/ssl_pkt.c index 6a1c837944f..c57eacd7700 100644 --- a/lib/libssl/ssl_pkt.c +++ b/lib/libssl/ssl_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_pkt.c,v 1.8 2017/01/29 15:31:15 jsing Exp $ */ +/* $OpenBSD: ssl_pkt.c,v 1.9 2017/01/31 15:35:46 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1136,6 +1136,14 @@ start: * now try again to obtain the (application) data we were asked for */ goto start; } + /* Disallow client initiated renegotiation if configured. */ + if (s->server && SSL_is_init_finished(s) && + S3I(s)->handshake_fragment_len >= 4 && + S3I(s)->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO && + (s->internal->options & SSL_OP_NO_CLIENT_RENEGOTIATION)) { + al = SSL_AD_NO_RENEGOTIATION; + goto f_err; + } /* If we are a server and get a client hello when renegotiation isn't * allowed send back a no renegotiation alert and carry on. * WARNING: experimental code, needs reviewing (steve) |