src - OpenBSD base system

diff options


context:
space:
mode:

author	Joel Sing <jsing@cvs.openbsd.org>	2019-01-18 00:54:43 +0000
committer	Joel Sing <jsing@cvs.openbsd.org>	2019-01-18 00:54:43 +0000
commit	77008d3173ade3f5e8a941a1422432ae13bd08ee (patch)
tree	0e788afdb1a35b285c662d9c3e46209aa2877375 /lib
parent	5b9abdb75bdbc45ac71425d47a9264bbeb416fc6 (diff)

Rename TLS extension handling to use less "hello".

When the TLS extension code was rewritten, TLS extensions could only exist in ClientHello and ServerHello messages - as such, they were named in pairs of *_clienthello_{needs,build} which would be called by the client and *_clienthello_parse. Likewise for *_serverhello_{needs,build} which would be called by a server and *_serverhello_parse, which would be called by a client. Enter TLSv1.3 - TLS extensions can now exist in one of seven messages, with only certain types being allowed to appear in each, meaning the naming scheme no longer works. Instead, rename them to indicate the caller rather than the message type - this effectively means: clienthello_needs -> client_needs clienthello_build -> client_build clienthello_parse -> server_parse serverhello_needs -> server_needs serverhello_build -> server_build serverhello_parse -> client_parse ok beck@ tb@

Diffstat (limited to 'lib')

-rw-r--r--

lib/libssl/ssl_clnt.c

-rw-r--r--

lib/libssl/ssl_srvr.c

-rw-r--r--

lib/libssl/ssl_tlsext.c

295

-rw-r--r--

lib/libssl/ssl_tlsext.h

141

4 files changed, 228 insertions, 220 deletions

diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c
index 60983fc6fdb..acc48389c07 100644
--- a/lib/libssl/ssl_clnt.c
+++ b/lib/libssl/ssl_clnt.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_clnt.c,v 1.51 2018/11/29 06:21:09 tb Exp $ */

+/* $OpenBSD: ssl_clnt.c,v 1.52 2019/01/18 00:54:42 jsing Exp $ */

@@ -775,7 +775,7 @@ ssl3_send_client_hello(SSL *s)

goto err;

/* TLS extensions */

- if (!tlsext_clienthello_build(s, &client_hello)) {

+ if (!tlsext_client_build(s, &client_hello, SSL_TLSEXT_MSG_CH)) {

SSLerror(s, ERR_R_INTERNAL_ERROR);

goto err;

}

@@ -999,7 +999,7 @@ ssl3_get_server_hello(SSL *s)

goto f_err;

}

- if (!tlsext_serverhello_parse(s, &cbs, &al)) {

+ if (!tlsext_client_parse(s, &cbs, &al, SSL_TLSEXT_MSG_SH)) {

SSLerror(s, SSL_R_PARSE_TLSEXT);

goto f_err;

}

diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c
index 80199d3f2ef..afc7c94de89 100644
--- a/lib/libssl/ssl_srvr.c
+++ b/lib/libssl/ssl_srvr.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_srvr.c,v 1.62 2018/12/07 07:22:09 tb Exp $ */

+/* $OpenBSD: ssl_srvr.c,v 1.63 2019/01/18 00:54:42 jsing Exp $ */

@@ -1019,7 +1019,7 @@ ssl3_get_client_hello(SSL *s)

goto f_err;

}

- if (!tlsext_clienthello_parse(s, &cbs, &al)) {

+ if (!tlsext_server_parse(s, &cbs, &al, SSL_TLSEXT_MSG_CH)) {

SSLerror(s, SSL_R_PARSE_TLSEXT);

goto f_err;

}

@@ -1206,7 +1206,7 @@ ssl3_send_server_hello(SSL *s)

goto err;

/* TLS extensions */

- if (!tlsext_serverhello_build(s, &server_hello)) {

+ if (!tlsext_server_build(s, &server_hello, SSL_TLSEXT_MSG_SH)) {

SSLerror(s, ERR_R_INTERNAL_ERROR);

goto err;

}

diff --git a/lib/libssl/ssl_tlsext.c b/lib/libssl/ssl_tlsext.c
index 755bbff7951..b8f4414365e 100644
--- a/lib/libssl/ssl_tlsext.c
+++ b/lib/libssl/ssl_tlsext.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_tlsext.c,v 1.26 2018/11/09 05:02:53 beck Exp $ */

+/* $OpenBSD: ssl_tlsext.c,v 1.27 2019/01/18 00:54:42 jsing Exp $ */

@@ -21,15 +21,15 @@

#include "ssl_locl.h"

#include "bytestring.h"

-#include "ssl_tlsext.h"

#include "ssl_sigalgs.h"

+#include "ssl_tlsext.h"

* Supported Application-Layer Protocol Negotiation - RFC 7301

int

-tlsext_alpn_clienthello_needs(SSL *s)

+tlsext_alpn_client_needs(SSL *s)

{

/* ALPN protos have been specified and this is the initial handshake */

return s->internal->alpn_client_proto_list != NULL &&

@@ -37,7 +37,7 @@ tlsext_alpn_clienthello_needs(SSL *s)

}

int

-tlsext_alpn_clienthello_build(SSL *s, CBB *cbb)

+tlsext_alpn_client_build(SSL *s, CBB *cbb)

{

CBB protolist;

@@ -55,7 +55,7 @@ tlsext_alpn_clienthello_build(SSL *s, CBB *cbb)

}

int

-tlsext_alpn_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_alpn_server_parse(SSL *s, CBS *cbs, int *alert)

{

CBS proto_name_list, alpn;

const unsigned char *selected;

@@ -103,13 +103,13 @@ tlsext_alpn_clienthello_parse(SSL *s, CBS *cbs, int *alert)

}

int

-tlsext_alpn_serverhello_needs(SSL *s)

+tlsext_alpn_server_needs(SSL *s)

{

return S3I(s)->alpn_selected != NULL;

}

int

-tlsext_alpn_serverhello_build(SSL *s, CBB *cbb)

+tlsext_alpn_server_build(SSL *s, CBB *cbb)

{

CBB list, selected;

@@ -130,7 +130,7 @@ tlsext_alpn_serverhello_build(SSL *s, CBB *cbb)

}

int

-tlsext_alpn_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_alpn_client_parse(SSL *s, CBS *cbs, int *alert)

{

CBS list, proto;

@@ -167,13 +167,13 @@ tlsext_alpn_serverhello_parse(SSL *s, CBS *cbs, int *alert)

* Supported Groups - RFC 7919 section 2

int

-tlsext_supportedgroups_clienthello_needs(SSL *s)

+tlsext_supportedgroups_client_needs(SSL *s)

{

return ssl_has_ecc_ciphers(s);

}

int

-tlsext_supportedgroups_clienthello_build(SSL *s, CBB *cbb)

+tlsext_supportedgroups_client_build(SSL *s, CBB *cbb)

{

const uint16_t *groups;

size_t groups_len;

@@ -201,7 +201,7 @@ tlsext_supportedgroups_clienthello_build(SSL *s, CBB *cbb)

}

int

-tlsext_supportedgroups_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_supportedgroups_server_parse(SSL *s, CBS *cbs, int *alert)

{

CBS grouplist;

size_t groups_len;

@@ -254,19 +254,19 @@ tlsext_supportedgroups_clienthello_parse(SSL *s, CBS *cbs, int *alert)

/* This extension is never used by the server. */

int

-tlsext_supportedgroups_serverhello_needs(SSL *s)

+tlsext_supportedgroups_server_needs(SSL *s)

{

return 0;

}

int

-tlsext_supportedgroups_serverhello_build(SSL *s, CBB *cbb)

+tlsext_supportedgroups_server_build(SSL *s, CBB *cbb)

{

return 0;

}

int

-tlsext_supportedgroups_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_supportedgroups_client_parse(SSL *s, CBS *cbs, int *alert)

{

* Servers should not send this extension per the RFC.

@@ -347,25 +347,25 @@ tlsext_ecpf_parse(SSL *s, CBS *cbs, int *alert)

}

int

-tlsext_ecpf_clienthello_needs(SSL *s)

+tlsext_ecpf_client_needs(SSL *s)

{

return ssl_has_ecc_ciphers(s);

}

int

-tlsext_ecpf_clienthello_build(SSL *s, CBB *cbb)

+tlsext_ecpf_client_build(SSL *s, CBB *cbb)

{

return tlsext_ecpf_build(s, cbb);

}

int

-tlsext_ecpf_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_ecpf_server_parse(SSL *s, CBS *cbs, int *alert)

{

return tlsext_ecpf_parse(s, cbs, alert);

}

int

-tlsext_ecpf_serverhello_needs(SSL *s)

+tlsext_ecpf_server_needs(SSL *s)

{

if (s->version == DTLS1_VERSION)

return 0;

@@ -374,13 +374,13 @@ tlsext_ecpf_serverhello_needs(SSL *s)

}

int

-tlsext_ecpf_serverhello_build(SSL *s, CBB *cbb)

+tlsext_ecpf_server_build(SSL *s, CBB *cbb)

{

return tlsext_ecpf_build(s, cbb);

}

int

-tlsext_ecpf_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_ecpf_client_parse(SSL *s, CBS *cbs, int *alert)

{

return tlsext_ecpf_parse(s, cbs, alert);

}

@@ -389,13 +389,13 @@ tlsext_ecpf_serverhello_parse(SSL *s, CBS *cbs, int *alert)

* Renegotiation Indication - RFC 5746.

int

-tlsext_ri_clienthello_needs(SSL *s)

+tlsext_ri_client_needs(SSL *s)

{

return (s->internal->renegotiate);

}

int

-tlsext_ri_clienthello_build(SSL *s, CBB *cbb)

+tlsext_ri_client_build(SSL *s, CBB *cbb)

{

CBB reneg;

@@ -411,7 +411,7 @@ tlsext_ri_clienthello_build(SSL *s, CBB *cbb)

}

int

-tlsext_ri_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_ri_server_parse(SSL *s, CBS *cbs, int *alert)

{

CBS reneg;

@@ -439,13 +439,13 @@ tlsext_ri_clienthello_parse(SSL *s, CBS *cbs, int *alert)

}

int

-tlsext_ri_serverhello_needs(SSL *s)

+tlsext_ri_server_needs(SSL *s)

{

return (S3I(s)->send_connection_binding);

}

int

-tlsext_ri_serverhello_build(SSL *s, CBB *cbb)

+tlsext_ri_server_build(SSL *s, CBB *cbb)

{

CBB reneg;

@@ -464,7 +464,7 @@ tlsext_ri_serverhello_build(SSL *s, CBB *cbb)

}

int

-tlsext_ri_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_ri_client_parse(SSL *s, CBS *cbs, int *alert)

{

CBS reneg, prev_client, prev_server;

@@ -521,13 +521,13 @@ tlsext_ri_serverhello_parse(SSL *s, CBS *cbs, int *alert)

* Signature Algorithms - RFC 5246 section 7.4.1.4.1.

int

-tlsext_sigalgs_clienthello_needs(SSL *s)

+tlsext_sigalgs_client_needs(SSL *s)

{

return (TLS1_get_client_version(s) >= TLS1_2_VERSION);

}

int

-tlsext_sigalgs_clienthello_build(SSL *s, CBB *cbb)

+tlsext_sigalgs_client_build(SSL *s, CBB *cbb)

{

CBB sigalgs;

@@ -544,7 +544,7 @@ tlsext_sigalgs_clienthello_build(SSL *s, CBB *cbb)

}

int

-tlsext_sigalgs_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_sigalgs_server_parse(SSL *s, CBS *cbs, int *alert)

{

CBS sigalgs;

@@ -555,19 +555,19 @@ tlsext_sigalgs_clienthello_parse(SSL *s, CBS *cbs, int *alert)

}

int

-tlsext_sigalgs_serverhello_needs(SSL *s)

+tlsext_sigalgs_server_needs(SSL *s)

{

return 0;

}

int

-tlsext_sigalgs_serverhello_build(SSL *s, CBB *cbb)

+tlsext_sigalgs_server_build(SSL *s, CBB *cbb)

{

return 0;

}

int

-tlsext_sigalgs_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_sigalgs_client_parse(SSL *s, CBS *cbs, int *alert)

{

/* As per the RFC, servers must not send this extension. */

return 0;

@@ -577,13 +577,13 @@ tlsext_sigalgs_serverhello_parse(SSL *s, CBS *cbs, int *alert)

* Server Name Indication - RFC 6066, section 3.

int

-tlsext_sni_clienthello_needs(SSL *s)

+tlsext_sni_client_needs(SSL *s)

{

return (s->tlsext_hostname != NULL);

}

int

-tlsext_sni_clienthello_build(SSL *s, CBB *cbb)

+tlsext_sni_client_build(SSL *s, CBB *cbb)

{

CBB server_name_list, host_name;

@@ -603,7 +603,7 @@ tlsext_sni_clienthello_build(SSL *s, CBB *cbb)

}

int

-tlsext_sni_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_sni_server_parse(SSL *s, CBS *cbs, int *alert)

{

CBS server_name_list, host_name;

uint8_t name_type;

@@ -661,19 +661,19 @@ tlsext_sni_clienthello_parse(SSL *s, CBS *cbs, int *alert)

}

int

-tlsext_sni_serverhello_needs(SSL *s)

+tlsext_sni_server_needs(SSL *s)

{

return (s->session->tlsext_hostname != NULL);

}

int

-tlsext_sni_serverhello_build(SSL *s, CBB *cbb)

+tlsext_sni_server_build(SSL *s, CBB *cbb)

{

return 1;

}

int

-tlsext_sni_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_sni_client_parse(SSL *s, CBS *cbs, int *alert)

{

if (s->tlsext_hostname == NULL || CBS_len(cbs) != 0) {

*alert = TLS1_AD_UNRECOGNIZED_NAME;

@@ -711,14 +711,14 @@ tlsext_sni_serverhello_parse(SSL *s, CBS *cbs, int *alert)

int

-tlsext_ocsp_clienthello_needs(SSL *s)

+tlsext_ocsp_client_needs(SSL *s)

{

return (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&

s->version != DTLS1_VERSION);

}

int

-tlsext_ocsp_clienthello_build(SSL *s, CBB *cbb)

+tlsext_ocsp_client_build(SSL *s, CBB *cbb)

{

CBB respid_list, respid, exts;

unsigned char *ext_data;

@@ -762,7 +762,7 @@ tlsext_ocsp_clienthello_build(SSL *s, CBB *cbb)

}

int

-tlsext_ocsp_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_ocsp_server_parse(SSL *s, CBS *cbs, int *alert)

{

int failure = SSL_AD_DECODE_ERROR;

CBS respid_list, respid, exts;

@@ -836,19 +836,19 @@ tlsext_ocsp_clienthello_parse(SSL *s, CBS *cbs, int *alert)

}

int

-tlsext_ocsp_serverhello_needs(SSL *s)

+tlsext_ocsp_server_needs(SSL *s)

{

return s->internal->tlsext_status_expected;

}

int

-tlsext_ocsp_serverhello_build(SSL *s, CBB *cbb)

+tlsext_ocsp_server_build(SSL *s, CBB *cbb)

{

return 1;

}

int

-tlsext_ocsp_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_ocsp_client_parse(SSL *s, CBS *cbs, int *alert)

{

if (s->tlsext_status_type == -1) {

*alert = TLS1_AD_UNSUPPORTED_EXTENSION;

@@ -863,7 +863,7 @@ tlsext_ocsp_serverhello_parse(SSL *s, CBS *cbs, int *alert)

* SessionTicket extension - RFC 5077 section 3.2

int

-tlsext_sessionticket_clienthello_needs(SSL *s)

+tlsext_sessionticket_client_needs(SSL *s)

{

* Send session ticket extension when enabled and not overridden.

@@ -884,7 +884,7 @@ tlsext_sessionticket_clienthello_needs(SSL *s)

}

int

-tlsext_sessionticket_clienthello_build(SSL *s, CBB *cbb)

+tlsext_sessionticket_client_build(SSL *s, CBB *cbb)

{

* Signal that we support session tickets by sending an empty

@@ -927,7 +927,7 @@ tlsext_sessionticket_clienthello_build(SSL *s, CBB *cbb)

}

int

-tlsext_sessionticket_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_sessionticket_server_parse(SSL *s, CBS *cbs, int *alert)

{

if (s->internal->tls_session_ticket_ext_cb) {

if (!s->internal->tls_session_ticket_ext_cb(s, CBS_data(cbs),

@@ -948,22 +948,21 @@ tlsext_sessionticket_clienthello_parse(SSL *s, CBS *cbs, int *alert)

}

int

-tlsext_sessionticket_serverhello_needs(SSL *s)

+tlsext_sessionticket_server_needs(SSL *s)

{

return (s->internal->tlsext_ticket_expected &&

!(SSL_get_options(s) & SSL_OP_NO_TICKET));

}

int

-tlsext_sessionticket_serverhello_build(SSL *s, CBB *cbb)

+tlsext_sessionticket_server_build(SSL *s, CBB *cbb)

{

/* Empty ticket */

return 1;

}

int

-tlsext_sessionticket_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_sessionticket_client_parse(SSL *s, CBS *cbs, int *alert)

{

if (s->internal->tls_session_ticket_ext_cb) {

if (!s->internal->tls_session_ticket_ext_cb(s, CBS_data(cbs),

@@ -991,13 +990,13 @@ tlsext_sessionticket_serverhello_parse(SSL *s, CBS *cbs, int *alert)

#ifndef OPENSSL_NO_SRTP

int

-tlsext_srtp_clienthello_needs(SSL *s)

+tlsext_srtp_client_needs(SSL *s)

{

return SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s) != NULL;

}

int

-tlsext_srtp_clienthello_build(SSL *s, CBB *cbb)

+tlsext_srtp_client_build(SSL *s, CBB *cbb)

{

CBB profiles, mki;

int ct, i;

@@ -1034,7 +1033,7 @@ tlsext_srtp_clienthello_build(SSL *s, CBB *cbb)

}

int

-tlsext_srtp_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_srtp_server_parse(SSL *s, CBS *cbs, int *alert)

{

SRTP_PROTECTION_PROFILE *cprof, *sprof;

STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = NULL, *srvr;

@@ -1114,13 +1113,13 @@ tlsext_srtp_clienthello_parse(SSL *s, CBS *cbs, int *alert)

}

int

-tlsext_srtp_serverhello_needs(SSL *s)

+tlsext_srtp_server_needs(SSL *s)

{

return SSL_IS_DTLS(s) && SSL_get_selected_srtp_profile(s) != NULL;

}

int

-tlsext_srtp_serverhello_build(SSL *s, CBB *cbb)

+tlsext_srtp_server_build(SSL *s, CBB *cbb)

{

SRTP_PROTECTION_PROFILE *profile;

CBB srtp, mki;

@@ -1144,7 +1143,7 @@ tlsext_srtp_serverhello_build(SSL *s, CBB *cbb)

}

int

-tlsext_srtp_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_srtp_client_parse(SSL *s, CBS *cbs, int *alert)

{

STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;

SRTP_PROTECTION_PROFILE *prof;

@@ -1202,127 +1201,127 @@ struct tls_extension_funcs {

struct tls_extension {

uint16_t type;

- struct tls_extension_funcs clienthello;

- struct tls_extension_funcs serverhello;

+ struct tls_extension_funcs client;

+ struct tls_extension_funcs server;

};

static struct tls_extension tls_extensions[] = {

{

.type = TLSEXT_TYPE_server_name,

- .clienthello = {

- .needs = tlsext_sni_clienthello_needs,

- .build = tlsext_sni_clienthello_build,

- .parse = tlsext_sni_clienthello_parse,

+ .client = {

+ .needs = tlsext_sni_client_needs,

+ .build = tlsext_sni_client_build,

+ .parse = tlsext_sni_server_parse,

- .serverhello = {

- .needs = tlsext_sni_serverhello_needs,

- .build = tlsext_sni_serverhello_build,

- .parse = tlsext_sni_serverhello_parse,

+ .server = {

+ .needs = tlsext_sni_server_needs,

+ .build = tlsext_sni_server_build,

+ .parse = tlsext_sni_client_parse,

{

.type = TLSEXT_TYPE_renegotiate,

- .clienthello = {

- .needs = tlsext_ri_clienthello_needs,

- .build = tlsext_ri_clienthello_build,

- .parse = tlsext_ri_clienthello_parse,

+ .client = {

+ .needs = tlsext_ri_client_needs,

+ .build = tlsext_ri_client_build,

+ .parse = tlsext_ri_server_parse,

- .serverhello = {

- .needs = tlsext_ri_serverhello_needs,

- .build = tlsext_ri_serverhello_build,

- .parse = tlsext_ri_serverhello_parse,

+ .server = {

+ .needs = tlsext_ri_server_needs,

+ .build = tlsext_ri_server_build,

+ .parse = tlsext_ri_client_parse,

{

.type = TLSEXT_TYPE_status_request,

- .clienthello = {

- .needs = tlsext_ocsp_clienthello_needs,

- .build = tlsext_ocsp_clienthello_build,

- .parse = tlsext_ocsp_clienthello_parse,

+ .client = {

+ .needs = tlsext_ocsp_client_needs,

+ .build = tlsext_ocsp_client_build,

+ .parse = tlsext_ocsp_server_parse,

- .serverhello = {

- .needs = tlsext_ocsp_serverhello_needs,

- .build = tlsext_ocsp_serverhello_build,

- .parse = tlsext_ocsp_serverhello_parse,

+ .server = {

+ .needs = tlsext_ocsp_server_needs,

+ .build = tlsext_ocsp_server_build,

+ .parse = tlsext_ocsp_client_parse,

{

.type = TLSEXT_TYPE_ec_point_formats,

- .clienthello = {

- .needs = tlsext_ecpf_clienthello_needs,

- .build = tlsext_ecpf_clienthello_build,

- .parse = tlsext_ecpf_clienthello_parse,

+ .client = {

+ .needs = tlsext_ecpf_client_needs,

+ .build = tlsext_ecpf_client_build,

+ .parse = tlsext_ecpf_server_parse,

- .serverhello = {

- .needs = tlsext_ecpf_serverhello_needs,

- .build = tlsext_ecpf_serverhello_build,

- .parse = tlsext_ecpf_serverhello_parse,

+ .server = {

+ .needs = tlsext_ecpf_server_needs,

+ .build = tlsext_ecpf_server_build,

+ .parse = tlsext_ecpf_client_parse,

{

.type = TLSEXT_TYPE_supported_groups,

- .clienthello = {

- .needs = tlsext_supportedgroups_clienthello_needs,

- .build = tlsext_supportedgroups_clienthello_build,

- .parse = tlsext_supportedgroups_clienthello_parse,

+ .client = {

+ .needs = tlsext_supportedgroups_client_needs,

+ .build = tlsext_supportedgroups_client_build,

+ .parse = tlsext_supportedgroups_server_parse,

- .serverhello = {

- .needs = tlsext_supportedgroups_serverhello_needs,

- .build = tlsext_supportedgroups_serverhello_build,

- .parse = tlsext_supportedgroups_serverhello_parse,

+ .server = {

+ .needs = tlsext_supportedgroups_server_needs,

+ .build = tlsext_supportedgroups_server_build,

+ .parse = tlsext_supportedgroups_client_parse,

{

.type = TLSEXT_TYPE_session_ticket,

- .clienthello = {

- .needs = tlsext_sessionticket_clienthello_needs,

- .build = tlsext_sessionticket_clienthello_build,

- .parse = tlsext_sessionticket_clienthello_parse,

+ .client = {

+ .needs = tlsext_sessionticket_client_needs,

+ .build = tlsext_sessionticket_client_build,

+ .parse = tlsext_sessionticket_server_parse,

- .serverhello = {

- .needs = tlsext_sessionticket_serverhello_needs,

- .build = tlsext_sessionticket_serverhello_build,

- .parse = tlsext_sessionticket_serverhello_parse,

+ .server = {

+ .needs = tlsext_sessionticket_server_needs,

+ .build = tlsext_sessionticket_server_build,

+ .parse = tlsext_sessionticket_client_parse,

{

.type = TLSEXT_TYPE_signature_algorithms,

- .clienthello = {

- .needs = tlsext_sigalgs_clienthello_needs,

- .build = tlsext_sigalgs_clienthello_build,

- .parse = tlsext_sigalgs_clienthello_parse,

+ .client = {

+ .needs = tlsext_sigalgs_client_needs,

+ .build = tlsext_sigalgs_client_build,

+ .parse = tlsext_sigalgs_server_parse,

- .serverhello = {

- .needs = tlsext_sigalgs_serverhello_needs,

- .build = tlsext_sigalgs_serverhello_build,

- .parse = tlsext_sigalgs_serverhello_parse,

+ .server = {

+ .needs = tlsext_sigalgs_server_needs,

+ .build = tlsext_sigalgs_server_build,

+ .parse = tlsext_sigalgs_client_parse,

{

.type = TLSEXT_TYPE_application_layer_protocol_negotiation,

- .clienthello = {

- .needs = tlsext_alpn_clienthello_needs,

- .build = tlsext_alpn_clienthello_build,

- .parse = tlsext_alpn_clienthello_parse,

+ .client = {

+ .needs = tlsext_alpn_client_needs,

+ .build = tlsext_alpn_client_build,

+ .parse = tlsext_alpn_server_parse,

- .serverhello = {

- .needs = tlsext_alpn_serverhello_needs,

- .build = tlsext_alpn_serverhello_build,

- .parse = tlsext_alpn_serverhello_parse,

+ .server = {

+ .needs = tlsext_alpn_server_needs,

+ .build = tlsext_alpn_server_build,

+ .parse = tlsext_alpn_client_parse,

#ifndef OPENSSL_NO_SRTP

{

.type = TLSEXT_TYPE_use_srtp,

- .clienthello = {

- .needs = tlsext_srtp_clienthello_needs,

- .build = tlsext_srtp_clienthello_build,

- .parse = tlsext_srtp_clienthello_parse,

+ .client = {

+ .needs = tlsext_srtp_client_needs,

+ .build = tlsext_srtp_client_build,

+ .parse = tlsext_srtp_server_parse,

- .serverhello = {

- .needs = tlsext_srtp_serverhello_needs,

- .build = tlsext_srtp_serverhello_build,

- .parse = tlsext_srtp_serverhello_parse,

+ .server = {

+ .needs = tlsext_srtp_server_needs,

+ .build = tlsext_srtp_server_build,

+ .parse = tlsext_srtp_client_parse,

}

#endif /* OPENSSL_NO_SRTP */

@@ -1349,16 +1348,16 @@ tls_extension_find(uint16_t type, size_t *tls_extensions_idx)

}

static struct tls_extension_funcs *

-tlsext_funcs(struct tls_extension *tlsext, int is_serverhello)

+tlsext_funcs(struct tls_extension *tlsext, int is_server)

{

- if (is_serverhello)

- return &tlsext->serverhello;

+ if (is_server)

+ return &tlsext->server;

- return &tlsext->clienthello;

+ return &tlsext->client;

}

static int

-tlsext_build(SSL *s, CBB *cbb, int is_serverhello)

+tlsext_build(SSL *s, CBB *cbb, int is_server)

{

struct tls_extension_funcs *ext;

struct tls_extension *tlsext;

@@ -1371,7 +1370,7 @@ tlsext_build(SSL *s, CBB *cbb, int is_serverhello)

for (i = 0; i < N_TLS_EXTENSIONS; i++) {

tlsext = &tls_extensions[i];

- ext = tlsext_funcs(tlsext, is_serverhello);

+ ext = tlsext_funcs(tlsext, is_server);

if (!ext->needs(s))

continue;

@@ -1397,7 +1396,7 @@ tlsext_build(SSL *s, CBB *cbb, int is_serverhello)

}

static int

-tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_serverhello)

+tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server)

{

struct tls_extension_funcs *ext;

struct tls_extension *tlsext;

@@ -1422,7 +1421,7 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_serverhello)

return 0;

if (s->internal->tlsext_debug_cb != NULL)

- s->internal->tlsext_debug_cb(s, is_serverhello, type,

+ s->internal->tlsext_debug_cb(s, is_server, type,

(unsigned char *)CBS_data(&extension_data),

CBS_len(&extension_data),

s->internal->tlsext_debug_arg);

@@ -1436,7 +1435,7 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_serverhello)

return 0;

extensions_seen |= (1 << idx);

- ext = tlsext_funcs(tlsext, is_serverhello);

+ ext = tlsext_funcs(tlsext, is_server);

if (!ext->parse(s, &extension_data, alert))

return 0;

@@ -1448,7 +1447,7 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_serverhello)

}

static void

-tlsext_clienthello_reset_state(SSL *s)

+tlsext_client_reset_state(SSL *s)

{

s->internal->servername_done = 0;

s->tlsext_status_type = -1;

@@ -1459,22 +1458,22 @@ tlsext_clienthello_reset_state(SSL *s)

}

int

-tlsext_clienthello_build(SSL *s, CBB *cbb)

+tlsext_client_build(SSL *s, CBB *cbb, uint16_t msg_type)

{

return tlsext_build(s, cbb, 0);

}

int

-tlsext_clienthello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_server_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type)

{

/* XXX - this possibly should be done by the caller... */

- tlsext_clienthello_reset_state(s);

+ tlsext_client_reset_state(s);

return tlsext_parse(s, cbs, alert, 0);

}

static void

-tlsext_serverhello_reset_state(SSL *s)

+tlsext_server_reset_state(SSL *s)

{

S3I(s)->renegotiate_seen = 0;

free(S3I(s)->alpn_selected);

@@ -1482,16 +1481,16 @@ tlsext_serverhello_reset_state(SSL *s)

}

int

-tlsext_serverhello_build(SSL *s, CBB *cbb)

+tlsext_server_build(SSL *s, CBB *cbb, uint16_t msg_type)

{

return tlsext_build(s, cbb, 1);

}

int

-tlsext_serverhello_parse(SSL *s, CBS *cbs, int *alert)

+tlsext_client_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type)

{

/* XXX - this possibly should be done by the caller... */

- tlsext_serverhello_reset_state(s);

+ tlsext_server_reset_state(s);

return tlsext_parse(s, cbs, alert, 1);

}

diff --git a/lib/libssl/ssl_tlsext.h b/lib/libssl/ssl_tlsext.h
index b6108ea45aa..e5c1628c985 100644
--- a/lib/libssl/ssl_tlsext.h
+++ b/lib/libssl/ssl_tlsext.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_tlsext.h,v 1.14 2018/11/09 03:17:24 jsing Exp $ */

+/* $OpenBSD: ssl_tlsext.h,v 1.15 2019/01/18 00:54:42 jsing Exp $ */

@@ -19,78 +19,87 @@

#ifndef HEADER_SSL_TLSEXT_H

#define HEADER_SSL_TLSEXT_H

+/* TLSv1.3 - RFC 8446 Section 4.2. */

+#define SSL_TLSEXT_MSG_CH 0x0001 /* ClientHello */

+#define SSL_TLSEXT_MSG_SH 0x0002 /* ServerHello */

+#define SSL_TLSEXT_MSG_EE 0x0004 /* EncryptedExtension */

+#define SSL_TLSEXT_MSG_CT 0x0008 /* Certificate */

+#define SSL_TLSEXT_MSG_CR 0x0010 /* CertificateRequest */

+#define SSL_TLSEXT_MSG_NST 0x0020 /* NewSessionTicket */

+#define SSL_TLSEXT_MSG_HRR 0x0030 /* HelloRetryRequest */

__BEGIN_HIDDEN_DECLS

-int tlsext_alpn_clienthello_needs(SSL *s);

-int tlsext_alpn_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_alpn_clienthello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_alpn_serverhello_needs(SSL *s);

-int tlsext_alpn_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_alpn_serverhello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_ri_clienthello_needs(SSL *s);

-int tlsext_ri_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_ri_clienthello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_ri_serverhello_needs(SSL *s);

-int tlsext_ri_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_ri_serverhello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_sigalgs_clienthello_needs(SSL *s);

-int tlsext_sigalgs_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_sigalgs_clienthello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_sigalgs_serverhello_needs(SSL *s);

-int tlsext_sigalgs_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_sigalgs_serverhello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_sni_clienthello_needs(SSL *s);

-int tlsext_sni_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_sni_clienthello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_sni_serverhello_needs(SSL *s);

-int tlsext_sni_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_sni_serverhello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_supportedgroups_clienthello_needs(SSL *s);

-int tlsext_supportedgroups_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_supportedgroups_clienthello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_supportedgroups_serverhello_needs(SSL *s);

-int tlsext_supportedgroups_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_supportedgroups_serverhello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_ecpf_clienthello_needs(SSL *s);

-int tlsext_ecpf_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_ecpf_clienthello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_ecpf_serverhello_needs(SSL *s);

-int tlsext_ecpf_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_ecpf_serverhello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_ocsp_clienthello_needs(SSL *s);

-int tlsext_ocsp_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_ocsp_clienthello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_ocsp_serverhello_needs(SSL *s);

-int tlsext_ocsp_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_ocsp_serverhello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_sessionticket_clienthello_needs(SSL *s);

-int tlsext_sessionticket_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_sessionticket_clienthello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_sessionticket_serverhello_needs(SSL *s);

-int tlsext_sessionticket_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_sessionticket_serverhello_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_alpn_client_needs(SSL *s);

+int tlsext_alpn_client_build(SSL *s, CBB *cbb);

+int tlsext_alpn_client_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_alpn_server_needs(SSL *s);

+int tlsext_alpn_server_build(SSL *s, CBB *cbb);

+int tlsext_alpn_server_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_ri_client_needs(SSL *s);

+int tlsext_ri_client_build(SSL *s, CBB *cbb);

+int tlsext_ri_client_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_ri_server_needs(SSL *s);

+int tlsext_ri_server_build(SSL *s, CBB *cbb);

+int tlsext_ri_server_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_sigalgs_client_needs(SSL *s);

+int tlsext_sigalgs_client_build(SSL *s, CBB *cbb);

+int tlsext_sigalgs_client_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_sigalgs_server_needs(SSL *s);

+int tlsext_sigalgs_server_build(SSL *s, CBB *cbb);

+int tlsext_sigalgs_server_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_sni_client_needs(SSL *s);

+int tlsext_sni_client_build(SSL *s, CBB *cbb);

+int tlsext_sni_client_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_sni_server_needs(SSL *s);

+int tlsext_sni_server_build(SSL *s, CBB *cbb);

+int tlsext_sni_server_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_supportedgroups_client_needs(SSL *s);

+int tlsext_supportedgroups_client_build(SSL *s, CBB *cbb);

+int tlsext_supportedgroups_client_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_supportedgroups_server_needs(SSL *s);

+int tlsext_supportedgroups_server_build(SSL *s, CBB *cbb);

+int tlsext_supportedgroups_server_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_ecpf_client_needs(SSL *s);

+int tlsext_ecpf_client_build(SSL *s, CBB *cbb);

+int tlsext_ecpf_client_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_ecpf_server_needs(SSL *s);

+int tlsext_ecpf_server_build(SSL *s, CBB *cbb);

+int tlsext_ecpf_server_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_ocsp_client_needs(SSL *s);

+int tlsext_ocsp_client_build(SSL *s, CBB *cbb);

+int tlsext_ocsp_client_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_ocsp_server_needs(SSL *s);

+int tlsext_ocsp_server_build(SSL *s, CBB *cbb);

+int tlsext_ocsp_server_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_sessionticket_client_needs(SSL *s);

+int tlsext_sessionticket_client_build(SSL *s, CBB *cbb);

+int tlsext_sessionticket_client_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_sessionticket_server_needs(SSL *s);

+int tlsext_sessionticket_server_build(SSL *s, CBB *cbb);

+int tlsext_sessionticket_server_parse(SSL *s, CBS *cbs, int *alert);

#ifndef OPENSSL_NO_SRTP

-int tlsext_srtp_clienthello_needs(SSL *s);

-int tlsext_srtp_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_srtp_clienthello_parse(SSL *s, CBS *cbs, int *alert);

-int tlsext_srtp_serverhello_needs(SSL *s);

-int tlsext_srtp_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_srtp_serverhello_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_srtp_client_needs(SSL *s);

+int tlsext_srtp_client_build(SSL *s, CBB *cbb);

+int tlsext_srtp_client_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_srtp_server_needs(SSL *s);

+int tlsext_srtp_server_build(SSL *s, CBB *cbb);

+int tlsext_srtp_server_parse(SSL *s, CBS *cbs, int *alert);

#endif

-int tlsext_clienthello_build(SSL *s, CBB *cbb);

-int tlsext_clienthello_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_client_build(SSL *s, CBB *cbb, uint16_t msg_type);

+int tlsext_client_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type);

-int tlsext_serverhello_build(SSL *s, CBB *cbb);

-int tlsext_serverhello_parse(SSL *s, CBS *cbs, int *alert);

+int tlsext_server_build(SSL *s, CBB *cbb, uint16_t msg_type);

+int tlsext_server_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type);

__END_HIDDEN_DECLS