diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2020-01-23 05:08:31 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2020-01-23 05:08:31 +0000 |
| commit | 83911a0cf9ebdba2116f0f04c152a4223f77dbc8 (patch) | |
| tree | deee86b200733c62abda12f831415813681e9508 /lib | |
| parent | dec3580b0de9ea03ecebb1fc02faa58828418f0a (diff) | |
Implement pending for TLSv1.3.
Makes `openssl s_client -peekaboo` work with TLSv1.3.
ok beck@ tb@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/ssl_methods.c | 6 | ||||
| -rw-r--r-- | lib/libssl/tls13_internal.h | 4 | ||||
| -rw-r--r-- | lib/libssl/tls13_lib.c | 18 | ||||
| -rw-r--r-- | lib/libssl/tls13_record_layer.c | 20 |
4 files changed, 42 insertions, 6 deletions
diff --git a/lib/libssl/ssl_methods.c b/lib/libssl/ssl_methods.c index 355cd8823a9..8e4b678d3af 100644 --- a/lib/libssl/ssl_methods.c +++ b/lib/libssl/ssl_methods.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_methods.c,v 1.9 2020/01/23 03:17:40 jsing Exp $ */ +/* $OpenBSD: ssl_methods.c,v 1.10 2020/01/23 05:08:30 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -231,7 +231,7 @@ static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { .ssl_renegotiate = ssl_undefined_function, .ssl_renegotiate_check = ssl_ok, .ssl_get_message = ssl3_get_message, - .ssl_pending = ssl3_pending, + .ssl_pending = tls13_legacy_pending, .ssl_read_bytes = tls13_legacy_read_bytes, .ssl_write_bytes = tls13_legacy_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, @@ -608,7 +608,7 @@ static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = { .ssl_renegotiate = ssl_undefined_function, .ssl_renegotiate_check = ssl_ok, .ssl_get_message = ssl3_get_message, - .ssl_pending = ssl3_pending, + .ssl_pending = tls13_legacy_pending, .ssl_read_bytes = tls13_legacy_read_bytes, .ssl_write_bytes = tls13_legacy_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h index 4d6d6264338..12ba5750a0d 100644 --- a/lib/libssl/tls13_internal.h +++ b/lib/libssl/tls13_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_internal.h,v 1.47 2020/01/23 02:49:38 jsing Exp $ */ +/* $OpenBSD: tls13_internal.h,v 1.48 2020/01/23 05:08:30 jsing Exp $ */ /* * Copyright (c) 2018 Bob Beck <beck@openbsd.org> * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> @@ -138,6 +138,7 @@ ssize_t tls13_record_layer_phh(struct tls13_record_layer *rl, CBS *cbs); ssize_t tls13_read_handshake_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n); ssize_t tls13_write_handshake_data(struct tls13_record_layer *rl, const uint8_t *buf, size_t n); +ssize_t tls13_pending_application_data(struct tls13_record_layer *rl); ssize_t tls13_peek_application_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n); ssize_t tls13_read_application_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n); ssize_t tls13_write_application_data(struct tls13_record_layer *rl, const uint8_t *buf, @@ -223,6 +224,7 @@ int tls13_legacy_connect(SSL *ssl); int tls13_legacy_return_code(SSL *ssl, ssize_t ret); ssize_t tls13_legacy_wire_read_cb(void *buf, size_t n, void *arg); ssize_t tls13_legacy_wire_write_cb(const void *buf, size_t n, void *arg); +int tls13_legacy_pending(const SSL *ssl); int tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int peek); int tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len); diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c index 727f617471c..de3e840a84f 100644 --- a/lib/libssl/tls13_lib.c +++ b/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.22 2020/01/23 02:49:38 jsing Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.23 2020/01/23 05:08:30 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * Copyright (c) 2019 Bob Beck <beck@openbsd.org> @@ -411,6 +411,22 @@ tls13_legacy_return_code(SSL *ssl, ssize_t ret) } int +tls13_legacy_pending(const SSL *ssl) +{ + struct tls13_ctx *ctx = ssl->internal->tls13; + ssize_t ret; + + if (ctx == NULL) + return 0; + + ret = tls13_pending_application_data(ctx->rl); + if (ret < 0 || ret > INT_MAX) + return 0; + + return ret; +} + +int tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int peek) { struct tls13_ctx *ctx = ssl->internal->tls13; diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c index f6dbbf1550b..aa8968484b5 100644 --- a/lib/libssl/tls13_record_layer.c +++ b/lib/libssl/tls13_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record_layer.c,v 1.23 2020/01/23 02:49:38 jsing Exp $ */ +/* $OpenBSD: tls13_record_layer.c,v 1.24 2020/01/23 05:08:30 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * @@ -815,6 +815,15 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl) } ssize_t +tls13_record_layer_pending(struct tls13_record_layer *rl, uint8_t content_type) +{ + if (rl->rbuf_content_type != content_type) + return 0; + + return CBS_len(&rl->rbuf_cbs); +} + +static ssize_t tls13_record_layer_read_internal(struct tls13_record_layer *rl, uint8_t content_type, uint8_t *buf, size_t n, int peek) { @@ -1026,6 +1035,15 @@ tls13_write_handshake_data(struct tls13_record_layer *rl, const uint8_t *buf, } ssize_t +tls13_pending_application_data(struct tls13_record_layer *rl) +{ + if (!rl->handshake_completed) + return 0; + + return tls13_record_layer_pending(rl, SSL3_RT_APPLICATION_DATA); +} + +ssize_t tls13_peek_application_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n) { if (!rl->handshake_completed) |