summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/tls13_client.c106
-rw-r--r--lib/libssl/tls13_internal.h9
-rw-r--r--lib/libssl/tls13_legacy.c191
-rw-r--r--lib/libssl/tls13_server.c99
4 files changed, 206 insertions, 199 deletions
diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c
index 5bd7681f190..79318d93135 100644
--- a/lib/libssl/tls13_client.c
+++ b/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.53 2020/04/28 20:30:40 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.54 2020/04/28 20:37:22 jsing Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
*
@@ -24,7 +24,7 @@
#include "tls13_handshake.h"
#include "tls13_internal.h"
-static int
+int
tls13_client_init(struct tls13_ctx *ctx)
{
const uint16_t *groups;
@@ -71,8 +71,8 @@ tls13_client_init(struct tls13_ctx *ctx)
return 1;
}
-static int
-tls13_connect(struct tls13_ctx *ctx)
+int
+tls13_client_connect(struct tls13_ctx *ctx)
{
if (ctx->mode != TLS13_HS_CLIENT)
return TLS13_IO_FAILURE;
@@ -80,104 +80,6 @@ tls13_connect(struct tls13_ctx *ctx)
return tls13_handshake_perform(ctx);
}
-int
-tls13_legacy_connect(SSL *ssl)
-{
- struct tls13_ctx *ctx = ssl->internal->tls13;
- int ret;
-
-#ifdef TLS13_USE_LEGACY_CLIENT_AUTH
- /* XXX drop back to legacy for client auth for now */
- if (ssl->cert->key->privatekey != NULL) {
- ssl->method = tls_legacy_client_method();
- return ssl->method->internal->ssl_connect(ssl);
- }
-#endif
-
- if (ctx == NULL) {
- if ((ctx = tls13_ctx_new(TLS13_HS_CLIENT)) == NULL) {
- SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
- return -1;
- }
- ssl->internal->tls13 = ctx;
- ctx->ssl = ssl;
- ctx->hs = &S3I(ssl)->hs_tls13;
-
- if (!tls13_client_init(ctx)) {
- if (ERR_peek_error() == 0)
- SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
- return -1;
- }
- }
-
- ERR_clear_error();
- S3I(ssl)->hs.state = SSL_ST_CONNECT;
-
- ret = tls13_connect(ctx);
- if (ret == TLS13_IO_USE_LEGACY)
- return ssl->method->internal->ssl_connect(ssl);
- if (ret == TLS13_IO_SUCCESS)
- S3I(ssl)->hs.state = SSL_ST_OK;
-
- return tls13_legacy_return_code(ssl, ret);
-}
-
-int
-tls13_use_legacy_client(struct tls13_ctx *ctx)
-{
- SSL *s = ctx->ssl;
- CBS cbs;
-
- s->method = tls_legacy_client_method();
- s->internal->handshake_func = s->method->internal->ssl_connect;
- s->client_version = s->version = s->method->internal->max_version;
-
- if (!ssl3_setup_init_buffer(s))
- goto err;
- if (!ssl3_setup_buffers(s))
- goto err;
- if (!ssl_init_wbio_buffer(s, 0))
- goto err;
-
- if (s->bbio != s->wbio)
- s->wbio = BIO_push(s->bbio, s->wbio);
-
- /* Stash any unprocessed data from the last record. */
- tls13_record_layer_rbuf(ctx->rl, &cbs);
- if (CBS_len(&cbs) > 0) {
- if (!CBS_write_bytes(&cbs,
- S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
- S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
- goto err;
-
- S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
- S3I(s)->rbuf.left = CBS_len(&cbs);
- S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
- S3I(s)->rrec.length = CBS_len(&cbs);
- s->internal->rstate = SSL_ST_READ_BODY;
- s->internal->packet = S3I(s)->rbuf.buf;
- s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
- s->internal->mac_packet = 1;
- }
-
- /* Stash the current handshake message. */
- tls13_handshake_msg_data(ctx->hs_msg, &cbs);
- if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
- s->internal->init_buf->length, NULL))
- goto err;
-
- S3I(s)->tmp.reuse_message = 1;
- S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
- S3I(s)->tmp.message_size = CBS_len(&cbs);
-
- S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
-
- return 1;
-
- err:
- return 0;
-}
-
static int
tls13_client_hello_build(struct tls13_ctx *ctx, CBB *cbb)
{
diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h
index d711f1a58dc..d53672dbfe5 100644
--- a/lib/libssl/tls13_internal.h
+++ b/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.66 2020/04/28 20:30:40 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.67 2020/04/28 20:37:22 jsing Exp $ */
/*
* Copyright (c) 2018 Bob Beck <beck@openbsd.org>
* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -250,6 +250,8 @@ const EVP_MD *tls13_cipher_hash(const SSL_CIPHER *cipher);
/*
* Legacy interfaces.
*/
+int tls13_use_legacy_client(struct tls13_ctx *ctx);
+int tls13_use_legacy_server(struct tls13_ctx *ctx);
int tls13_legacy_accept(SSL *ssl);
int tls13_legacy_connect(SSL *ssl);
int tls13_legacy_return_code(SSL *ssl, ssize_t ret);
@@ -292,6 +294,11 @@ int tls13_legacy_shutdown(SSL *ssl);
int tls13_handshake_msg_record(struct tls13_ctx *ctx);
int tls13_handshake_perform(struct tls13_ctx *ctx);
+int tls13_client_init(struct tls13_ctx *ctx);
+int tls13_server_init(struct tls13_ctx *ctx);
+int tls13_client_connect(struct tls13_ctx *ctx);
+int tls13_server_accept(struct tls13_ctx *ctx);
+
int tls13_client_hello_send(struct tls13_ctx *ctx, CBB *cbb);
int tls13_client_hello_sent(struct tls13_ctx *ctx);
int tls13_client_hello_recv(struct tls13_ctx *ctx, CBS *cbs);
diff --git a/lib/libssl/tls13_legacy.c b/lib/libssl/tls13_legacy.c
index 747bdc2728e..1e18a8258c3 100644
--- a/lib/libssl/tls13_legacy.c
+++ b/lib/libssl/tls13_legacy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_legacy.c,v 1.2 2020/03/10 17:02:21 jsing Exp $ */
+/* $OpenBSD: tls13_legacy.c,v 1.3 2020/04/28 20:37:22 jsing Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
*
@@ -277,6 +277,195 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *vbuf, int len)
}
int
+tls13_use_legacy_client(struct tls13_ctx *ctx)
+{
+ SSL *s = ctx->ssl;
+ CBS cbs;
+
+ s->method = tls_legacy_client_method();
+ s->internal->handshake_func = s->method->internal->ssl_connect;
+ s->client_version = s->version = s->method->internal->max_version;
+
+ if (!ssl3_setup_init_buffer(s))
+ goto err;
+ if (!ssl3_setup_buffers(s))
+ goto err;
+ if (!ssl_init_wbio_buffer(s, 0))
+ goto err;
+
+ if (s->bbio != s->wbio)
+ s->wbio = BIO_push(s->bbio, s->wbio);
+
+ /* Stash any unprocessed data from the last record. */
+ tls13_record_layer_rbuf(ctx->rl, &cbs);
+ if (CBS_len(&cbs) > 0) {
+ if (!CBS_write_bytes(&cbs,
+ S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
+ S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
+ goto err;
+
+ S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
+ S3I(s)->rbuf.left = CBS_len(&cbs);
+ S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
+ S3I(s)->rrec.length = CBS_len(&cbs);
+ s->internal->rstate = SSL_ST_READ_BODY;
+ s->internal->packet = S3I(s)->rbuf.buf;
+ s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
+ s->internal->mac_packet = 1;
+ }
+
+ /* Stash the current handshake message. */
+ tls13_handshake_msg_data(ctx->hs_msg, &cbs);
+ if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
+ s->internal->init_buf->length, NULL))
+ goto err;
+
+ S3I(s)->tmp.reuse_message = 1;
+ S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
+ S3I(s)->tmp.message_size = CBS_len(&cbs);
+
+ S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
+
+ return 1;
+
+ err:
+ return 0;
+}
+
+int
+tls13_use_legacy_server(struct tls13_ctx *ctx)
+{
+ SSL *s = ctx->ssl;
+ CBS cbs;
+
+ s->method = tls_legacy_server_method();
+ s->internal->handshake_func = s->method->internal->ssl_accept;
+ s->client_version = s->version = s->method->internal->max_version;
+ s->server = 1;
+
+ if (!ssl3_setup_init_buffer(s))
+ goto err;
+ if (!ssl3_setup_buffers(s))
+ goto err;
+ if (!ssl_init_wbio_buffer(s, 0))
+ goto err;
+
+ if (s->bbio != s->wbio)
+ s->wbio = BIO_push(s->bbio, s->wbio);
+
+ /* Stash any unprocessed data from the last record. */
+ tls13_record_layer_rbuf(ctx->rl, &cbs);
+ if (CBS_len(&cbs) > 0) {
+ if (!CBS_write_bytes(&cbs,
+ S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
+ S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
+ goto err;
+
+ S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
+ S3I(s)->rbuf.left = CBS_len(&cbs);
+ S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
+ S3I(s)->rrec.length = CBS_len(&cbs);
+ s->internal->rstate = SSL_ST_READ_BODY;
+ s->internal->packet = S3I(s)->rbuf.buf;
+ s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
+ s->internal->mac_packet = 1;
+ }
+
+ /* Stash the current handshake message. */
+ tls13_handshake_msg_data(ctx->hs_msg, &cbs);
+ if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
+ s->internal->init_buf->length, NULL))
+ goto err;
+
+ S3I(s)->tmp.reuse_message = 1;
+ S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
+ S3I(s)->tmp.message_size = CBS_len(&cbs);
+
+ S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A;
+
+ return 1;
+
+ err:
+ return 0;
+}
+
+int
+tls13_legacy_accept(SSL *ssl)
+{
+ struct tls13_ctx *ctx = ssl->internal->tls13;
+ int ret;
+
+ if (ctx == NULL) {
+ if ((ctx = tls13_ctx_new(TLS13_HS_SERVER)) == NULL) {
+ SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+ return -1;
+ }
+ ssl->internal->tls13 = ctx;
+ ctx->ssl = ssl;
+ ctx->hs = &S3I(ssl)->hs_tls13;
+
+ if (!tls13_server_init(ctx)) {
+ if (ERR_peek_error() == 0)
+ SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+ return -1;
+ }
+ }
+
+ ERR_clear_error();
+ S3I(ssl)->hs.state = SSL_ST_ACCEPT;
+
+ ret = tls13_server_accept(ctx);
+ if (ret == TLS13_IO_USE_LEGACY)
+ return ssl->method->internal->ssl_accept(ssl);
+ if (ret == TLS13_IO_SUCCESS)
+ S3I(ssl)->hs.state = SSL_ST_OK;
+
+ return tls13_legacy_return_code(ssl, ret);
+}
+
+int
+tls13_legacy_connect(SSL *ssl)
+{
+ struct tls13_ctx *ctx = ssl->internal->tls13;
+ int ret;
+
+#ifdef TLS13_USE_LEGACY_CLIENT_AUTH
+ /* XXX drop back to legacy for client auth for now */
+ if (ssl->cert->key->privatekey != NULL) {
+ ssl->method = tls_legacy_client_method();
+ return ssl->method->internal->ssl_connect(ssl);
+ }
+#endif
+
+ if (ctx == NULL) {
+ if ((ctx = tls13_ctx_new(TLS13_HS_CLIENT)) == NULL) {
+ SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+ return -1;
+ }
+ ssl->internal->tls13 = ctx;
+ ctx->ssl = ssl;
+ ctx->hs = &S3I(ssl)->hs_tls13;
+
+ if (!tls13_client_init(ctx)) {
+ if (ERR_peek_error() == 0)
+ SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
+ return -1;
+ }
+ }
+
+ ERR_clear_error();
+ S3I(ssl)->hs.state = SSL_ST_CONNECT;
+
+ ret = tls13_client_connect(ctx);
+ if (ret == TLS13_IO_USE_LEGACY)
+ return ssl->method->internal->ssl_connect(ssl);
+ if (ret == TLS13_IO_SUCCESS)
+ S3I(ssl)->hs.state = SSL_ST_OK;
+
+ return tls13_legacy_return_code(ssl, ret);
+}
+
+int
tls13_legacy_shutdown(SSL *ssl)
{
struct tls13_ctx *ctx = ssl->internal->tls13;
diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c
index 864e434fda0..4fa1aba31de 100644
--- a/lib/libssl/tls13_server.c
+++ b/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.33 2020/04/27 20:15:17 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.34 2020/04/28 20:37:22 jsing Exp $ */
/*
* Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -22,7 +22,7 @@
#include "tls13_handshake.h"
#include "tls13_internal.h"
-static int
+int
tls13_server_init(struct tls13_ctx *ctx)
{
SSL *s = ctx->ssl;
@@ -45,8 +45,8 @@ tls13_server_init(struct tls13_ctx *ctx)
return 1;
}
-static int
-tls13_accept(struct tls13_ctx *ctx)
+int
+tls13_server_accept(struct tls13_ctx *ctx)
{
if (ctx->mode != TLS13_HS_SERVER)
return TLS13_IO_FAILURE;
@@ -54,97 +54,6 @@ tls13_accept(struct tls13_ctx *ctx)
return tls13_handshake_perform(ctx);
}
-int
-tls13_legacy_accept(SSL *ssl)
-{
- struct tls13_ctx *ctx = ssl->internal->tls13;
- int ret;
-
- if (ctx == NULL) {
- if ((ctx = tls13_ctx_new(TLS13_HS_SERVER)) == NULL) {
- SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
- return -1;
- }
- ssl->internal->tls13 = ctx;
- ctx->ssl = ssl;
- ctx->hs = &S3I(ssl)->hs_tls13;
-
- if (!tls13_server_init(ctx)) {
- if (ERR_peek_error() == 0)
- SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */
- return -1;
- }
- }
-
- ERR_clear_error();
- S3I(ssl)->hs.state = SSL_ST_ACCEPT;
-
- ret = tls13_accept(ctx);
- if (ret == TLS13_IO_USE_LEGACY)
- return ssl->method->internal->ssl_accept(ssl);
- if (ret == TLS13_IO_SUCCESS)
- S3I(ssl)->hs.state = SSL_ST_OK;
-
- return tls13_legacy_return_code(ssl, ret);
-}
-
-int
-tls13_use_legacy_server(struct tls13_ctx *ctx)
-{
- SSL *s = ctx->ssl;
- CBS cbs;
-
- s->method = tls_legacy_server_method();
- s->internal->handshake_func = s->method->internal->ssl_accept;
- s->client_version = s->version = s->method->internal->max_version;
- s->server = 1;
-
- if (!ssl3_setup_init_buffer(s))
- goto err;
- if (!ssl3_setup_buffers(s))
- goto err;
- if (!ssl_init_wbio_buffer(s, 0))
- goto err;
-
- if (s->bbio != s->wbio)
- s->wbio = BIO_push(s->bbio, s->wbio);
-
- /* Stash any unprocessed data from the last record. */
- tls13_record_layer_rbuf(ctx->rl, &cbs);
- if (CBS_len(&cbs) > 0) {
- if (!CBS_write_bytes(&cbs,
- S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH,
- S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL))
- goto err;
-
- S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH;
- S3I(s)->rbuf.left = CBS_len(&cbs);
- S3I(s)->rrec.type = SSL3_RT_HANDSHAKE;
- S3I(s)->rrec.length = CBS_len(&cbs);
- s->internal->rstate = SSL_ST_READ_BODY;
- s->internal->packet = S3I(s)->rbuf.buf;
- s->internal->packet_length = SSL3_RT_HEADER_LENGTH;
- s->internal->mac_packet = 1;
- }
-
- /* Stash the current handshake message. */
- tls13_handshake_msg_data(ctx->hs_msg, &cbs);
- if (!CBS_write_bytes(&cbs, s->internal->init_buf->data,
- s->internal->init_buf->length, NULL))
- goto err;
-
- S3I(s)->tmp.reuse_message = 1;
- S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg);
- S3I(s)->tmp.message_size = CBS_len(&cbs);
-
- S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A;
-
- return 1;
-
- err:
- return 0;
-}
-
static int
tls13_client_hello_is_legacy(CBS *cbs)
{