X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_lib.c;h=00e02f4dc7944ab4dda5c3eb94f2643d0eff948d;hp=4e2dae0ee89b095669f8b5ef747284461a101022;hb=4fd39122e51c3c44fcb72fb9b732d5008efda399;hpb=c36001c3a89691e21dc4940425fc880c89c57ffc diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 4e2dae0ee8..00e02f4dc7 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -590,6 +590,7 @@ int SSL_clear(SSL *s) OPENSSL_free(s->psksession_id); s->psksession_id = NULL; s->psksession_id_len = 0; + s->hello_retry_request = 0; s->error = 0; s->hit = 0; @@ -613,6 +614,9 @@ int SSL_clear(SSL *s) s->key_update = SSL_KEY_UPDATE_NONE; + EVP_MD_CTX_free(s->pha_dgst); + s->pha_dgst = NULL; + /* Reset DANE verification result state */ s->dane.mdpth = -1; s->dane.pdpth = -1; @@ -690,8 +694,7 @@ SSL *SSL_new(SSL_CTX *ctx) */ if (RAND_get_rand_method() == RAND_OpenSSL()) { s->drbg = - RAND_DRBG_new(RAND_DRBG_NID, RAND_DRBG_FLAG_CTR_USE_DF, - RAND_DRBG_get0_public()); + RAND_DRBG_new(RAND_DRBG_NID, 0, RAND_DRBG_get0_public()); if (s->drbg == NULL || RAND_DRBG_instantiate(s->drbg, (const unsigned char *) SSL_version_str, @@ -1185,6 +1188,8 @@ void SSL_free(SSL *s) OPENSSL_free(s->ext.alpn); OPENSSL_free(s->ext.tls13_cookie); OPENSSL_free(s->clienthello); + OPENSSL_free(s->pha_context); + EVP_MD_CTX_free(s->pha_dgst); sk_X509_NAME_pop_free(s->ca_names, X509_NAME_free); @@ -2448,10 +2453,12 @@ STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s) { STACK_OF(SSL_CIPHER) *sk = NULL, *ciphers; int i; + ciphers = SSL_get_ciphers(s); if (!ciphers) return NULL; - ssl_set_client_disabled(s); + if (!ssl_set_client_disabled(s)) + return NULL; for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { const SSL_CIPHER *c = sk_SSL_CIPHER_value(ciphers, i); if (!ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED, 0)) { @@ -5266,9 +5273,11 @@ int ssl_randbytes(SSL *s, unsigned char *rnd, size_t size) * serialization of SSL accesses for the needed concurrency protection * here. */ - return RAND_DRBG_generate(s->drbg, rnd, size, 0, NULL, 0); + return RAND_DRBG_bytes(s->drbg, rnd, size); } - return RAND_bytes(rnd, (int)size); + if (size > INT_MAX) + return 0; + return RAND_bytes(rnd, size); } __owur unsigned int ssl_get_max_send_fragment(const SSL *ssl) @@ -5302,7 +5311,7 @@ int SSL_stateless(SSL *s) /* Ensure there is no state left over from a previous invocation */ if (!SSL_clear(s)) - return -1; + return 0; ERR_clear_error(); @@ -5310,8 +5319,60 @@ int SSL_stateless(SSL *s) ret = SSL_accept(s); s->s3->flags &= ~TLS1_FLAGS_STATELESS; - if (s->ext.cookieok) + if (ret > 0 && s->ext.cookieok) return 1; - return ret; + return 0; +} + +void SSL_force_post_handshake_auth(SSL *ssl) +{ + ssl->pha_forced = 1; +} + +int SSL_verify_client_post_handshake(SSL *ssl) +{ + if (!SSL_IS_TLS13(ssl)) { + SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_WRONG_SSL_VERSION); + return 0; + } + if (!ssl->server) { + SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_NOT_SERVER); + return 0; + } + + if (!SSL_is_init_finished(ssl)) { + SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_STILL_IN_INIT); + return 0; + } + + switch (ssl->post_handshake_auth) { + case SSL_PHA_NONE: + SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_EXTENSION_NOT_RECEIVED); + return 0; + default: + case SSL_PHA_EXT_SENT: + SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, ERR_R_INTERNAL_ERROR); + return 0; + case SSL_PHA_EXT_RECEIVED: + break; + case SSL_PHA_REQUEST_PENDING: + SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_REQUEST_PENDING); + return 0; + case SSL_PHA_REQUESTED: + SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_REQUEST_SENT); + return 0; + } + + ssl->post_handshake_auth = SSL_PHA_REQUEST_PENDING; + + /* checks verify_mode and algorithm_auth */ + if (!send_certificate_request(ssl)) { + ssl->post_handshake_auth = SSL_PHA_EXT_RECEIVED; /* restore on error */ + SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_INVALID_CONFIG); + return 0; + } + + ossl_statem_set_in_init(ssl, 1); + return 1; }