From 0ef2802165706016698d6984dfcb2980881f18e5 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 31 Aug 2017 14:32:51 +0100 Subject: [PATCH] Various review fixes for PSK early_data support Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/3926) --- apps/s_client.c | 3 +-- doc/man3/SSL_SESSION_get0_hostname.pod | 5 +++-- doc/man3/SSL_read_early_data.pod | 4 +++- ssl/record/ssl3_record_tls13.c | 8 ++++++-- ssl/statem/extensions_clnt.c | 8 ++++---- 5 files changed, 17 insertions(+), 11 deletions(-) diff --git a/apps/s_client.c b/apps/s_client.c index 975aa2fb44..4d2fa861a5 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1889,8 +1889,7 @@ int s_client_main(int argc, char **argv) goto end; } /* By default the SNI should be the same as was set in the session */ - if (!noservername && servername == NULL) - { + if (!noservername && servername == NULL) { const char *sni = SSL_SESSION_get0_hostname(sess); if (sni != NULL) { diff --git a/doc/man3/SSL_SESSION_get0_hostname.pod b/doc/man3/SSL_SESSION_get0_hostname.pod index 642daaa531..f0f02d32a2 100644 --- a/doc/man3/SSL_SESSION_get0_hostname.pod +++ b/doc/man3/SSL_SESSION_get0_hostname.pod @@ -37,8 +37,9 @@ session and its associated length in bytes. The returned value of B<*alpn> is a pointer to memory maintained within B and should not be free'd. SSL_SESSION_set1_alpn_selected() sets the ALPN protocol for this session to the -value in B<*alpn> which should be of length B bytes. A copy of this value -is taken. +value in B which should be of length B bytes. A copy of the input +value is made, and the caller retains ownership of the memory pointed to by +B. =head1 SEE ALSO diff --git a/doc/man3/SSL_read_early_data.pod b/doc/man3/SSL_read_early_data.pod index a593b147b8..10736841a1 100644 --- a/doc/man3/SSL_read_early_data.pod +++ b/doc/man3/SSL_read_early_data.pod @@ -63,7 +63,9 @@ will return the maximum number of early data bytes that can be sent. The function SSL_SESSION_set_max_early_data() sets the maximum number of early data bytes that can be sent for a session. This would typically be used when -creating a PSK session file (see L). +creating a PSK session file (see L). If +using a ticket based PSK then this is set automatically to the value provided by +the server. A client uses the function SSL_write_early_data() to send early data. This function is similar to the L function, but with the following diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c index 0c3fc6bf16..696cc37fd3 100644 --- a/ssl/record/ssl3_record_tls13.c +++ b/ssl/record/ssl3_record_tls13.c @@ -58,10 +58,14 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending) if (s->early_data_state == SSL_EARLY_DATA_WRITING || s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) { - if (s->session != NULL && s->session->ext.max_early_data > 0) + if (s->session != NULL && s->session->ext.max_early_data > 0) { alg_enc = s->session->cipher->algorithm_enc; - else + } else { + if (!ossl_assert(s->psksession != NULL + && s->psksession->ext.max_early_data > 0)) + return -1; alg_enc = s->psksession->cipher->algorithm_enc; + } } else { /* * To get here we must have selected a ciphersuite - otherwise ctx would diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index bcbcbac873..8db895b0fe 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -1401,10 +1401,10 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } s->s3->alpn_selected_len = len; - if (s->session->ext.alpn_selected != NULL - && (s->session->ext.alpn_selected_len != len - || memcmp(s->session->ext.alpn_selected, s->s3->alpn_selected, - len) != 0)) { + if (s->session->ext.alpn_selected == NULL + || s->session->ext.alpn_selected_len != len + || memcmp(s->session->ext.alpn_selected, s->s3->alpn_selected, len) + != 0) { /* ALPN not consistent with the old session so cannot use early_data */ s->ext.early_data_ok = 0; } -- 2.34.1