Warmcat homepage andy@warmcat.com
libwebsockets
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1747623805, "reponame":"openssl", "desc":"OpenSSL", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://warmcat.com/repo/openssl", "f":3, "items": [ {"schema":"libjg2-1", "cid":"3b62daab2bb3f5616f47d86735a4962a", "commit": {"type":"commit", "time": 1485771500, "time_ofs": 0, "oid_tree": { "oid": "92ec8b6c8c0c59507b74ecb90834701b1a1bf7f9", "alias": []}, "oid":{ "oid": "f4bbb37c4c95ea8cdb4b3470098a1b5d7d1977ed", "alias": []}, "msg": "Provide a key_share extension finaliser", "sig_commit": { "git_time": { "time": 1485771500, "offset": 0 }, "name": "Matt Caswell", "email": "matt@openssl.org", "md5": "10f7b441a32d5790efad9fc68cae4af2" }, "sig_author": { "git_time": { "time": 1484739097, "offset": 0 }, "name": "Matt Caswell", "email": "matt@openssl.org", "md5": "10f7b441a32d5790efad9fc68cae4af2" }}, "body": "Provide a key_share extension finaliser\n\nThis mops up various edge cases with key_shares and makes sure we still\ngenerate the handshake secret if we haven't been provided with one but we\nhave a PSK.\n\nReviewed-by: Rich Salz \u003crsalz@openssl.org\u003e\n(Merged from https://github.com/openssl/openssl/pull/2259)" , "diff": "diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h\nindex 52be406..cee7549 100644\n--- a/include/openssl/ssl.h\n+++ b/include/openssl/ssl.h\n@@ -2097,6 +2097,7 @@ int ERR_load_SSL_strings(void);\n # define SSL_F_DTLS_PROCESS_HELLO_VERIFY 386\n # define SSL_F_FINAL_EC_PT_FORMATS 485\n # define SSL_F_FINAL_EMS 486\n+# define SSL_F_FINAL_KEY_SHARE 503\n # define SSL_F_FINAL_RENEGOTIATE 483\n # define SSL_F_FINAL_SIG_ALGS 497\n # define SSL_F_NSS_KEYLOG_INT 500\ndiff --git a/ssl/ssl_err.c b/ssl/ssl_err.c\nindex 9b02c58..9edee93 100644\n--- a/ssl/ssl_err.c\n+++ b/ssl/ssl_err.c\n@@ -51,6 +51,7 @@ static ERR_STRING_DATA SSL_str_functs[] \u003d {\n {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), \u0022dtls_process_hello_verify\u0022},\n {ERR_FUNC(SSL_F_FINAL_EC_PT_FORMATS), \u0022final_ec_pt_formats\u0022},\n {ERR_FUNC(SSL_F_FINAL_EMS), \u0022final_ems\u0022},\n+ {ERR_FUNC(SSL_F_FINAL_KEY_SHARE), \u0022final_key_share\u0022},\n {ERR_FUNC(SSL_F_FINAL_RENEGOTIATE), \u0022final_renegotiate\u0022},\n {ERR_FUNC(SSL_F_FINAL_SIG_ALGS), \u0022final_sig_algs\u0022},\n {ERR_FUNC(SSL_F_NSS_KEYLOG_INT), \u0022nss_keylog_int\u0022},\ndiff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c\nindex 4c66b33..f1a1675 100644\n--- a/ssl/statem/extensions.c\n+++ b/ssl/statem/extensions.c\n@@ -36,6 +36,7 @@ static int init_etm(SSL *s, unsigned int context);\n static int init_ems(SSL *s, unsigned int context);\n static int final_ems(SSL *s, unsigned int context, int sent, int *al);\n static int init_psk_kex_modes(SSL *s, unsigned int context);\n+static int final_key_share(SSL *s, unsigned int context, int sent, int *al);\n #ifndef OPENSSL_NO_SRTP\n static int init_srtp(SSL *s, unsigned int context);\n #endif\n@@ -252,7 +253,8 @@ static const EXTENSION_DEFINITION ext_defs[] \u003d {\n | EXT_TLS1_3_HELLO_RETRY_REQUEST | EXT_TLS_IMPLEMENTATION_ONLY\n | EXT_TLS1_3_ONLY,\n NULL, tls_parse_ctos_key_share, tls_parse_stoc_key_share,\n- tls_construct_stoc_key_share, tls_construct_ctos_key_share, NULL\n+ tls_construct_stoc_key_share, tls_construct_ctos_key_share,\n+ final_key_share\n },\n {\n /*\n@@ -955,6 +957,45 @@ static int final_sig_algs(SSL *s, unsigned int context, int sent, int *al)\n return 1;\n }\n \n+\n+static int final_key_share(SSL *s, unsigned int context, int sent, int *al)\n+{\n+ if (!SSL_IS_TLS13(s))\n+ return 1;\n+\n+ /*\n+ * If\n+ * we have no key_share\n+ * AND\n+ * (we are not resuming\n+ * OR the kex_mode doesn't allow non key_share resumes)\n+ * THEN\n+ * fail\n+ */\n+ if (((s-\u003eserver \u0026\u0026 s-\u003es3-\u003epeer_tmp \u003d\u003d NULL) || (!s-\u003eserver \u0026\u0026 !sent))\n+ \u0026\u0026 (!s-\u003ehit\n+ || (s-\u003eext.psk_kex_mode \u0026 TLSEXT_KEX_MODE_FLAG_KE) \u003d\u003d 0)) {\n+ /* No suitable share */\n+ /* TODO(TLS1.3): Send a HelloRetryRequest */\n+ *al \u003d SSL_AD_HANDSHAKE_FAILURE;\n+ SSLerr(SSL_F_FINAL_KEY_SHARE, SSL_R_NO_SUITABLE_KEY_SHARE);\n+ return 0;\n+ }\n+\n+ /*\n+ * For a client side resumption with no key_share we need to generate\n+ * the handshake secret (otherwise this is done during key_share\n+ * processing).\n+ */\n+ if (!sent \u0026\u0026 !s-\u003eserver \u0026\u0026 !tls13_generate_handshake_secret(s, NULL, 0)) {\n+ *al \u003d SSL_AD_INTERNAL_ERROR;\n+ SSLerr(SSL_F_FINAL_KEY_SHARE, ERR_R_INTERNAL_ERROR);\n+ return 0;\n+ }\n+\n+ return 1;\n+}\n+\n static int init_psk_kex_modes(SSL *s, unsigned int context)\n {\n s-\u003eext.psk_kex_mode \u003d TLSEXT_KEX_MODE_FLAG_NONE;\ndiff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c\nindex 8ee2928..1e10a10 100644\n--- a/ssl/statem/extensions_srvr.c\n+++ b/ssl/statem/extensions_srvr.c\n@@ -523,7 +523,7 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, X509 *x, size_t chainidx,\n int group_nid, found \u003d 0;\n unsigned int curve_flags;\n \n- if (s-\u003ehit)\n+ if (s-\u003ehit \u0026\u0026 (s-\u003eext.psk_kex_mode \u0026 TLSEXT_KEX_MODE_FLAG_KE_DHE) \u003d\u003d 0)\n return 1;\n \n /* Sanity check */\ndiff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c\nindex 98171b9..f9659e2 100644\n--- a/ssl/statem/statem_srvr.c\n+++ b/ssl/statem/statem_srvr.c\n@@ -1557,15 +1557,6 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)\n goto f_err;\n }\n \n- /* Check we've got a key_share for TLSv1.3 */\n- if (SSL_IS_TLS13(s) \u0026\u0026 s-\u003es3-\u003epeer_tmp \u003d\u003d NULL \u0026\u0026 !s-\u003ehit) {\n- /* No suitable share */\n- /* TODO(TLS1.3): Send a HelloRetryRequest */\n- al \u003d SSL_AD_HANDSHAKE_FAILURE;\n- SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, SSL_R_NO_SUITABLE_KEY_SHARE);\n- goto f_err;\n- }\n-\n /*\n * Check if we want to use external pre-shared secret for this handshake\n * for not reused session only. We need to generate server_random before\n","s":{"c":1747623805,"u": 33327}} ],"g": 34603,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}