2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/evp.h>
11 #include "../../ssl_local.h"
12 #include "../record_local.h"
13 #include "recmethod_local.h"
15 #define MIN_SSL2_RECORD_LEN 9
17 static int tls_any_set_crypto_state(OSSL_RECORD_LAYER
*rl
, int level
,
18 unsigned char *key
, size_t keylen
,
19 unsigned char *iv
, size_t ivlen
,
20 unsigned char *mackey
, size_t mackeylen
,
21 const EVP_CIPHER
*ciph
,
27 if (level
!= OSSL_RECORD_PROTECTION_LEVEL_NONE
) {
28 ERR_raise(ERR_LIB_SSL
, ERR_R_INTERNAL_ERROR
);
29 return OSSL_RECORD_RETURN_FATAL
;
32 /* No crypto protection at the "NONE" level so nothing to be done */
34 return OSSL_RECORD_RETURN_SUCCESS
;
37 static int tls_any_cipher(OSSL_RECORD_LAYER
*rl
, TLS_RL_RECORD
*recs
,
38 size_t n_recs
, int sending
, SSL_MAC_BUF
*macs
,
44 static int tls_validate_record_header(OSSL_RECORD_LAYER
*rl
, TLS_RL_RECORD
*rec
)
46 if (rec
->rec_version
== SSL2_VERSION
) {
47 /* SSLv2 format ClientHello */
48 if (!ossl_assert(rl
->version
== TLS_ANY_VERSION
)) {
49 RLAYERfatal(rl
, SSL_AD_INTERNAL_ERROR
, ERR_R_INTERNAL_ERROR
);
52 if (rec
->length
< MIN_SSL2_RECORD_LEN
) {
53 RLAYERfatal(rl
, SSL_AD_DECODE_ERROR
, SSL_R_LENGTH_TOO_SHORT
);
57 if (rl
->version
== TLS_ANY_VERSION
) {
58 if ((rec
->rec_version
>> 8) != SSL3_VERSION_MAJOR
) {
59 if (rl
->is_first_record
) {
63 * Go back to start of packet, look at the five bytes that
67 if (HAS_PREFIX((char *)p
, "GET ") ||
68 HAS_PREFIX((char *)p
, "POST ") ||
69 HAS_PREFIX((char *)p
, "HEAD ") ||
70 HAS_PREFIX((char *)p
, "PUT ")) {
71 RLAYERfatal(rl
, SSL_AD_NO_ALERT
, SSL_R_HTTP_REQUEST
);
73 } else if (HAS_PREFIX((char *)p
, "CONNE")) {
74 RLAYERfatal(rl
, SSL_AD_NO_ALERT
,
75 SSL_R_HTTPS_PROXY_REQUEST
);
79 /* Doesn't look like TLS - don't send an alert */
80 RLAYERfatal(rl
, SSL_AD_NO_ALERT
,
81 SSL_R_WRONG_VERSION_NUMBER
);
84 RLAYERfatal(rl
, SSL_AD_PROTOCOL_VERSION
,
85 SSL_R_WRONG_VERSION_NUMBER
);
89 } else if (rl
->version
== TLS1_3_VERSION
) {
91 * In this case we know we are going to negotiate TLSv1.3, but we've
92 * had an HRR, so we haven't actually done so yet. In TLSv1.3 we
93 * must ignore the legacy record version in plaintext records.
95 } else if (rec
->rec_version
!= rl
->version
) {
96 if ((rl
->version
& 0xFF00) == (rec
->rec_version
& 0xFF00)) {
97 if (rec
->type
== SSL3_RT_ALERT
) {
99 * The record is using an incorrect version number,
100 * but what we've got appears to be an alert. We
101 * haven't read the body yet to check whether its a
102 * fatal or not - but chances are it is. We probably
103 * shouldn't send a fatal alert back. We'll just
106 RLAYERfatal(rl
, SSL_AD_NO_ALERT
,
107 SSL_R_WRONG_VERSION_NUMBER
);
110 /* Send back error using their minor version number */
111 rl
->version
= (unsigned short)rec
->rec_version
;
113 RLAYERfatal(rl
, SSL_AD_PROTOCOL_VERSION
,
114 SSL_R_WRONG_VERSION_NUMBER
);
118 if (rec
->length
> SSL3_RT_MAX_PLAIN_LENGTH
) {
120 * We use SSL_R_DATA_LENGTH_TOO_LONG instead of
121 * SSL_R_ENCRYPTED_LENGTH_TOO_LONG here because we are the "any" method
122 * and we know that we are dealing with plaintext data
124 RLAYERfatal(rl
, SSL_AD_RECORD_OVERFLOW
, SSL_R_DATA_LENGTH_TOO_LONG
);
130 static int tls_any_set_protocol_version(OSSL_RECORD_LAYER
*rl
, int vers
)
132 if (rl
->version
!= TLS_ANY_VERSION
&& rl
->version
!= vers
)
139 static int tls_any_prepare_for_encryption(OSSL_RECORD_LAYER
*rl
,
142 TLS_RL_RECORD
*thiswr
)
144 /* No encryption, so nothing to do */
148 const struct record_functions_st tls_any_funcs
= {
149 tls_any_set_crypto_state
,
152 tls_any_set_protocol_version
,
154 tls_get_more_records
,
155 tls_validate_record_header
,
156 tls_default_post_process_record
,
157 tls_get_max_records_default
,
158 tls_write_records_default
,
159 tls_allocate_write_buffers_default
,
160 tls_initialise_write_packets_default
,
162 tls_prepare_record_header_default
,
164 tls_any_prepare_for_encryption
,
165 tls_post_encryption_processing_default
,
169 static int dtls_any_set_protocol_version(OSSL_RECORD_LAYER
*rl
, int vers
)
171 if (rl
->version
!= DTLS_ANY_VERSION
&& rl
->version
!= vers
)
178 const struct record_functions_st dtls_any_funcs
= {
179 tls_any_set_crypto_state
,
182 dtls_any_set_protocol_version
,
184 dtls_get_more_records
,
188 tls_write_records_default
,
189 tls_allocate_write_buffers_default
,
190 tls_initialise_write_packets_default
,
192 dtls_prepare_record_header
,
194 tls_prepare_for_encryption_default
,
195 dtls_post_encryption_processing
,