/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
static int dane_tlsa_add(SSL_DANE *dane,
uint8_t usage,
uint8_t selector,
- uint8_t mtype, unsigned const char *data, size_t dlen)
+ uint8_t mtype, const unsigned char *data, size_t dlen)
{
danetls_record *t;
const EVP_MD *md = NULL;
}
}
- if (md != NULL && dlen != (size_t)EVP_MD_size(md)) {
+ if (md != NULL && dlen != (size_t)EVP_MD_get_size(md)) {
ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH);
return 0;
}
s->ext.ocsp.resp_len = 0;
SSL_CTX_up_ref(ctx);
s->session_ctx = ctx;
-#ifndef OPENSSL_NO_EC
if (ctx->ext.ecpointformats) {
s->ext.ecpointformats =
OPENSSL_memdup(ctx->ext.ecpointformats,
ctx->ext.ecpointformats_len);
- if (!s->ext.ecpointformats)
+ if (!s->ext.ecpointformats) {
+ s->ext.ecpointformats_len = 0;
goto err;
+ }
s->ext.ecpointformats_len =
ctx->ext.ecpointformats_len;
}
-#endif
if (ctx->ext.supportedgroups) {
s->ext.supportedgroups =
OPENSSL_memdup(ctx->ext.supportedgroups,
ctx->ext.supportedgroups_len
* sizeof(*ctx->ext.supportedgroups));
- if (!s->ext.supportedgroups)
+ if (!s->ext.supportedgroups) {
+ s->ext.supportedgroups_len = 0;
goto err;
+ }
s->ext.supportedgroups_len = ctx->ext.supportedgroups_len;
}
if (s->ctx->ext.alpn) {
s->ext.alpn = OPENSSL_malloc(s->ctx->ext.alpn_len);
- if (s->ext.alpn == NULL)
+ if (s->ext.alpn == NULL) {
+ s->ext.alpn_len = 0;
goto err;
+ }
memcpy(s->ext.alpn, s->ctx->ext.alpn, s->ctx->ext.alpn_len);
s->ext.alpn_len = s->ctx->ext.alpn_len;
}
int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
{
- CRYPTO_THREAD_write_lock(ctx->lock);
+ if (!CRYPTO_THREAD_write_lock(ctx->lock))
+ return 0;
ctx->generate_session_id = cb;
CRYPTO_THREAD_unlock(ctx->lock);
return 1;
int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
{
- CRYPTO_THREAD_write_lock(ssl->lock);
+ if (!CRYPTO_THREAD_write_lock(ssl->lock))
+ return 0;
ssl->generate_session_id = cb;
CRYPTO_THREAD_unlock(ssl->lock);
return 1;
r.session_id_length = id_len;
memcpy(r.session_id, id, id_len);
- CRYPTO_THREAD_read_lock(ssl->session_ctx->lock);
+ if (!CRYPTO_THREAD_read_lock(ssl->session_ctx->lock))
+ return 0;
p = lh_SSL_SESSION_retrieve(ssl->session_ctx->sessions, &r);
CRYPTO_THREAD_unlock(ssl->session_ctx->lock);
return (p != NULL);
}
int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
- uint8_t *mtype, unsigned const char **data, size_t *dlen)
+ uint8_t *mtype, const unsigned char **data, size_t *dlen)
{
SSL_DANE *dane = &s->dane;
}
int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
- uint8_t mtype, unsigned const char *data, size_t dlen)
+ uint8_t mtype, const unsigned char *data, size_t dlen)
{
return dane_tlsa_add(&s->dane, usage, selector, mtype, data, dlen);
}
OPENSSL_free(s->ext.hostname);
SSL_CTX_free(s->session_ctx);
-#ifndef OPENSSL_NO_EC
OPENSSL_free(s->ext.ecpointformats);
OPENSSL_free(s->ext.peer_ecpointformats);
-#endif /* OPENSSL_NO_EC */
OPENSSL_free(s->ext.supportedgroups);
OPENSSL_free(s->ext.peer_supportedgroups);
sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts, X509_EXTENSION_free);
int SSL_copy_session_id(SSL *t, const SSL *f)
{
int i;
- /* Do we need to to SSL locking? */
+ /* Do we need to do SSL locking? */
if (!SSL_set_session(t, SSL_get_session(f))) {
return 0;
}
return s->key_update;
}
-int SSL_renegotiate(SSL *s)
+/*
+ * Can we accept a renegotiation request? If yes, set the flag and
+ * return 1 if yes. If not, raise error and return 0.
+ */
+static int can_renegotiate(const SSL *s)
{
if (SSL_IS_TLS13(s)) {
ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION);
return 0;
}
- if ((s->options & SSL_OP_NO_RENEGOTIATION)) {
+ if ((s->options & SSL_OP_NO_RENEGOTIATION) != 0) {
ERR_raise(ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION);
return 0;
}
+ return 1;
+}
+
+int SSL_renegotiate(SSL *s)
+{
+ if (!can_renegotiate(s))
+ return 0;
+
s->renegotiate = 1;
s->new_session = 1;
-
return s->method->ssl_renegotiate(s);
}
int SSL_renegotiate_abbreviated(SSL *s)
{
- if (SSL_IS_TLS13(s)) {
- ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION);
- return 0;
- }
-
- if ((s->options & SSL_OP_NO_RENEGOTIATION)) {
- ERR_raise(ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION);
+ if (!can_renegotiate(s))
return 0;
- }
s->renegotiate = 1;
s->new_session = 0;
-
return s->method->ssl_renegotiate(s);
}
int SSL_new_session_ticket(SSL *s)
{
- if (SSL_in_init(s) || SSL_IS_FIRST_HANDSHAKE(s) || !s->server
+ /* If we are in init because we're sending tickets, okay to send more. */
+ if ((SSL_in_init(s) && s->ext.extra_tickets_expected == 0)
+ || SSL_IS_FIRST_HANDSHAKE(s) || !s->server
|| !SSL_IS_TLS13(s))
return 0;
s->ext.extra_tickets_expected++;
+ if (s->rlayer.wbuf[0].left == 0 && !SSL_in_init(s))
+ ossl_statem_set_in_init(s, 1);
return 1;
}
}
#endif
+static int alpn_value_ok(const unsigned char *protos, unsigned int protos_len)
+{
+ unsigned int idx;
+
+ if (protos_len < 2 || protos == NULL)
+ return 0;
+
+ for (idx = 0; idx < protos_len; idx += protos[idx] + 1) {
+ if (protos[idx] == 0)
+ return 0;
+ }
+ return idx == protos_len;
+}
/*
* SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
* |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
unsigned int protos_len)
{
- OPENSSL_free(ctx->ext.alpn);
- ctx->ext.alpn = OPENSSL_memdup(protos, protos_len);
- if (ctx->ext.alpn == NULL) {
+ unsigned char *alpn;
+
+ if (protos_len == 0 || protos == NULL) {
+ OPENSSL_free(ctx->ext.alpn);
+ ctx->ext.alpn = NULL;
+ ctx->ext.alpn_len = 0;
+ return 0;
+ }
+ /* Not valid per RFC */
+ if (!alpn_value_ok(protos, protos_len))
+ return 1;
+
+ alpn = OPENSSL_memdup(protos, protos_len);
+ if (alpn == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
return 1;
}
+ OPENSSL_free(ctx->ext.alpn);
+ ctx->ext.alpn = alpn;
ctx->ext.alpn_len = protos_len;
return 0;
int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
unsigned int protos_len)
{
- OPENSSL_free(ssl->ext.alpn);
- ssl->ext.alpn = OPENSSL_memdup(protos, protos_len);
- if (ssl->ext.alpn == NULL) {
+ unsigned char *alpn;
+
+ if (protos_len == 0 || protos == NULL) {
+ OPENSSL_free(ssl->ext.alpn);
+ ssl->ext.alpn = NULL;
+ ssl->ext.alpn_len = 0;
+ return 0;
+ }
+ /* Not valid per RFC */
+ if (!alpn_value_ok(protos, protos_len))
+ return 1;
+
+ alpn = OPENSSL_memdup(protos, protos_len);
+ if (alpn == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
return 1;
}
+ OPENSSL_free(ssl->ext.alpn);
+ ssl->ext.alpn = alpn;
ssl->ext.alpn_len = protos_len;
return 0;
if (ret == NULL)
goto err;
+ /* Init the reference counting before any call to SSL_CTX_free */
+ ret->references = 1;
+ ret->lock = CRYPTO_THREAD_lock_new();
+ if (ret->lock == NULL) {
+ ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(ret);
+ return NULL;
+ }
+
ret->libctx = libctx;
if (propq != NULL) {
ret->propq = OPENSSL_strdup(propq);
ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
/* We take the system default. */
ret->session_timeout = meth->get_timeout();
- ret->references = 1;
- ret->lock = CRYPTO_THREAD_lock_new();
- if (ret->lock == NULL) {
- ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(ret);
- return NULL;
- }
ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
ret->verify_mode = SSL_VERIFY_NONE;
if ((ret->cert = ssl_cert_new()) == NULL)
/* Setup RFC5077 ticket keys */
if ((RAND_bytes_ex(libctx, ret->ext.tick_key_name,
- sizeof(ret->ext.tick_key_name)) <= 0)
+ sizeof(ret->ext.tick_key_name), 0) <= 0)
|| (RAND_priv_bytes_ex(libctx, ret->ext.secure->tick_hmac_key,
- sizeof(ret->ext.secure->tick_hmac_key)) <= 0)
+ sizeof(ret->ext.secure->tick_hmac_key), 0) <= 0)
|| (RAND_priv_bytes_ex(libctx, ret->ext.secure->tick_aes_key,
- sizeof(ret->ext.secure->tick_aes_key)) <= 0))
+ sizeof(ret->ext.secure->tick_aes_key), 0) <= 0))
ret->options |= SSL_OP_NO_TICKET;
if (RAND_priv_bytes_ex(libctx, ret->ext.cookie_hmac_key,
- sizeof(ret->ext.cookie_hmac_key)) <= 0)
+ sizeof(ret->ext.cookie_hmac_key), 0) <= 0)
goto err;
#ifndef OPENSSL_NO_SRP
- if (!SSL_CTX_SRP_CTX_init(ret))
+ if (!ssl_ctx_srp_ctx_init_intern(ret))
goto err;
#endif
#ifndef OPENSSL_NO_ENGINE
}
# endif
#endif
- /*
- * Default is to connect to non-RI servers. When RI is more widely
- * deployed might change this.
- */
- ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
/*
* Disable compression by default to prevent CRIME. Applications can
* re-enable compression by configuring
sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
#endif
#ifndef OPENSSL_NO_SRP
- SSL_CTX_SRP_CTX_free(a);
+ ssl_ctx_srp_ctx_free_intern(a);
#endif
#ifndef OPENSSL_NO_ENGINE
tls_engine_finish(a->client_cert_engine);
#endif
-#ifndef OPENSSL_NO_EC
OPENSSL_free(a->ext.ecpointformats);
-#endif
OPENSSL_free(a->ext.supportedgroups);
+ OPENSSL_free(a->ext.supported_groups_default);
OPENSSL_free(a->ext.alpn);
OPENSSL_secure_free(a->ext.secure);
uint32_t *pvalid = s->s3.tmp.valid_flags;
int rsa_enc, rsa_sign, dh_tmp, dsa_sign;
unsigned long mask_k, mask_a;
-#ifndef OPENSSL_NO_EC
int have_ecc_cert, ecdsa_ok;
-#endif
+
if (c == NULL)
return;
dh_tmp = (c->dh_tmp != NULL
-#ifndef OPENSSL_NO_DH
|| c->dh_tmp_cb != NULL
-#endif
|| c->dh_tmp_auto);
rsa_enc = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID;
rsa_sign = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID;
dsa_sign = pvalid[SSL_PKEY_DSA_SIGN] & CERT_PKEY_VALID;
-#ifndef OPENSSL_NO_EC
have_ecc_cert = pvalid[SSL_PKEY_ECC] & CERT_PKEY_VALID;
-#endif
mask_k = 0;
mask_a = 0;
* An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
* depending on the key usage extension.
*/
-#ifndef OPENSSL_NO_EC
if (have_ecc_cert) {
uint32_t ex_kusage;
ex_kusage = X509_get_key_usage(c->pkeys[SSL_PKEY_ECC].x509);
&& pvalid[SSL_PKEY_ED448] & CERT_PKEY_EXPLICIT_SIGN
&& TLS1_get_version(s) == TLS1_2_VERSION)
mask_a |= SSL_aECDSA;
-#endif
-#ifndef OPENSSL_NO_EC
mask_k |= SSL_kECDHE;
-#endif
#ifndef OPENSSL_NO_PSK
mask_k |= SSL_kPSK;
s->s3.tmp.mask_a = mask_a;
}
-#ifndef OPENSSL_NO_EC
-
int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
{
if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aECDSA) {
return 1; /* all checks are ok */
}
-#endif
-
int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
size_t *serverinfo_length)
{
}
if (SSL_want_x509_lookup(s))
return SSL_ERROR_WANT_X509_LOOKUP;
+ if (SSL_want_retry_verify(s))
+ return SSL_ERROR_WANT_RETRY_VERIFY;
if (SSL_want_async(s))
return SSL_ERROR_WANT_ASYNC;
if (SSL_want_async_job(s))
if (lookup == NULL)
return 0;
- /* We ignore errors, in case the directory doesn't exist */
+ /* We ignore errors, in case the file doesn't exist */
ERR_set_mark();
X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, ctx->libctx,
return s->rwstate;
}
-/**
- * \brief Set the callback for generating temporary DH keys.
- * \param ctx the SSL context.
- * \param dh the callback
- */
-
-#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
- DH *(*dh) (SSL *ssl, int is_export,
- int keylength))
-{
- SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-
-void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
- int keylength))
-{
- SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-#endif
-
#ifndef OPENSSL_NO_PSK
int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
{
{
EVP_MD_CTX *ctx = NULL;
EVP_MD_CTX *hdgst = s->s3.handshake_dgst;
- int hashleni = EVP_MD_CTX_size(hdgst);
+ int hashleni = EVP_MD_CTX_get_size(hdgst);
int ret = 0;
if (hashleni < 0 || (size_t)hashleni > outlen) {
return ctx->cert->sec_ex;
}
-/*
- * Get/Set/Clear options in SSL_CTX or SSL, formerly macros, now functions that
- * can return unsigned long, instead of the generic long return value from the
- * control interface.
- */
-unsigned long SSL_CTX_get_options(const SSL_CTX *ctx)
+uint64_t SSL_CTX_get_options(const SSL_CTX *ctx)
{
return ctx->options;
}
-unsigned long SSL_get_options(const SSL *s)
+uint64_t SSL_get_options(const SSL *s)
{
return s->options;
}
-unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op)
+uint64_t SSL_CTX_set_options(SSL_CTX *ctx, uint64_t op)
{
return ctx->options |= op;
}
-unsigned long SSL_set_options(SSL *s, unsigned long op)
+uint64_t SSL_set_options(SSL *s, uint64_t op)
{
return s->options |= op;
}
-unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op)
+uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t op)
{
return ctx->options &= ~op;
}
-unsigned long SSL_clear_options(SSL *s, unsigned long op)
+uint64_t SSL_clear_options(SSL *s, uint64_t op)
{
return s->options &= ~op;
}
int ssl_evp_cipher_up_ref(const EVP_CIPHER *cipher)
{
/* Don't up-ref an implicit EVP_CIPHER */
- if (EVP_CIPHER_provider(cipher) == NULL)
+ if (EVP_CIPHER_get0_provider(cipher) == NULL)
return 1;
/*
if (cipher == NULL)
return;
- if (EVP_CIPHER_provider(cipher) != NULL) {
+ if (EVP_CIPHER_get0_provider(cipher) != NULL) {
/*
* The cipher was explicitly fetched and therefore it is safe to cast
* away the const
int ssl_evp_md_up_ref(const EVP_MD *md)
{
/* Don't up-ref an implicit EVP_MD */
- if (EVP_MD_provider(md) == NULL)
+ if (EVP_MD_get0_provider(md) == NULL)
return 1;
/*
if (md == NULL)
return;
- if (EVP_MD_provider(md) != NULL) {
+ if (EVP_MD_get0_provider(md) != NULL) {
/*
* The digest was explicitly fetched and therefore it is safe to cast
* away the const
int SSL_set0_tmp_dh_pkey(SSL *s, EVP_PKEY *dhpkey)
{
if (!ssl_security(s, SSL_SECOP_TMP_DH,
- EVP_PKEY_security_bits(dhpkey), 0, dhpkey)) {
+ EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) {
ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL);
EVP_PKEY_free(dhpkey);
return 0;
int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX *ctx, EVP_PKEY *dhpkey)
{
if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
- EVP_PKEY_security_bits(dhpkey), 0, dhpkey)) {
+ EVP_PKEY_get_security_bits(dhpkey), 0, dhpkey)) {
ERR_raise(ERR_LIB_SSL, SSL_R_DH_KEY_TOO_SMALL);
EVP_PKEY_free(dhpkey);
return 0;