From 36ec5881657157752dced741256441c230e42fe6 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 13 Jul 2019 16:29:39 +0300 Subject: [PATCH] EAP-TLS server: Add application data to indicate end of v1.3 handshake This adds an encrypted version of a one octet application data payload to the end of the handshake when TLS v1.3 is used to indicate explicit termination of the handshake (either after Finished message or after the optional NewSessionTicket message). The current draft-ietf-emu-eap-tls13-05 defines this to be a zero length payload, but since that is not allowed by OpenSSL, use a one octet payload instead for now with hopes of getting the draft specification updated instead of having to modify OpenSSL for this. Signed-off-by: Jouni Malinen --- src/eap_server/eap_server_tls.c | 37 ++++++++++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/src/eap_server/eap_server_tls.c b/src/eap_server/eap_server_tls.c index 9860a3653..0712d4ccd 100644 --- a/src/eap_server/eap_server_tls.c +++ b/src/eap_server/eap_server_tls.c @@ -261,8 +261,43 @@ static void eap_tls_process_msg(struct eap_sm *sm, void *priv, "handshake message"); return; } - if (eap_server_tls_phase1(sm, &data->ssl) < 0) + if (eap_server_tls_phase1(sm, &data->ssl) < 0) { eap_tls_state(data, FAILURE); + return; + } + + if (data->ssl.tls_v13 && + tls_connection_established(sm->ssl_ctx, data->ssl.conn)) { + struct wpabuf *plain, *encr; + + wpa_printf(MSG_DEBUG, + "EAP-TLS: Send empty application data to indicate end of exchange"); + /* FIX: This should be an empty application data based on + * draft-ietf-emu-eap-tls13-05, but OpenSSL does not allow zero + * length payload (SSL_write() documentation explicitly + * describes this as not allowed), so work around that for now + * by sending out a payload of one octet. Hopefully the draft + * specification will change to allow this so that no crypto + * library changes are needed. */ + plain = wpabuf_alloc(1); + if (!plain) + return; + wpabuf_put_u8(plain, 0); + encr = eap_server_tls_encrypt(sm, &data->ssl, plain); + wpabuf_free(plain); + if (!encr) + return; + if (wpabuf_resize(&data->ssl.tls_out, wpabuf_len(encr)) < 0) { + wpa_printf(MSG_INFO, + "EAP-TLS: Failed to resize output buffer"); + wpabuf_free(encr); + return; + } + wpabuf_put_buf(data->ssl.tls_out, encr); + wpa_hexdump_buf(MSG_DEBUG, + "EAP-TLS: Data appended to the message", encr); + wpabuf_free(encr); + } } -- 2.39.2