-/* $OpenBSD: ssl_ciphers.c,v 1.10 2021/02/25 17:06:05 jsing Exp $ */
+/* $OpenBSD: ssl_ciphers.c,v 1.11 2021/03/11 17:14:46 jsing Exp $ */
/*
* Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org>
* Copyright (c) 2015-2018, 2020 Joel Sing <jsing@openbsd.org>
{
STACK_OF(SSL_CIPHER) *ciphers = NULL;
const SSL_CIPHER *cipher;
- uint16_t cipher_value, max_version;
+ uint16_t cipher_value;
unsigned long cipher_id;
S3I(s)->send_connection_binding = 0;
* Fail if the current version is an unexpected
* downgrade.
*/
- if (!ssl_downgrade_max_version(s, &max_version))
- goto err;
- if (s->version < max_version) {
+ if (S3I(s)->hs.negotiated_tls_version <
+ S3I(s)->hs.our_max_tls_version) {
SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);
ssl3_send_alert(s, SSL3_AL_FATAL,
SSL_AD_INAPPROPRIATE_FALLBACK);
-/* $OpenBSD: ssl_clnt.c,v 1.85 2021/03/10 18:27:01 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.86 2021/03/11 17:14:46 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
{
CBS cbs, server_random, session_id;
uint16_t server_version, cipher_suite;
- uint16_t max_version;
uint8_t compression_method;
const SSL_CIPHER *cipher;
const SSL_METHOD *method;
sizeof(s->s3->server_random), NULL))
goto err;
- if (!ssl_downgrade_max_version(s, &max_version))
- goto err;
- if (!SSL_is_dtls(s) && max_version >= TLS1_2_VERSION &&
- s->version < max_version) {
+ if (S3I(s)->hs.our_max_tls_version >= TLS1_2_VERSION &&
+ S3I(s)->hs.negotiated_tls_version < S3I(s)->hs.our_max_tls_version) {
/*
* RFC 8446 section 4.1.3. We must not downgrade if the server
* random value contains the TLS 1.2 or TLS 1.1 magical value.
if (!CBS_skip(&server_random,
CBS_len(&server_random) - sizeof(tls13_downgrade_12)))
goto err;
- if (s->version == TLS1_2_VERSION &&
+ if (S3I(s)->hs.negotiated_tls_version == TLS1_2_VERSION &&
CBS_mem_equal(&server_random, tls13_downgrade_12,
sizeof(tls13_downgrade_12))) {
al = SSL_AD_ILLEGAL_PARAMETER;
-/* $OpenBSD: ssl_locl.h,v 1.325 2021/03/10 18:27:01 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.326 2021/03/11 17:14:47 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
int ssl_supported_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver);
uint16_t ssl_tls_version(uint16_t version);
uint16_t ssl_effective_tls_version(SSL *s);
-int ssl_downgrade_max_version(SSL *s, uint16_t *max_ver);
int ssl_max_supported_version(SSL *s, uint16_t *max_ver);
int ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver);
int ssl_check_version_from_server(SSL *s, uint16_t server_version);
-/* $OpenBSD: ssl_srvr.c,v 1.96 2021/03/10 18:27:02 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.97 2021/03/11 17:14:47 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
STACK_OF(SSL_CIPHER) *ciphers = NULL;
unsigned long alg_k;
const SSL_METHOD *method;
- uint16_t max_version, shared_version;
+ uint16_t shared_version;
/*
* We do this so that we will respond with our native type.
* Use version from inside client hello, not from record header.
* (may differ: see RFC 2246, Appendix E, second paragraph)
*/
- if (!ssl_downgrade_max_version(s, &max_version))
- goto err;
if (!ssl_max_shared_version(s, client_version, &shared_version)) {
if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
!tls12_record_layer_write_protected(s->internal->rl)) {
*/
arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE);
- if (!SSL_is_dtls(s) && max_version >= TLS1_2_VERSION &&
- s->version < max_version) {
+ if (S3I(s)->hs.our_max_tls_version >= TLS1_2_VERSION &&
+ S3I(s)->hs.negotiated_tls_version < S3I(s)->hs.our_max_tls_version) {
/*
* RFC 8446 section 4.1.3. If we are downgrading from TLS 1.3
* we must set the last 8 bytes of the server random to magical
*/
size_t index = SSL3_RANDOM_SIZE - sizeof(tls13_downgrade_12);
uint8_t *magic = &s->s3->server_random[index];
- if (s->version == TLS1_2_VERSION) {
+ if (S3I(s)->hs.negotiated_tls_version == TLS1_2_VERSION) {
/* Indicate we chose to downgrade to 1.2. */
memcpy(magic, tls13_downgrade_12,
sizeof(tls13_downgrade_12));
-/* $OpenBSD: ssl_versions.c,v 1.14 2021/03/10 18:27:02 jsing Exp $ */
+/* $OpenBSD: ssl_versions.c,v 1.15 2021/03/11 17:14:47 jsing Exp $ */
/*
* Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
*
return 1;
}
-int
-ssl_downgrade_max_version(SSL *s, uint16_t *max_ver)
-{
- uint16_t min_version, max_version;
-
- /*
- * The downgrade maximum version is based on the versions that are
- * enabled, however we also have to then limit to the versions
- * supported by the method. The SSL method will be changed during
- * version negotiation and when switching from the new stack to
- * the legacy context, as such we want to use the method from the
- * context.
- */
-
- if (SSL_is_dtls(s)) {
- *max_ver = DTLS1_VERSION;
- return 1;
- }
-
- if (!ssl_enabled_tls_version_range(s, &min_version, &max_version))
- return 0;
-
- if (!ssl_clamp_tls_version_range(&min_version, &max_version,
- s->ctx->method->internal->min_tls_version,
- s->ctx->method->internal->max_tls_version))
- return 0;
-
- *max_ver = max_version;
-
- return 1;
-}
-
int
ssl_check_version_from_server(SSL *s, uint16_t server_version)
{
projects / openbsd / commitdiff