Move client ciphers from SSL_SESSION to SSL_HANDSHAKE.

SSL_SESSION has a 'ciphers' member which contains a list of ciphers
that were advertised by the client. Move this from SSL_SESSION to
SSL_HANDSHAKE and rename it to match reality.

ok tb@

diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index 5fc42ca..38e7ba7 100644 (file)
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.254 2024/07/16 14:38:04 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.255 2024/07/19 08:54:31 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1478,6 +1478,8 @@ ssl3_free(SSL *s)
        tls_buffer_free(s->s3->handshake_fragment);
 
        freezero(s->s3->hs.sigalgs, s->s3->hs.sigalgs_len);
+
+       sk_SSL_CIPHER_free(s->s3->hs.client_ciphers);
        sk_X509_pop_free(s->s3->hs.peer_certs, X509_free);
        sk_X509_pop_free(s->s3->hs.peer_certs_no_leaf, X509_free);
        sk_X509_pop_free(s->s3->hs.verified_chain, X509_free);
@@ -1522,6 +1524,8 @@ ssl3_clear(SSL *s)
        s->s3->hs.sigalgs = NULL;
        s->s3->hs.sigalgs_len = 0;
 
+       sk_SSL_CIPHER_free(s->s3->hs.client_ciphers);
+       s->s3->hs.client_ciphers = NULL;
        sk_X509_pop_free(s->s3->hs.peer_certs, X509_free);
        s->s3->hs.peer_certs = NULL;
        sk_X509_pop_free(s->s3->hs.peer_certs_no_leaf, X509_free);

diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index d78cb2a..4b86b70 100644 (file)
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.326 2024/07/11 13:48:52 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.327 2024/07/19 08:54:31 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1528,9 +1528,9 @@ LSSL_ALIAS(SSL_get_ciphers);
 STACK_OF(SSL_CIPHER) *
 SSL_get_client_ciphers(const SSL *s)
 {
-       if (s == NULL || s->session == NULL || !s->server)
+       if (s == NULL || !s->server)
                return NULL;
-       return s->session->ciphers;
+       return s->s3->hs.client_ciphers;
 }
 LSSL_ALIAS(SSL_get_client_ciphers);
 
@@ -1713,10 +1713,10 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
        char *end;
        int i;
 
-       if (!s->server || s->session == NULL || len < 2)
+       if (!s->server || len < 2)
                return NULL;
 
-       if ((client_ciphers = s->session->ciphers) == NULL)
+       if ((client_ciphers = s->s3->hs.client_ciphers) == NULL)
                return NULL;
        if ((server_ciphers = SSL_get_ciphers(s)) == NULL)
                return NULL;

diff --git a/lib/libssl/ssl_local.h b/lib/libssl/ssl_local.h
index c002c9b..e9b6a62 100644 (file)
--- a/lib/libssl/ssl_local.h
+++ b/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_local.h,v 1.19 2024/07/16 14:38:04 jsing Exp $ */
+/* $OpenBSD: ssl_local.h,v 1.20 2024/07/19 08:54:31 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -443,8 +443,6 @@ struct ssl_session_st {
                                         * needs to be used to load
                                         * the 'cipher' structure */
 
-       STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
-
        char *tlsext_hostname;
 
        /* Session resumption - RFC 5077 and RFC 8446. */
@@ -568,6 +566,9 @@ typedef struct ssl_handshake_st {
        /* Cipher being negotiated in this handshake. */
        const SSL_CIPHER *cipher;
 
+       /* Ciphers sent by the client. */
+       STACK_OF(SSL_CIPHER) *client_ciphers;
+
        /* Extensions seen in this handshake. */
        uint32_t extensions_seen;
 

diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c
index cb985ca..76f194c 100644 (file)
--- a/lib/libssl/ssl_sess.c
+++ b/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.125 2024/03/27 06:47:52 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.126 2024/07/19 08:54:31 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -290,11 +290,6 @@ ssl_session_dup(SSL_SESSION *sess, int include_ticket)
        copy->cipher = sess->cipher;
        copy->cipher_id = sess->cipher_id;
 
-       if (sess->ciphers != NULL) {
-               if ((copy->ciphers = sk_SSL_CIPHER_dup(sess->ciphers)) == NULL)
-                       goto err;
-       }
-
        if (sess->tlsext_hostname != NULL) {
                copy->tlsext_hostname = strdup(sess->tlsext_hostname);
                if (copy->tlsext_hostname == NULL)
@@ -881,8 +876,6 @@ SSL_SESSION_free(SSL_SESSION *ss)
 
        X509_free(ss->peer_cert);
 
-       sk_SSL_CIPHER_free(ss->ciphers);
-
        free(ss->tlsext_hostname);
        free(ss->tlsext_tick);
        free(ss->tlsext_ecpointformatlist);

diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c
index e9f14dc..d6b7de1 100644 (file)
--- a/lib/libssl/ssl_srvr.c
+++ b/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.161 2024/06/25 14:10:45 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.162 2024/07/19 08:54:31 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1078,13 +1078,13 @@ ssl3_get_client_hello(SSL *s)
                s->hit = 1;
                s->session->verify_result = X509_V_OK;
 
-               sk_SSL_CIPHER_free(s->session->ciphers);
-               s->session->ciphers = ciphers;
+               sk_SSL_CIPHER_free(s->s3->hs.client_ciphers);
+               s->s3->hs.client_ciphers = ciphers;
                ciphers = NULL;
 
                /* Check if some cipher was preferred by the callback. */
                if (pref_cipher == NULL)
-                       pref_cipher = ssl3_choose_cipher(s, s->session->ciphers,
+                       pref_cipher = ssl3_choose_cipher(s, s->s3->hs.client_ciphers,
                            SSL_get_ciphers(s));
                if (pref_cipher == NULL) {
                        al = SSL_AD_HANDSHAKE_FAILURE;
@@ -1094,7 +1094,7 @@ ssl3_get_client_hello(SSL *s)
                s->session->cipher = pref_cipher;
 
                sk_SSL_CIPHER_free(s->cipher_list);
-               s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
+               s->cipher_list = sk_SSL_CIPHER_dup(s->s3->hs.client_ciphers);
        }
 
        /*
@@ -1108,11 +1108,11 @@ ssl3_get_client_hello(SSL *s)
                        SSLerror(s, SSL_R_NO_CIPHERS_PASSED);
                        goto fatal_err;
                }
-               sk_SSL_CIPHER_free(s->session->ciphers);
-               s->session->ciphers = ciphers;
+               sk_SSL_CIPHER_free(s->s3->hs.client_ciphers);
+               s->s3->hs.client_ciphers = ciphers;
                ciphers = NULL;
 
-               if ((c = ssl3_choose_cipher(s, s->session->ciphers,
+               if ((c = ssl3_choose_cipher(s, s->s3->hs.client_ciphers,
                    SSL_get_ciphers(s))) == NULL) {
                        al = SSL_AD_HANDSHAKE_FAILURE;
                        SSLerror(s, SSL_R_NO_SHARED_CIPHER);

diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c
index dfeb1e0..f9cdbdd 100644 (file)
--- a/lib/libssl/tls13_server.c
+++ b/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.106 2023/06/10 15:34:36 tb Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.107 2024/07/19 08:54:31 jsing Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -275,8 +275,8 @@ tls13_client_hello_process(struct tls13_ctx *ctx, CBS *cbs)
        }
        ctx->hs->cipher = cipher;
 
-       sk_SSL_CIPHER_free(s->session->ciphers);
-       s->session->ciphers = ciphers;
+       sk_SSL_CIPHER_free(s->s3->hs.client_ciphers);
+       s->s3->hs.client_ciphers = ciphers;
        ciphers = NULL;
 
        /* Ensure only the NULL compression method is advertised. */