Move verified_chain from SSL to SSL_HANDSHAKE

This is a better version of the fix for the missing pointer invalidation
but a bit larger, so errata got the minimal fix.

tested by jcs
ok jsing

diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index 4229b2e..37ca7bd 100644 (file)
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.243 2023/05/16 14:10:43 jcs Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.244 2023/05/26 13:44:05 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1570,6 +1570,7 @@ ssl3_free(SSL *s)
        freezero(s->s3->hs.sigalgs, s->s3->hs.sigalgs_len);
        sk_X509_pop_free(s->s3->hs.peer_certs, X509_free);
        sk_X509_pop_free(s->s3->hs.peer_certs_no_leaf, X509_free);
+       sk_X509_pop_free(s->s3->hs.verified_chain, X509_free);
        tls_key_share_free(s->s3->hs.key_share);
 
        tls13_secrets_destroy(s->s3->hs.tls13.secrets);
@@ -1579,8 +1580,6 @@ ssl3_free(SSL *s)
        tls_buffer_free(s->s3->hs.tls13.quic_read_buffer);
 
        sk_X509_NAME_pop_free(s->s3->hs.tls12.ca_names, X509_NAME_free);
-       sk_X509_pop_free(s->verified_chain, X509_free);
-       s->verified_chain = NULL;
 
        tls1_transcript_free(s);
        tls1_transcript_hash_free(s);
@@ -1603,8 +1602,6 @@ ssl3_clear(SSL *s)
 
        tls1_cleanup_key_block(s);
        sk_X509_NAME_pop_free(s->s3->hs.tls12.ca_names, X509_NAME_free);
-       sk_X509_pop_free(s->verified_chain, X509_free);
-       s->verified_chain = NULL;
 
        tls_buffer_free(s->s3->alert_fragment);
        s->s3->alert_fragment = NULL;
@@ -1619,6 +1616,8 @@ ssl3_clear(SSL *s)
        s->s3->hs.peer_certs = NULL;
        sk_X509_pop_free(s->s3->hs.peer_certs_no_leaf, X509_free);
        s->s3->hs.peer_certs_no_leaf = NULL;
+       sk_X509_pop_free(s->s3->hs.verified_chain, X509_free);
+       s->s3->hs.verified_chain = NULL;
 
        tls_key_share_free(s->s3->hs.key_share);
        s->s3->hs.key_share = NULL;

diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c
index 4fe8052..8a333b4 100644 (file)
--- a/lib/libssl/ssl_cert.c
+++ b/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.105 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.106 2023/05/26 13:44:05 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -440,11 +440,11 @@ ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *certs)
                ret = X509_verify_cert(ctx);
 
        s->verify_result = X509_STORE_CTX_get_error(ctx);
-       sk_X509_pop_free(s->verified_chain, X509_free);
-       s->verified_chain = NULL;
+       sk_X509_pop_free(s->s3->hs.verified_chain, X509_free);
+       s->s3->hs.verified_chain = NULL;
        if (X509_STORE_CTX_get0_chain(ctx) != NULL) {
-               s->verified_chain = X509_STORE_CTX_get1_chain(ctx);
-               if (s->verified_chain == NULL) {
+               s->s3->hs.verified_chain = X509_STORE_CTX_get1_chain(ctx);
+               if (s->s3->hs.verified_chain == NULL) {
                        SSLerrorx(ERR_R_MALLOC_FAILURE);
                        ret = 0;
                }

diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 68e60a5..f6c9406 100644 (file)
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.309 2023/04/23 18:51:53 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.310 2023/05/26 13:44:05 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -900,7 +900,9 @@ SSL_get_peer_cert_chain(const SSL *s)
 STACK_OF(X509) *
 SSL_get0_verified_chain(const SSL *s)
 {
-       return s->verified_chain;
+       if (s->s3 == NULL)
+               return NULL;
+       return s->s3->hs.verified_chain;
 }
 
 /*

diff --git a/lib/libssl/ssl_local.h b/lib/libssl/ssl_local.h
index 876a5e4..cb38e5f 100644 (file)
--- a/lib/libssl/ssl_local.h
+++ b/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_local.h,v 1.5 2023/04/25 07:48:15 tb Exp $ */
+/* $OpenBSD: ssl_local.h,v 1.6 2023/05/26 13:44:05 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -651,6 +651,9 @@ typedef struct ssl_handshake_st {
        STACK_OF(X509) *peer_certs;
        STACK_OF(X509) *peer_certs_no_leaf;
 
+       /* Certificate chain resulting from X.509 verification. */
+       STACK_OF(X509) *verified_chain;
+
        SSL_HANDSHAKE_TLS12 tls12;
        SSL_HANDSHAKE_TLS13 tls13;
 } SSL_HANDSHAKE;
@@ -1130,7 +1133,6 @@ struct ssl_st {
        int empty_record_count;
 
        size_t num_tickets; /* Unused, for OpenSSL compatibility */
-       STACK_OF(X509) *verified_chain;
 };
 
 typedef struct ssl3_record_internal_st {