From: jsing Date: Sat, 8 Jan 2022 12:59:58 +0000 (+0000) Subject: Merge SESS_CERT into SSL_SESSION. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=7cf55da31c294fe9831e957d46b71678bd1ebdac;p=openbsd Merge SESS_CERT into SSL_SESSION. There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow. ok inoguchi@ tb@ --- diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c index c7355473936..e91de659ce9 100644 --- a/lib/libssl/ssl_cert.c +++ b/lib/libssl/ssl_cert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_cert.c,v 1.92 2022/01/08 12:43:44 jsing Exp $ */ +/* $OpenBSD: ssl_cert.c,v 1.93 2022/01/08 12:59:58 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -347,41 +347,6 @@ ssl_cert_add1_chain_cert(SSL_CERT *c, X509 *cert) return 1; } -SESS_CERT * -ssl_sess_cert_new(void) -{ - SESS_CERT *ret; - - ret = calloc(1, sizeof *ret); - if (ret == NULL) { - SSLerrorx(ERR_R_MALLOC_FAILURE); - return NULL; - } - ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA]); - ret->references = 1; - - return ret; -} - -void -ssl_sess_cert_free(SESS_CERT *sc) -{ - int i; - - if (sc == NULL) - return; - - i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT); - if (i > 0) - return; - - sk_X509_pop_free(sc->cert_chain, X509_free); - for (i = 0; i < SSL_PKEY_NUM; i++) - X509_free(sc->peer_pkeys[i].x509); - - free(sc); -} - int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) { diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c index c3912c3ebde..70b6fff6bf0 100644 --- a/lib/libssl/ssl_clnt.c +++ b/lib/libssl/ssl_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_clnt.c,v 1.127 2022/01/06 18:23:56 jsing Exp $ */ +/* $OpenBSD: ssl_clnt.c,v 1.128 2022/01/08 12:59:58 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1076,7 +1076,6 @@ ssl3_get_server_certificate(SSL *s) X509 *x = NULL; const unsigned char *q; STACK_OF(X509) *sk = NULL; - SESS_CERT *sc; EVP_PKEY *pkey = NULL; if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A, @@ -1154,20 +1153,11 @@ ssl3_get_server_certificate(SSL *s) } ERR_clear_error(); /* but we keep s->verify_result */ - sc = ssl_sess_cert_new(); - if (sc == NULL) - goto err; - ssl_sess_cert_free(s->session->sess_cert); - s->session->sess_cert = sc; - - sc->cert_chain = sk; /* * Inconsistency alert: cert_chain does include the peer's * certificate, which we don't include in s3_srvr.c */ x = sk_X509_value(sk, 0); - sk = NULL; - /* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/ pkey = X509_get_pubkey(x); @@ -1185,20 +1175,21 @@ ssl3_get_server_certificate(SSL *s) SSLerror(s, SSL_R_UNKNOWN_CERTIFICATE_TYPE); goto fatal_err; } + s->session->peer_cert_type = i; + + sk_X509_pop_free(s->session->cert_chain, X509_free); + s->session->cert_chain = sk; + sk = NULL; - sc->peer_cert_type = i; X509_up_ref(x); - /* - * Why would the following ever happen? - * We just created sc a couple of lines ago. - */ - X509_free(sc->peer_pkeys[i].x509); - sc->peer_pkeys[i].x509 = x; - sc->peer_key = &(sc->peer_pkeys[i]); + X509_free(s->session->peer_pkeys[i].x509); + s->session->peer_pkeys[i].x509 = x; + s->session->peer_key = &s->session->peer_pkeys[i]; - X509_free(s->session->peer); X509_up_ref(x); + X509_free(s->session->peer); s->session->peer = x; + s->session->verify_result = s->verify_result; x = NULL; @@ -1225,11 +1216,9 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) { int nid = NID_dhKeyAgreement; int invalid_params, invalid_key; - SESS_CERT *sc; long alg_a; alg_a = S3I(s)->hs.cipher->algorithm_auth; - sc = s->session->sess_cert; tls_key_share_free(S3I(s)->hs.key_share); if ((S3I(s)->hs.key_share = tls_key_share_new_nid(nid)) == NULL) @@ -1254,7 +1243,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) } if (alg_a & SSL_aRSA) - *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_RSA].x509); + *pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509); else /* XXX - Anonymous DH, so no certificate or pkey. */ *pkey = NULL; @@ -1275,11 +1264,9 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) CBS public; uint8_t curve_type; uint16_t curve_id; - SESS_CERT *sc; long alg_a; alg_a = S3I(s)->hs.cipher->algorithm_auth; - sc = s->session->sess_cert; if (!CBS_get_u8(cbs, &curve_type)) goto decode_err; @@ -1319,9 +1306,9 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, CBS *cbs) * and ECDSA. */ if (alg_a & SSL_aRSA) - *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_RSA].x509); + *pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509); else if (alg_a & SSL_aECDSA) - *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_ECC].x509); + *pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_ECC].x509); else /* XXX - Anonymous ECDH, so no certificate or pkey. */ *pkey = NULL; @@ -1381,12 +1368,6 @@ ssl3_get_server_key_exchange(SSL *s) return (1); } - if (s->session->sess_cert == NULL) { - s->session->sess_cert = ssl_sess_cert_new(); - if (s->session->sess_cert == NULL) - goto err; - } - param = CBS_data(&cbs); param_len = CBS_len(&cbs); @@ -1823,7 +1804,7 @@ ssl3_get_server_done(SSL *s) } static int -ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb) +ssl3_send_client_kex_rsa(SSL *s, CBB *cbb) { unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH]; unsigned char *enc_pms = NULL; @@ -1838,7 +1819,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb) * RSA-Encrypted Premaster Secret Message - RFC 5246 section 7.4.7.1. */ - pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA].x509); + pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509); if (pkey == NULL || (rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) { SSLerror(s, ERR_R_INTERNAL_ERROR); goto err; @@ -1890,7 +1871,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb) } static int -ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb) +ssl3_send_client_kex_dhe(SSL *s, CBB *cbb) { uint8_t *key = NULL; size_t key_len = 0; @@ -1922,7 +1903,7 @@ ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb) } static int -ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb) +ssl3_send_client_kex_ecdhe(SSL *s, CBB *cbb) { uint8_t *key = NULL; size_t key_len = 0; @@ -1961,7 +1942,7 @@ ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb) } static int -ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb) +ssl3_send_client_kex_gost(SSL *s, CBB *cbb) { unsigned char premaster_secret[32], shared_ukm[32], tmp[256]; EVP_PKEY *pub_key = NULL; @@ -1975,7 +1956,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb) CBB gostblob; /* Get server sertificate PKEY and create ctx from it */ - peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509; + peer_cert = s->session->peer_pkeys[SSL_PKEY_GOST01].x509; if (peer_cert == NULL) { SSLerror(s, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); goto err; @@ -2074,7 +2055,6 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb) int ssl3_send_client_key_exchange(SSL *s) { - SESS_CERT *sess_cert; unsigned long alg_k; CBB cbb, kex; @@ -2083,28 +2063,21 @@ ssl3_send_client_key_exchange(SSL *s) if (S3I(s)->hs.state == SSL3_ST_CW_KEY_EXCH_A) { alg_k = S3I(s)->hs.cipher->algorithm_mkey; - if ((sess_cert = s->session->sess_cert) == NULL) { - ssl3_send_alert(s, SSL3_AL_FATAL, - SSL_AD_UNEXPECTED_MESSAGE); - SSLerror(s, ERR_R_INTERNAL_ERROR); - goto err; - } - if (!ssl3_handshake_msg_start(s, &cbb, &kex, SSL3_MT_CLIENT_KEY_EXCHANGE)) goto err; if (alg_k & SSL_kRSA) { - if (!ssl3_send_client_kex_rsa(s, sess_cert, &kex)) + if (!ssl3_send_client_kex_rsa(s, &kex)) goto err; } else if (alg_k & SSL_kDHE) { - if (!ssl3_send_client_kex_dhe(s, sess_cert, &kex)) + if (!ssl3_send_client_kex_dhe(s, &kex)) goto err; } else if (alg_k & SSL_kECDHE) { - if (!ssl3_send_client_kex_ecdhe(s, sess_cert, &kex)) + if (!ssl3_send_client_kex_ecdhe(s, &kex)) goto err; } else if (alg_k & SSL_kGOST) { - if (ssl3_send_client_kex_gost(s, sess_cert, &kex) != 1) + if (ssl3_send_client_kex_gost(s, &kex) != 1) goto err; } else { ssl3_send_alert(s, SSL3_AL_FATAL, @@ -2481,11 +2454,10 @@ ssl3_send_client_certificate(SSL *s) int ssl3_check_cert_and_algorithm(SSL *s) { - int i, idx; - long alg_k, alg_a; - EVP_PKEY *pkey = NULL; - SESS_CERT *sc; + long alg_k, alg_a; + EVP_PKEY *pkey = NULL; int nid = NID_undef; + int i, idx; alg_k = S3I(s)->hs.cipher->algorithm_mkey; alg_a = S3I(s)->hs.cipher->algorithm_auth; @@ -2494,21 +2466,15 @@ ssl3_check_cert_and_algorithm(SSL *s) if (alg_a & SSL_aNULL) return (1); - sc = s->session->sess_cert; - if (sc == NULL) { - SSLerror(s, ERR_R_INTERNAL_ERROR); - goto err; - } - if (S3I(s)->hs.key_share != NULL) nid = tls_key_share_nid(S3I(s)->hs.key_share); /* This is the passed certificate. */ - idx = sc->peer_cert_type; + idx = s->session->peer_cert_type; if (idx == SSL_PKEY_ECC) { if (ssl_check_srvr_ecc_cert_and_alg( - sc->peer_pkeys[idx].x509, s) == 0) { + s->session->peer_pkeys[idx].x509, s) == 0) { /* check failed */ SSLerror(s, SSL_R_BAD_ECC_CERT); goto fatal_err; @@ -2516,8 +2482,8 @@ ssl3_check_cert_and_algorithm(SSL *s) return (1); } } - pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509); - i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey); + pkey = X509_get_pubkey(s->session->peer_pkeys[idx].x509); + i = X509_certificate_type(s->session->peer_pkeys[idx].x509, pkey); EVP_PKEY_free(pkey); /* Check that we have a certificate if we require one. */ @@ -2536,9 +2502,10 @@ ssl3_check_cert_and_algorithm(SSL *s) } return (1); + fatal_err: ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); - err: + return (0); } diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 64b18062382..fb0920cdf2d 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.282 2022/01/08 12:43:44 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.283 2022/01/08 12:59:58 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -883,20 +883,14 @@ SSL_get_peer_certificate(const SSL *s) STACK_OF(X509) * SSL_get_peer_cert_chain(const SSL *s) { - STACK_OF(X509) *r; - - if ((s == NULL) || (s->session == NULL) || - (s->session->sess_cert == NULL)) - r = NULL; - else - r = s->session->sess_cert->cert_chain; + if (s == NULL || s->session == NULL) + return NULL; /* * If we are a client, cert_chain includes the peer's own - * certificate; - * if we are a server, it does not. + * certificate; if we are a server, it does not. */ - return (r); + return s->session->cert_chain; } STACK_OF(X509) * diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 637a789dd12..d559e7148a3 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.378 2022/01/08 12:54:32 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.379 2022/01/08 12:59:59 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -511,8 +511,15 @@ struct ssl_session_st { * not_resumable_session_cb to disable session caching and tickets. */ int not_resumable; - /* The cert is the certificate used to establish this connection */ - struct sess_cert_st /* SESS_CERT */ *sess_cert; + STACK_OF(X509) *cert_chain; /* as received from peer */ + + /* The 'peer_...' members are used only by clients. */ + int peer_cert_type; + + /* Obviously we don't have the private keys of these, + * so maybe we shouldn't even use the SSL_CERT_PKEY type here. */ + SSL_CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */ + SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; size_t tlsext_ecpointformatlist_length; uint8_t *tlsext_ecpointformatlist; /* peer's list */ @@ -1216,20 +1223,6 @@ typedef struct ssl3_state_st { struct ssl3_state_internal_st *internal; } SSL3_STATE; -typedef struct sess_cert_st { - STACK_OF(X509) *cert_chain; /* as received from peer */ - - /* The 'peer_...' members are used only by clients. */ - int peer_cert_type; - - SSL_CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */ - SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; - /* Obviously we don't have the private keys of these, - * so maybe we shouldn't even use the SSL_CERT_PKEY type here. */ - - int references; /* actually always 1 at the moment */ -} SESS_CERT; - /*#define SSL_DEBUG */ /*#define RSA_DEBUG */ @@ -1295,8 +1288,6 @@ int ssl_cert_set1_chain(SSL_CERT *c, STACK_OF(X509) *chain); int ssl_cert_add0_chain_cert(SSL_CERT *c, X509 *cert); int ssl_cert_add1_chain_cert(SSL_CERT *c, X509 *cert); -SESS_CERT *ssl_sess_cert_new(void); -void ssl_sess_cert_free(SESS_CERT *sc); int ssl_get_new_session(SSL *s, int session); int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, int *alert); diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c index 2fa6af4564a..8d0f0b928cb 100644 --- a/lib/libssl/ssl_sess.c +++ b/lib/libssl/ssl_sess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sess.c,v 1.106 2021/10/25 10:01:46 jsing Exp $ */ +/* $OpenBSD: ssl_sess.c,v 1.107 2022/01/08 12:59:59 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -230,6 +230,8 @@ SSL_SESSION_new(void) ss->next = NULL; ss->tlsext_hostname = NULL; + ss->peer_key = &ss->peer_pkeys[SSL_PKEY_RSA]; + ss->tlsext_ecpointformatlist_length = 0; ss->tlsext_ecpointformatlist = NULL; ss->tlsext_supportedgroups_length = 0; @@ -760,7 +762,9 @@ SSL_SESSION_free(SSL_SESSION *ss) explicit_bzero(ss->master_key, sizeof ss->master_key); explicit_bzero(ss->session_id, sizeof ss->session_id); - ssl_sess_cert_free(ss->sess_cert); + sk_X509_pop_free(ss->cert_chain, X509_free); + for (i = 0; i < SSL_PKEY_NUM; i++) + X509_free(ss->peer_pkeys[i].x509); X509_free(ss->peer); diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c index 6e749438032..7f7a176950a 100644 --- a/lib/libssl/ssl_srvr.c +++ b/lib/libssl/ssl_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_srvr.c,v 1.133 2022/01/08 12:43:44 jsing Exp $ */ +/* $OpenBSD: ssl_srvr.c,v 1.134 2022/01/08 12:59:59 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2235,29 +2235,17 @@ ssl3_get_client_certificate(SSL *s) X509_free(s->session->peer); s->session->peer = sk_X509_shift(sk); - s->session->verify_result = s->verify_result; - - /* - * With the current implementation, sess_cert will always be NULL - * when we arrive here - */ - if (s->session->sess_cert == NULL) { - s->session->sess_cert = ssl_sess_cert_new(); - if (s->session->sess_cert == NULL) { - SSLerror(s, ERR_R_MALLOC_FAILURE); - goto err; - } - } - sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free); - s->session->sess_cert->cert_chain = sk; /* * Inconsistency alert: cert_chain does *not* include the * peer's own certificate, while we do include it in s3_clnt.c */ - + sk_X509_pop_free(s->session->cert_chain, X509_free); + s->session->cert_chain = sk; sk = NULL; + s->session->verify_result = s->verify_result; + ret = 1; if (0) { decode_err: diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c index 882bce8c1f6..d961f98bef4 100644 --- a/lib/libssl/tls13_client.c +++ b/lib/libssl/tls13_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_client.c,v 1.90 2022/01/08 12:43:44 jsing Exp $ */ +/* $OpenBSD: tls13_client.c,v 1.91 2022/01/08 12:59:59 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -628,21 +628,19 @@ tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) if ((cert_idx = ssl_cert_type(cert, pkey)) < 0) goto err; - ssl_sess_cert_free(s->session->sess_cert); - if ((s->session->sess_cert = ssl_sess_cert_new()) == NULL) - goto err; - - s->session->sess_cert->cert_chain = certs; + sk_X509_pop_free(s->session->cert_chain, X509_free); + s->session->cert_chain = certs; certs = NULL; X509_up_ref(cert); - s->session->sess_cert->peer_pkeys[cert_idx].x509 = cert; - s->session->sess_cert->peer_key = &(s->session->sess_cert->peer_pkeys[cert_idx]); - - X509_free(s->session->peer); + X509_free(s->session->peer_pkeys[cert_idx].x509); + s->session->peer_pkeys[cert_idx].x509 = cert; + s->session->peer_key = &s->session->peer_pkeys[cert_idx]; X509_up_ref(cert); + X509_free(s->session->peer); s->session->peer = cert; + s->session->verify_result = s->verify_result; if (ctx->ocsp_status_recv_cb != NULL && diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c index 4edf3881c2c..e31ae380767 100644 --- a/lib/libssl/tls13_server.c +++ b/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.92 2022/01/08 12:43:45 jsing Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.93 2022/01/08 12:59:59 jsing Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing * Copyright (c) 2020 Bob Beck @@ -921,21 +921,19 @@ tls13_client_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) if ((cert_idx = ssl_cert_type(cert, pkey)) < 0) goto err; - ssl_sess_cert_free(s->session->sess_cert); - if ((s->session->sess_cert = ssl_sess_cert_new()) == NULL) - goto err; - - s->session->sess_cert->cert_chain = certs; + sk_X509_pop_free(s->session->cert_chain, X509_free); + s->session->cert_chain = certs; certs = NULL; X509_up_ref(cert); - s->session->sess_cert->peer_pkeys[cert_idx].x509 = cert; - s->session->sess_cert->peer_key = &(s->session->sess_cert->peer_pkeys[cert_idx]); - - X509_free(s->session->peer); + X509_free(s->session->peer_pkeys[cert_idx].x509); + s->session->peer_pkeys[cert_idx].x509 = cert; + s->session->peer_key = &s->session->peer_pkeys[cert_idx]; X509_up_ref(cert); + X509_free(s->session->peer); s->session->peer = cert; + s->session->verify_result = s->verify_result; ctx->handshake_stage.hs_type |= WITH_CCV;