From: beck Date: Tue, 9 Jul 2024 12:27:27 +0000 (+0000) Subject: Fix TLS key share check to not fire when using < TLS 1.3 X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=e80243f4649a7a44f100ecb0836ff7dab34ab401;p=openbsd Fix TLS key share check to not fire when using < TLS 1.3 The check was being too aggressive and was catching us when the extension was being sent by a client which supports tls 1.3 but the server was capped at TLS 1.2. This moves the check after the max version check, so we won't error out if we do not support TLS 1.3 Reported by obsd@bartula.de ok tb@ --- diff --git a/lib/libssl/ssl_tlsext.c b/lib/libssl/ssl_tlsext.c index d0d67598d4c..08bf5593ecd 100644 --- a/lib/libssl/ssl_tlsext.c +++ b/lib/libssl/ssl_tlsext.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_tlsext.c,v 1.153 2024/06/26 03:41:10 tb Exp $ */ +/* $OpenBSD: ssl_tlsext.c,v 1.154 2024/07/09 12:27:27 beck Exp $ */ /* * Copyright (c) 2016, 2017, 2019 Joel Sing * Copyright (c) 2017 Doug Hogan @@ -1573,6 +1573,10 @@ tlsext_keyshare_server_process(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) if (!CBS_get_u16_length_prefixed(&client_shares, &key_exchange)) return 0; + /* Ignore this client share if we're using earlier than TLSv1.3 */ + if (s->s3->hs.our_max_tls_version < TLS1_3_VERSION) + continue; + /* * Ensure the client share group was sent in supported groups, * and was sent in the same order as supported groups. The @@ -1590,12 +1594,7 @@ tlsext_keyshare_server_process(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) return 0; } - /* - * Ignore this client share if we're using earlier than TLSv1.3 - * or we've already selected a key share. - */ - if (s->s3->hs.our_max_tls_version < TLS1_3_VERSION) - continue; + /* Ignore this client share if we have already selected a key share */ if (s->s3->hs.key_share != NULL) continue;