From 5758dab983edb19f03a6397895f33b3b7c0ec699 Mon Sep 17 00:00:00 2001 From: Frederik Wedel-Heinen Date: Fri, 13 Oct 2023 11:33:02 +0200 Subject: [PATCH] Fix ssl_lib functions for dtls 1.3 --- ssl/ssl_lib.c | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index f15fe126a22f5..e19ab608c74e2 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2776,7 +2776,7 @@ int SSL_key_update(SSL *s, int updatetype) if (sc == NULL) return 0; - if (!SSL_CONNECTION_IS_TLS13(sc)) { + if (!(SSL_CONNECTION_IS_TLS13(sc) || SSL_CONNECTION_IS_DTLS13(sc))) { ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); return 0; } @@ -2823,7 +2823,7 @@ int SSL_get_key_update_type(const SSL *s) */ static int can_renegotiate(const SSL_CONNECTION *sc) { - if (SSL_CONNECTION_IS_TLS13(sc)) { + if (SSL_CONNECTION_IS_TLS13(sc) || SSL_CONNECTION_IS_DTLS13(sc)) { ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); return 0; } @@ -2890,7 +2890,7 @@ int SSL_new_session_ticket(SSL *s) /* If we are in init because we're sending tickets, okay to send more. */ if ((SSL_in_init(s) && sc->ext.extra_tickets_expected == 0) || SSL_IS_FIRST_HANDSHAKE(sc) || !sc->server - || !SSL_CONNECTION_IS_TLS13(sc)) + || !(SSL_CONNECTION_IS_TLS13(sc) || SSL_CONNECTION_IS_DTLS13(sc))) return 0; sc->ext.extra_tickets_expected++; if (!RECORD_LAYER_write_pending(&sc->rlayer) && !SSL_in_init(s)) @@ -3443,21 +3443,21 @@ const char *SSL_get_servername(const SSL *s, const int type) if (server) { /** * Server side - * In TLSv1.3 on the server SNI is not associated with the session - * but in TLSv1.2 or below it is. + * In (D)TLSv1.3 on the server SNI is not associated with the session + * but in (D)TLSv1.2 or below it is. * * Before the handshake: * - return NULL * - * During/after the handshake (TLSv1.2 or below resumption occurred): + * During/after the handshake ((D)TLSv1.2 or below resumption occurred): * - If a servername was accepted by the server in the original * handshake then it will return that servername, or NULL otherwise. * - * During/after the handshake (TLSv1.2 or below resumption did not occur): + * During/after the handshake ((D)TLSv1.2 or below resumption did not occur): * - The function will return the servername requested by the client in * this handshake or NULL if none was requested. */ - if (sc->hit && !SSL_CONNECTION_IS_TLS13(sc)) + if (sc->hit && !(SSL_CONNECTION_IS_TLS13(sc) || SSL_CONNECTION_IS_DTLS13(sc))) return sc->session->ext.hostname; } else { /** @@ -3466,29 +3466,30 @@ const char *SSL_get_servername(const SSL *s, const int type) * Before the handshake: * - If a servername has been set via a call to * SSL_set_tlsext_host_name() then it will return that servername - * - If one has not been set, but a TLSv1.2 resumption is being + * - If one has not been set, but a (D)TLSv1.2 resumption is being * attempted and the session from the original handshake had a * servername accepted by the server then it will return that * servername * - Otherwise it returns NULL * - * During/after the handshake (TLSv1.2 or below resumption occurred): + * During/after the handshake ((D)TLSv1.2 or below resumption occurred): * - If the session from the original handshake had a servername accepted * by the server then it will return that servername. * - Otherwise it returns the servername set via * SSL_set_tlsext_host_name() (or NULL if it was not called). * - * During/after the handshake (TLSv1.2 or below resumption did not occur): + * During/after the handshake ((D)TLSv1.2 or below resumption did not occur): * - It will return the servername set via SSL_set_tlsext_host_name() * (or NULL if it was not called). */ if (SSL_in_before(s)) { if (sc->ext.hostname == NULL && sc->session != NULL - && sc->session->ssl_version != TLS1_3_VERSION) + && sc->session->ssl_version != TLS1_3_VERSION + && sc->session->ssl_version != DTLS1_3_VERSION) return sc->session->ext.hostname; } else { - if (!SSL_CONNECTION_IS_TLS13(sc) && sc->hit + if (!(SSL_CONNECTION_IS_TLS13(sc) || SSL_CONNECTION_IS_DTLS13(sc)) && sc->hit && sc->session->ext.hostname != NULL) return sc->session->ext.hostname; } @@ -3780,7 +3781,7 @@ int SSL_export_keying_material_early(SSL *s, unsigned char *out, size_t olen, if (sc == NULL) return -1; - if (sc->version != TLS1_3_VERSION) + if (sc->version != TLS1_3_VERSION && sc->version != DTLS1_3_VERSION) return 0; return tls13_export_keying_material_early(sc, out, olen, label, llen, @@ -4487,7 +4488,7 @@ void ssl_update_cache(SSL_CONNECTION *s, int mode) i = s->session_ctx->session_cache_mode; if ((i & mode) != 0 - && (!s->hit || SSL_CONNECTION_IS_TLS13(s))) { + && (!s->hit || SSL_CONNECTION_IS_TLS13(s) || SSL_CONNECTION_IS_DTLS13(s))) { /* * Add the session to the internal cache. In server side TLSv1.3 we * normally don't do this because by default it's a full stateless ticket @@ -4500,7 +4501,7 @@ void ssl_update_cache(SSL_CONNECTION *s, int mode) * - SSL_OP_NO_TICKET is set in which case it is a stateful ticket */ if ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE) == 0 - && (!SSL_CONNECTION_IS_TLS13(s) + && (!(SSL_CONNECTION_IS_TLS13(s) || SSL_CONNECTION_IS_DTLS13(s)) || !s->server || (s->max_early_data > 0 && (s->options & SSL_OP_NO_ANTI_REPLAY) == 0) @@ -7071,7 +7072,7 @@ int SSL_verify_client_post_handshake(SSL *ssl) if (sc == NULL) return 0; - if (!SSL_CONNECTION_IS_TLS13(sc)) { + if (!(SSL_CONNECTION_IS_TLS13(sc) || SSL_CONNECTION_IS_DTLS13(sc))) { ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); return 0; }