root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix ciphersuite handling during an HRR 

Choose a new ciphersuite for the HRR. Don't just use the one from the
session.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2895)
This commit is contained in:
Matt Caswell 2017-03-15 18:41:50 +00:00
parent cf3e221bd9
commit 69b2d39332
1 changed files with 23 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
ssl/statem/statem_srvr.c
View File

@ -1849,12 +1849,7 @@ static int tls_early_post_process_client_hello(SSL *s, int *al)
* Given s->session->ciphers and SSL_get_ciphers, we must pick a cipher * Given s->session->ciphers and SSL_get_ciphers, we must pick a cipher
*/ */
if (!s->hit) { if (!s->hit || s->hello_retry_request) {
#ifdef OPENSSL_NO_COMP
s->session->compress_meth = 0;
#else
s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
#endif
sk_SSL_CIPHER_free(s->session->ciphers); sk_SSL_CIPHER_free(s->session->ciphers);
s->session->ciphers = ciphers; s->session->ciphers = ciphers;
if (ciphers == NULL) { if (ciphers == NULL) {
@ -1863,6 +1858,14 @@ static int tls_early_post_process_client_hello(SSL *s, int *al)
goto err; goto err;
} }
ciphers = NULL; ciphers = NULL;
}
if (!s->hit) {
#ifdef OPENSSL_NO_COMP
s->session->compress_meth = 0;
#else
s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
#endif
if (!tls1_set_server_sigalgs(s)) { if (!tls1_set_server_sigalgs(s)) {
SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
goto err; goto err;
@ -1951,7 +1954,7 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
wst = WORK_MORE_B; wst = WORK_MORE_B;
} }
if (wst == WORK_MORE_B) { if (wst == WORK_MORE_B) {
if (!s->hit) { if (!s->hit || s->hello_retry_request) {
/* Let cert callback update server certificates if required */ /* Let cert callback update server certificates if required */
if (s->cert->cert_cb) { if (s->cert->cert_cb) {
int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg); int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg);
@ -1986,17 +1989,19 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
goto f_err; goto f_err;
} }
s->s3->tmp.new_cipher = cipher; s->s3->tmp.new_cipher = cipher;
if (!tls_choose_sigalg(s, &al)) if (!s->hit) {
goto f_err; if (!tls_choose_sigalg(s, &al))
/* check whether we should disable session resumption */ goto f_err;
if (s->not_resumable_session_cb != NULL) /* check whether we should disable session resumption */
s->session->not_resumable = if (s->not_resumable_session_cb != NULL)
s->not_resumable_session_cb(s, ((cipher->algorithm_mkey s->session->not_resumable =
& (SSL_kDHE | SSL_kECDHE)) s->not_resumable_session_cb(s, ((cipher->algorithm_mkey
!= 0)); & (SSL_kDHE | SSL_kECDHE))
if (s->session->not_resumable) != 0));
/* do not send a session ticket */ if (s->session->not_resumable)
s->ext.ticket_expected = 0; /* do not send a session ticket */
s->ext.ticket_expected = 0;
}
} else { } else {
/* Session-id reuse */ /* Session-id reuse */
s->s3->tmp.new_cipher = s->session->cipher; s->s3->tmp.new_cipher = s->session->cipher;