Commit Graph

22 Commits

Author SHA1 Message Date
Emilia Kasper
062178678f Refactor ClientHello extension parsing
1) Simplify code with better PACKET methods.

2) Make broken SNI parsing explicit. SNI was intended to be extensible
to new name types but RFC 4366 defined the syntax inextensibly, and
OpenSSL has never parsed SNI in a way that would allow adding a new name
type. RFC 6066 fixed the definition but due to broken implementations
being widespread, it appears impossible to ever extend SNI.

3) Annotate resumption behaviour. OpenSSL doesn't currently handle all
extensions correctly upon resumption. Annotate for further clean-up.

4) Send an alert on ALPN protocol mismatch.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-03-03 13:53:26 +01:00
Emilia Kasper
b698174493 constify PACKET
PACKET contents should be read-only. To achieve this, also
- constify two user callbacks
- constify BUF_reverse.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-01 16:21:57 +01:00
Rich Salz
349807608f Remove /* foo.c */ comments
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 16:40:43 -05:00
Richard Levitte
1de1d7689a Instead of a local hack, implement SIZE_MAX in numbers.h if it's missing
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-01-02 21:11:02 +01:00
Richard Levitte
36830ecac7 SIZE_MAX doesn't exist everywhere, supply an alternative
SIZE_MAX is a great macro, and does unfortunately not exist everywhere.
Since we check against half of it, using bitwise shift to calculate the
value of half SIZE_MAX should be safe enough.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-30 14:56:59 +01:00
Dr. Stephen Henson
80e0ecbf58 Add ossl_inline
Add macro ossl_inline for use in public headers where a portable inline
is required. Change existing inline to use ossl_inline

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-22 23:03:56 +00:00
Rich Salz
7644a9aef8 Rename some BUF_xxx to OPENSSL_xxx
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 16:14:49 -05:00
Matt Caswell
3fde6c9276 Avoid undefined behaviour in PACKET_buf_init
Change the sanity check in PACKET_buf_init to check for excessive length
buffers, which should catch the interesting cases where len has been cast
from a negative value whilst avoiding any undefined behaviour.

RT#4094

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-21 16:13:53 +01:00
Emilia Kasper
f4f78ff7da PACKET: fix __owur
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-10-15 16:20:22 +02:00
Emilia Kasper
3101154481 DTLS: remove unused cookie field
Note that this commit constifies a user callback parameter and therefore
will break compilation for applications using this callback. But unless
they are abusing write access to the buffer, the fix is trivial.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-10-09 15:32:35 +02:00
Emilia Kasper
329428708d PACKET: simplify ServerKeyExchange parsing
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-10-08 16:44:39 +02:00
Emilia Kasper
67202973cf Add PACKET_copy_all
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-10-05 19:03:52 +02:00
Emilia Kasper
b3e2272c59 ssl3_get_client_hello: rearrange logic
Move all packet parsing to the beginning of the method. This limits the
SSLv2 compatibility soup to the parsing, and makes the rest of the
processing uniform.

This is also needed for simpler EMS support: EMS servers need to do an
early scan for EMS to make resumption decisions. This'll be easier when
the entire ClientHello is parsed in the beginning.

As a side effect,
1) PACKETize ssl_get_prev_session and tls1_process_ticket; and
2) Delete dead code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-10-05 19:03:52 +02:00
Emilia Kasper
6a12a5740b PACKET: simplify
Get rid of the third field that is no longer needed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-22 20:42:18 +02:00
Emilia Kasper
88f84eb257 Remove PACKET_back
It's unused, and the same functionality can be achieved with saving a
copy of the struct.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-18 13:04:07 +02:00
Emilia Kasper
4bd16463b8 Remove PACKET_(get|goto)_bookmark
The bookmark API results in a lot of boilerplate error checking that can
be much more easily achieved with a simple struct copy. It also lays the
path for removing the third PACKET field.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-17 18:47:33 +02:00
Emilia Kasper
6d41fc80e6 PACKET: add PACKET_memdup and PACKET_strndup
Use each once in s3_srvr.c to show how they work.

Also fix a bug introduced in c3fc7eeab8
and made apparent by this change:
ssl3_get_next_proto wasn't updating next_proto_negotiated_len

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-09-09 12:47:05 +02:00
Emilia Kasper
ec30e8566e PACKET: add methods for reading length-prefixed TLS vectors.
Rewrite ssl3_get_client_hello to use the new methods.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-26 13:25:48 +02:00
Emilia Kasper
2aa815c343 PACKET: constify where possible
The PACKET should hold a 'const unsigned char*' underneath as well
but the legacy code passes the record buffer around as 'unsigned char*'
(to callbacks, too) so that's a bigger refactor.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-26 13:19:12 +02:00
Matt Caswell
bc6616a434 Enhance PACKET readability
Enhance the PACKET code readability, and fix a stale comment. Thanks
to Ben Kaduk (bkaduk@akamai.com) for pointing this out.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-08-13 20:34:51 +01:00
Matt Caswell
44128847e8 Fix a bug in the new PACKET implementation
Some of the PACKET functions were returning incorrect data. An unfortunate
choice of test data in the unit test was masking the failure.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-08-04 13:06:58 +01:00
Matt Caswell
7e729bb5a3 Add initial packet parsing code
Provide more robust (inline) functions to replace n2s, n2l, etc. These
functions do the same thing as the previous macros, but also keep track
of the amount of data remaining and return an error if we try to read more
data than we've got.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-08-03 11:01:42 +01:00