mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
91a05d6590
openssl/ssl
History
Benjamin Kaduk e776858bce Don't send key_share for PSK-only key exchange 
TLS 1.3 allows for the "psk_ke" and "psk_dhe_ke" key-exchange modes.
Only the latter mode introduces a new ephemeral (Diffie-Hellman)
key exchange, with the PSK being the only key material used in the
former case.

It's a compliance requirement of RFC 8446 that the server MUST NOT
send a KeyShareEntry when using the "psk_ke" mode, but prior to
this commit we would send a key-share based solely on whether the
client sent one.  This bug goes unnoticed in our internal test suite
since openssl communicating with openssl can never negotiate the
PSK-only key-exchange mode.  However, we should still be compliant
with the spec, so check whether the DHE mode was offered and don't
send a key-share if it wasn't.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14749)
2021-05-12 09:11:48 -07:00
..
record Update copyright year 2021-04-22 14:38:44 +01:00
statem Don't send key_share for PSK-only key exchange 2021-05-12 09:11:48 -07:00
bio_ssl.c Update copyright year 2021-04-08 13:04:41 +01:00
build.info Drop libimplementations.a 2021-05-07 10:17:23 +02:00
d1_lib.c Update copyright year 2021-01-28 13:54:57 +01:00
d1_msg.c Update copyright year 2020-11-26 14:18:57 +00:00
d1_srtp.c Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call 2020-11-11 12:12:11 +01:00
ktls.c Only enable KTLS if it is explicitly configured 2021-04-12 11:32:05 +01:00
methods.c
pqueue.c Update copyright year 2020-11-26 14:18:57 +00:00
s3_cbc.c Remove unused code from the fips module 2021-05-08 20:44:41 +10:00
s3_enc.c Remove all OPENSSL_NO_XXX from libssl where XXX is a crypto alg 2021-02-05 15:22:43 +00:00
s3_lib.c OBJ_nid2sn(NID_sha256) is completely equivalent to OSSL_DIGEST_NAME_SHA2_256 2021-04-01 14:39:53 +02:00
s3_msg.c Avoid sending alerts after shutdown 2021-05-06 17:07:11 +02:00
ssl_asn1.c Update copyright year 2020-11-26 14:18:57 +00:00
ssl_cert_table.h
ssl_cert.c Fix NULL access in ssl_build_cert_chain() when ctx is NULL. 2021-03-03 16:16:19 +10:00
ssl_ciph.c ssl: fix problem where MAC IDs were globally cached. 2021-03-30 18:59:42 +02:00
ssl_conf.c Correct ssl_conf logic for "legacy_server_connect" 2021-05-05 08:13:51 -07:00
ssl_err_legacy.c Modify the ERR init functions to use the internal ERR string loaders 2020-11-24 15:21:44 +01:00
ssl_err.c make update 2021-05-12 09:11:48 -07:00
ssl_init.c Modify the ERR init functions to use the internal ERR string loaders 2020-11-24 15:21:44 +01:00
ssl_lib.c Enforce secure renegotiation support by default 2021-05-05 08:13:51 -07:00
ssl_local.h ssl: fix problem where MAC IDs were globally cached. 2021-03-30 18:59:42 +02:00
ssl_mcnf.c SSL: refactor all SSLfatal() calls 2020-11-11 12:12:23 +01:00
ssl_rsa_legacy.c Deprecate RSA harder 2020-11-18 23:38:34 +01:00
ssl_rsa.c ssl: coverity 1465527 - dereference after null check 2021-03-20 10:18:32 +10:00
ssl_sess.c Update copyright year 2021-04-08 13:04:41 +01:00
ssl_stat.c
ssl_txt.c Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call 2020-11-11 12:12:11 +01:00
ssl_utst.c
sslerr.h Make supported_groups code independent of EC and DH 2021-02-05 15:20:37 +00:00
t1_enc.c Only enable KTLS if it is explicitly configured 2021-04-12 11:32:05 +01:00
t1_lib.c Fix some TODO(3.0) occurrences in ssl/t1_lib.c 2021-04-19 10:39:12 +01:00
t1_trce.c Update copyright year 2021-02-18 15:05:17 +00:00
tls13_enc.c Add quick one-shot EVP_Q_mac() and deprecation compensation decls for MAC functions 2021-05-08 14:35:03 +02:00
tls_depr.c Remove OPENSSL_NO_DH guards from libssl 2021-02-05 15:20:36 +00:00
tls_srp.c Update copyright year 2021-02-18 15:05:17 +00:00