There are some minor differences in the format of a ServerHello in TLSv1.3.
Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich
Salz
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
s->hit = 0;
/* Get the session-id. */
- if (!PACKET_get_length_prefixed_1(pkt, &session_id)) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);
- goto f_err;
- }
- session_id_len = PACKET_remaining(&session_id);
- if (session_id_len > sizeof s->session->session_id
- || session_id_len > SSL3_SESSION_ID_SIZE) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG);
- goto f_err;
+ if (!SSL_IS_TLS13(s)) {
+ if (!PACKET_get_length_prefixed_1(pkt, &session_id)) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ session_id_len = PACKET_remaining(&session_id);
+ if (session_id_len > sizeof s->session->session_id
+ || session_id_len > SSL3_SESSION_ID_SIZE) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO,
+ SSL_R_SSL3_SESSION_ID_TOO_LONG);
+ goto f_err;
+ }
+ } else {
+ session_id_len = 0;
}
if (!PACKET_get_bytes(pkt, &cipherchars, TLS_CIPHER_LEN)) {
* we can resume, and later peek at the next handshake message to see if the
* server wants to resume.
*/
- if (s->version >= TLS1_VERSION && s->tls_session_secret_cb &&
- s->session->tlsext_tick) {
+ if (s->version >= TLS1_VERSION && !SSL_IS_TLS13(s)
+ && s->tls_session_secret_cb && s->session->tlsext_tick) {
const SSL_CIPHER *pref_cipher = NULL;
/*
* s->session->master_key_length is a size_t, but this is an int for
s->s3->tmp.new_cipher = c;
/* lets get the compression algorithm */
/* COMPRESSION */
- if (!PACKET_get_1(pkt, &compression)) {
- SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);
- al = SSL_AD_DECODE_ERROR;
- goto f_err;
+ if (!SSL_IS_TLS13(s)) {
+ if (!PACKET_get_1(pkt, &compression)) {
+ SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);
+ al = SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ } else {
+ compression = 0;
}
+
#ifdef OPENSSL_NO_COMP
if (compression != 0) {
al = SSL_AD_ILLEGAL_PARAMETER;
compm = s->s3->tmp.new_compression->id;
#endif
- if (!WPACKET_sub_memcpy_u8(pkt, s->session->session_id, sl)
+ if ((!SSL_IS_TLS13(s)
+ && !WPACKET_sub_memcpy_u8(pkt, s->session->session_id, sl))
|| !s->method->put_cipher_by_char(s->s3->tmp.new_cipher, pkt, &len)
- || !WPACKET_put_bytes_u8(pkt, compm)
+ || (!SSL_IS_TLS13(s)
+ && !WPACKET_put_bytes_u8(pkt, compm))
|| !ssl_prepare_serverhello_tlsext(s)
|| !ssl_add_serverhello_tlsext(s, pkt, &al)) {
SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
}
static int ssl_print_version(BIO *bio, int indent, const char *name,
- const unsigned char **pmsg, size_t *pmsglen)
+ const unsigned char **pmsg, size_t *pmsglen,
+ unsigned int *version)
{
int vers;
if (*pmsglen < 2)
return 0;
vers = ((*pmsg)[0] << 8) | (*pmsg)[1];
+ if (version != NULL) {
+ /* TODO(TLS1.3): Remove the draft conditional here before release */
+ *version = (vers == TLS1_3_VERSION_DRAFT) ? TLS1_3_VERSION : vers;
+ }
BIO_indent(bio, indent, 80);
BIO_printf(bio, "%s=0x%x (%s)\n",
name, vers, ssl_trace_str(vers, ssl_version_tbl));
{
size_t len;
unsigned int cs;
- if (!ssl_print_version(bio, indent, "client_version", &msg, &msglen))
+ if (!ssl_print_version(bio, indent, "client_version", &msg, &msglen, NULL))
return 0;
if (!ssl_print_random(bio, indent, &msg, &msglen))
return 0;
static int dtls_print_hello_vfyrequest(BIO *bio, int indent,
const unsigned char *msg, size_t msglen)
{
- if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen))
+ if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen, NULL))
return 0;
if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen))
return 0;
const unsigned char *msg, size_t msglen)
{
unsigned int cs;
- if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen))
+ unsigned int vers;
+ if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen, &vers))
return 0;
if (!ssl_print_random(bio, indent, &msg, &msglen))
return 0;
- if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen))
+ if (vers != TLS1_3_VERSION
+ && !ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen))
return 0;
if (msglen < 2)
return 0;
msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl));
msg += 2;
msglen -= 2;
- if (msglen < 1)
- return 0;
- BIO_indent(bio, indent, 80);
- BIO_printf(bio, "compression_method: %s (0x%02X)\n",
- ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]);
- msg++;
- msglen--;
+ if (vers != TLS1_3_VERSION) {
+ if (msglen < 1)
+ return 0;
+ BIO_indent(bio, indent, 80);
+ BIO_printf(bio, "compression_method: %s (0x%02X)\n",
+ ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]);
+ msg++;
+ msglen--;
+ }
if (!ssl_print_extensions(bio, indent, 1, msg, msglen))
return 0;
return 1;
#Test 1: Check we get all the right messages for a default handshake
(undef, my $session) = tempfile();
-$proxy->serverconnects(2);
+#$proxy->serverconnects(2);
$proxy->clientflags("-sess_out ".$session);
$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
-plan tests => 4;
+plan tests => 3;
checkmessages(DEFAULT_HANDSHAKE, "Default handshake test");
+#TODO(TLS1.3): Test temporarily disabled until we implement TLS1.3 resumption
#Test 2: Resumption handshake
-$proxy->clearClient();
-$proxy->clientflags("-sess_in ".$session);
-$proxy->clientstart();
-checkmessages(RESUME_HANDSHAKE, "Resumption handshake test");
+#$proxy->clearClient();
+#$proxy->clientflags("-sess_in ".$session);
+#$proxy->clientstart();
+#checkmessages(RESUME_HANDSHAKE, "Resumption handshake test");
unlink $session;
#Test 3: A default handshake, but with a CertificateStatus message
[10-alpn-simple-resumption-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[11-alpn-server-switch-resumption-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[12-alpn-client-switch-resumption-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[12-alpn-client-switch-resumption-resume-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[13-alpn-alert-on-mismatch-resumption-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[14-alpn-no-server-support-resumption-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[15-alpn-no-client-support-resumption-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[15-alpn-no-client-support-resumption-resume-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
},
},
client => {
+ #TODO(TLS1.3): Temporary until we support TLSv1.3 resumption
+ MaxProtocol => "TLSv1.2",
extra => {
"ALPNProtocols" => "foo",
},
},
},
client => {
+ #TODO(TLS1.3): Temporary until we support TLSv1.3 resumption
+ MaxProtocol => "TLSv1.2",
extra => {
"ALPNProtocols" => "foo,bar,baz",
},
},
},
client => {
+ #TODO(TLS1.3): Temporary until we support TLSv1.3 resumption
+ MaxProtocol => "TLSv1.2",
extra => {
"ALPNProtocols" => "foo,baz",
},
},
resume_client => {
+ #TODO(TLS1.3): Temporary until we support TLSv1.3 resumption
+ MaxProtocol => "TLSv1.2",
extra => {
"ALPNProtocols" => "bar,baz",
},
},
},
client => {
+ #TODO(TLS1.3): Temporary until we support TLSv1.3 resumption
+ MaxProtocol => "TLSv1.2",
extra => {
"ALPNProtocols" => "foo,bar",
},
},
resume_server => { },
client => {
+ #TODO(TLS1.3): Temporary until we support TLSv1.3 resumption
+ MaxProtocol => "TLSv1.2",
extra => {
"ALPNProtocols" => "foo",
},
},
},
client => {
+ #TODO(TLS1.3): Temporary until we support TLSv1.3 resumption
+ MaxProtocol => "TLSv1.2",
extra => {
"ALPNProtocols" => "foo",
},
},
- resume_client => { },
+ resume_client => {
+ #TODO(TLS1.3): Temporary until we support TLSv1.3 resumption
+ MaxProtocol => "TLSv1.2"
+ },
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
[2-ct-permissive-resumption-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[3-ct-strict-resumption-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[3-ct-strict-resumption-resume-client]
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
our @tests = (
# Currently only have tests for certs without SCTs.
{
- name => "ct-permissive",
- server => { },
- client => {
- extra => {
- "CTValidation" => "Permissive",
- },
- },
- test => {
- "ExpectedResult" => "Success",
- },
+ name => "ct-permissive",
+ server => { },
+ client => {
+ extra => {
+ "CTValidation" => "Permissive",
+ },
+ },
+ test => {
+ "ExpectedResult" => "Success",
+ },
},
{
- name => "ct-strict",
- server => { },
- client => {
- extra => {
- "CTValidation" => "Strict",
- },
- },
- test => {
- "ExpectedResult" => "ClientFail",
- "ExpectedClientAlert" => "HandshakeFailure",
- },
+ name => "ct-strict",
+ server => { },
+ client => {
+ extra => {
+ "CTValidation" => "Strict",
+ },
+ },
+ test => {
+ "ExpectedResult" => "ClientFail",
+ "ExpectedClientAlert" => "HandshakeFailure",
+ },
},
{
- name => "ct-permissive-resumption",
- server => { },
- client => {
- extra => {
- "CTValidation" => "Permissive",
- },
- },
- test => {
- "HandshakeMode" => "Resume",
- "ResumptionExpected" => "Yes",
- "ExpectedResult" => "Success",
- },
+ name => "ct-permissive-resumption",
+ server => { },
+ client => {
+ #TODO(TLS1.3): Temporarily set to TLSv1.2 until we implement TLS1.3
+ # resumption
+ MaxProtocol => "TLSv1.2",
+ extra => {
+ "CTValidation" => "Permissive",
+ },
+ },
+ test => {
+ "HandshakeMode" => "Resume",
+ "ResumptionExpected" => "Yes",
+ "ExpectedResult" => "Success",
+ },
},
{
- name => "ct-strict-resumption",
- server => { },
- client => {
- extra => {
- "CTValidation" => "Permissive",
- },
- },
- # SCTs are not present during resumption, so the resumption
- # should succeed.
- resume_client => {
- extra => {
- "CTValidation" => "Strict",
- },
- },
- test => {
- "HandshakeMode" => "Resume",
- "ResumptionExpected" => "Yes",
- "ExpectedResult" => "Success",
- },
+ name => "ct-strict-resumption",
+ server => { },
+ client => {
+ #TODO(TLS1.3): Temporarily set to TLSv1.2 until we implement TLS1.3
+ # resumption
+ MaxProtocol => "TLSv1.2",
+ extra => {
+ "CTValidation" => "Permissive",
+ },
+ },
+ # SCTs are not present during resumption, so the resumption
+ # should succeed.
+ resume_client => {
+ #TODO(TLS1.3): Temporarily set to TLSv1.2 until we implement TLS1.3
+ # resumption
+ MaxProtocol => "TLSv1.2",
+ extra => {
+ "CTValidation" => "Strict",
+ },
+ },
+ test => {
+ "HandshakeMode" => "Resume",
+ "ResumptionExpected" => "Yes",
+ "ExpectedResult" => "Success",
+ },
},
);
# Don't write the redundant "Method = TLS" into the configuration.
undef $method if !$dtls;
+
+ #TODO(TLS1.3): This is temporary code while we do not have support for
+ # TLS1.3 resumption. We recalculate min_tls_enabled and
+ # max_tls_enabled, ignoring TLS1.3
+ foreach my $i (0..($#tls_protocols - 1)) {
+ if (!$is_tls_disabled[$i]) {
+ $min_tls_enabled = $i;
+ last;
+ }
+ }
+ foreach my $i (0..($#tls_protocols - 1)) {
+ if (!$is_tls_disabled[$i]) {
+ $max_tls_enabled = $i;
+ }
+ }
+
my @protocols = $dtls ? @dtls_protocols : @tls_protocols;
my $min_enabled = $dtls ? $min_dtls_enabled : $min_tls_enabled;
my $max_enabled = $dtls ? $max_dtls_enabled : $max_tls_enabled;
SSL_CTX_set_min_proto_version(cctx, TLS1_2_VERSION);
#endif
+ /*
+ * TODO(TLS1.3): Test temporarily disabled for TLS1.3 until we've
+ * implemented session resumption.
+ */
+ SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION);
+
/* Set up session cache */
if (fix.use_ext_cache) {
SSL_CTX_sess_set_new_cb(cctx, new_session_cb);
my $self = shift;
my $ptr = 2;
my ($server_version) = unpack('n', $self->data);
+
+ # TODO(TLS1.3): Replace this reference to draft version before release
+ if ($server_version == TLSProxy::Record::VERS_TLS_1_3_DRAFT) {
+ $server_version = TLSProxy::Record::VERS_TLS_1_3;
+ TLSProxy::Proxy->is_tls13(1);
+ }
+
my $random = substr($self->data, $ptr, 32);
$ptr += 32;
- my $session_id_len = unpack('C', substr($self->data, $ptr));
- $ptr++;
- my $session = substr($self->data, $ptr, $session_id_len);
- $ptr += $session_id_len;
+ my $session_id_len = 0;
+ my $session = "";
+ if (!TLSProxy::Proxy->is_tls13()) {
+ $session_id_len = unpack('C', substr($self->data, $ptr));
+ $ptr++;
+ $session = substr($self->data, $ptr, $session_id_len);
+ $ptr += $session_id_len;
+ }
my $ciphersuite = unpack('n', substr($self->data, $ptr));
$ptr += 2;
- my $comp_meth = unpack('C', substr($self->data, $ptr));
- $ptr++;
+ my $comp_meth = 0;
+ if (!TLSProxy::Proxy->is_tls13()) {
+ $comp_meth = unpack('C', substr($self->data, $ptr));
+ $ptr++;
+ }
my $extensions_len = unpack('n', substr($self->data, $ptr));
if (!defined $extensions_len) {
$extensions_len = 0;
$self->process_data();
- # TODO(TLS1.3): Replace this reference to draft version before release
- if ($server_version == TLSProxy::Record::VERS_TLS_1_3_DRAFT) {
+ if (TLSProxy::Proxy->is_tls13()) {
TLSProxy::Record->server_encrypting(1);
TLSProxy::Record->client_encrypting(1);
- TLSProxy::Proxy->is_tls13(1);
}
print " Server Version:".$server_version."\n";
$data = pack('n', $self->server_version);
$data .= $self->random;
- $data .= pack('C', $self->session_id_len);
- $data .= $self->session;
+ if (!TLSProxy::Proxy->is_tls13()) {
+ $data .= pack('C', $self->session_id_len);
+ $data .= $self->session;
+ }
$data .= pack('n', $self->ciphersuite);
- $data .= pack('C', $self->comp_meth);
+ if (!TLSProxy::Proxy->is_tls13()) {
+ $data .= pack('C', $self->comp_meth);
+ }
foreach my $key (keys %{$self->extension_data}) {
my $extdata = ${$self->extension_data}{$key};
{
my $self = shift;
if (@_) {
- $self->{client_version} = shift;
+ $self->{server_version} = shift;
}
- return $self->{client_version};
+ return $self->{server_version};
}
sub random
{
projects / oweals / openssl.git / commitdiff