From fe874d27d33faa527b5e945137787bf6b0f5c253 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 4 Apr 2017 11:40:02 +0100 Subject: [PATCH] Move the extensions context codes into the public API This move prepares for the later addition of the new custom extensions API. The context codes have an additional "SSL_" added to their name to ensure we don't have name clashes with other applications. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3139) --- include/openssl/ssl.h | 23 +++++++ ssl/ssl_sess.c | 7 +- ssl/statem/extensions.c | 129 +++++++++++++++++++---------------- ssl/statem/extensions_clnt.c | 4 +- ssl/statem/extensions_srvr.c | 2 +- ssl/statem/statem_clnt.c | 35 +++++----- ssl/statem/statem_lib.c | 2 +- ssl/statem/statem_locl.h | 23 ------- ssl/statem/statem_srvr.c | 29 ++++---- 9 files changed, 135 insertions(+), 119 deletions(-) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 5ebd9979eb..8e2d934fde 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -250,6 +250,29 @@ typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret, STACK_OF(SSL_CIPHER) *peer_ciphers, const SSL_CIPHER **cipher, void *arg); +/* Extension context codes */ +/* This extension is only allowed in TLS */ +#define SSL_EXT_TLS_ONLY 0x0001 +/* This extension is only allowed in DTLS */ +#define SSL_EXT_DTLS_ONLY 0x0002 +/* Some extensions may be allowed in DTLS but we don't implement them for it */ +#define SSL_EXT_TLS_IMPLEMENTATION_ONLY 0x0004 +/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */ +#define SSL_EXT_SSL3_ALLOWED 0x0008 +/* Extension is only defined for TLS1.2 and above */ +#define SSL_EXT_TLS1_2_AND_BELOW_ONLY 0x0010 +/* Extension is only defined for TLS1.3 and above */ +#define SSL_EXT_TLS1_3_ONLY 0x0020 +#define SSL_EXT_CLIENT_HELLO 0x0040 +/* Really means TLS1.2 or below */ +#define SSL_EXT_TLS1_2_SERVER_HELLO 0x0080 +#define SSL_EXT_TLS1_3_SERVER_HELLO 0x0100 +#define SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS 0x0200 +#define SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST 0x0400 +#define SSL_EXT_TLS1_3_CERTIFICATE 0x0800 +#define SSL_EXT_TLS1_3_NEW_SESSION_TICKET 0x1000 +#define SSL_EXT_TLS1_3_CERTIFICATE_REQUEST 0x2000 + /* Typedefs for handling custom extensions */ typedef int (*custom_ext_add_cb) (SSL *s, unsigned int ext_type, diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index ab194979fc..d1a4014316 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -468,9 +468,10 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello, int *al) TICKET_RETURN r; if (SSL_IS_TLS13(s)) { - if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes, EXT_CLIENT_HELLO, - hello->pre_proc_exts, NULL, 0, al) - || !tls_parse_extension(s, TLSEXT_IDX_psk, EXT_CLIENT_HELLO, + if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes, + SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts, + NULL, 0, al) + || !tls_parse_extension(s, TLSEXT_IDX_psk, SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts, NULL, 0, al)) return -1; diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 96c5394bd6..c2e0411240 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -114,16 +114,16 @@ typedef struct extensions_definition_st { static const EXTENSION_DEFINITION ext_defs[] = { { TLSEXT_TYPE_renegotiate, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO | EXT_SSL3_ALLOWED - | EXT_TLS1_2_AND_BELOW_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_SSL3_ALLOWED | SSL_EXT_TLS1_2_AND_BELOW_ONLY, NULL, tls_parse_ctos_renegotiate, tls_parse_stoc_renegotiate, tls_construct_stoc_renegotiate, tls_construct_ctos_renegotiate, final_renegotiate }, { TLSEXT_TYPE_server_name, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO - | EXT_TLS1_3_ENCRYPTED_EXTENSIONS, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS, init_server_name, tls_parse_ctos_server_name, tls_parse_stoc_server_name, tls_construct_stoc_server_name, tls_construct_ctos_server_name, @@ -132,7 +132,7 @@ static const EXTENSION_DEFINITION ext_defs[] = { #ifndef OPENSSL_NO_SRP { TLSEXT_TYPE_srp, - EXT_CLIENT_HELLO | EXT_TLS1_2_AND_BELOW_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_AND_BELOW_ONLY, init_srp, tls_parse_ctos_srp, NULL, NULL, tls_construct_ctos_srp, NULL }, #else @@ -141,14 +141,15 @@ static const EXTENSION_DEFINITION ext_defs[] = { #ifndef OPENSSL_NO_EC { TLSEXT_TYPE_ec_point_formats, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO | EXT_TLS1_2_AND_BELOW_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_2_AND_BELOW_ONLY, NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats, tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats, final_ec_pt_formats }, { TLSEXT_TYPE_supported_groups, - EXT_CLIENT_HELLO | EXT_TLS1_3_ENCRYPTED_EXTENSIONS, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS, NULL, tls_parse_ctos_supported_groups, NULL, NULL /* TODO(TLS1.3): Need to add this */, tls_construct_ctos_supported_groups, NULL @@ -159,14 +160,15 @@ static const EXTENSION_DEFINITION ext_defs[] = { #endif { TLSEXT_TYPE_session_ticket, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO | EXT_TLS1_2_AND_BELOW_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_2_AND_BELOW_ONLY, init_session_ticket, tls_parse_ctos_session_ticket, tls_parse_stoc_session_ticket, tls_construct_stoc_session_ticket, tls_construct_ctos_session_ticket, NULL }, { TLSEXT_TYPE_signature_algorithms, - EXT_CLIENT_HELLO | EXT_TLS1_3_CERTIFICATE_REQUEST, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_CERTIFICATE_REQUEST, init_sig_algs, tls_parse_ctos_sig_algs, tls_parse_ctos_sig_algs, tls_construct_ctos_sig_algs, tls_construct_ctos_sig_algs, final_sig_algs @@ -174,8 +176,8 @@ static const EXTENSION_DEFINITION ext_defs[] = { #ifndef OPENSSL_NO_OCSP { TLSEXT_TYPE_status_request, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO - | EXT_TLS1_3_CERTIFICATE, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_3_CERTIFICATE, init_status_request, tls_parse_ctos_status_request, tls_parse_stoc_status_request, tls_construct_stoc_status_request, tls_construct_ctos_status_request, NULL @@ -186,7 +188,8 @@ static const EXTENSION_DEFINITION ext_defs[] = { #ifndef OPENSSL_NO_NEXTPROTONEG { TLSEXT_TYPE_next_proto_neg, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO | EXT_TLS1_2_AND_BELOW_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_2_AND_BELOW_ONLY, init_npn, tls_parse_ctos_npn, tls_parse_stoc_npn, tls_construct_stoc_next_proto_neg, tls_construct_ctos_npn, NULL }, @@ -199,16 +202,16 @@ static const EXTENSION_DEFINITION ext_defs[] = { * happens after server_name callbacks */ TLSEXT_TYPE_application_layer_protocol_negotiation, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO - | EXT_TLS1_3_ENCRYPTED_EXTENSIONS, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS, init_alpn, tls_parse_ctos_alpn, tls_parse_stoc_alpn, tls_construct_stoc_alpn, tls_construct_ctos_alpn, final_alpn }, #ifndef OPENSSL_NO_SRTP { TLSEXT_TYPE_use_srtp, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO - | EXT_TLS1_3_ENCRYPTED_EXTENSIONS | EXT_DTLS_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS | SSL_EXT_DTLS_ONLY, init_srtp, tls_parse_ctos_use_srtp, tls_parse_stoc_use_srtp, tls_construct_stoc_use_srtp, tls_construct_ctos_use_srtp, NULL }, @@ -217,15 +220,16 @@ static const EXTENSION_DEFINITION ext_defs[] = { #endif { TLSEXT_TYPE_encrypt_then_mac, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO | EXT_TLS1_2_AND_BELOW_ONLY | EXT_SSL3_ALLOWED, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_2_AND_BELOW_ONLY, init_etm, tls_parse_ctos_etm, tls_parse_stoc_etm, tls_construct_stoc_etm, tls_construct_ctos_etm, NULL }, #ifndef OPENSSL_NO_CT { TLSEXT_TYPE_signed_certificate_timestamp, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO - | EXT_TLS1_3_CERTIFICATE, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_3_CERTIFICATE, NULL, /* * No server side support for this, but can be provided by a custom @@ -239,20 +243,23 @@ static const EXTENSION_DEFINITION ext_defs[] = { #endif { TLSEXT_TYPE_extended_master_secret, - EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO | EXT_TLS1_2_AND_BELOW_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_2_AND_BELOW_ONLY, init_ems, tls_parse_ctos_ems, tls_parse_stoc_ems, tls_construct_stoc_ems, tls_construct_ctos_ems, final_ems }, { TLSEXT_TYPE_supported_versions, - EXT_CLIENT_HELLO | EXT_TLS_IMPLEMENTATION_ONLY | EXT_TLS1_3_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS_IMPLEMENTATION_ONLY + | SSL_EXT_TLS1_3_ONLY, NULL, /* Processed inline as part of version selection */ NULL, NULL, NULL, tls_construct_ctos_supported_versions, NULL }, { TLSEXT_TYPE_psk_kex_modes, - EXT_CLIENT_HELLO | EXT_TLS_IMPLEMENTATION_ONLY | EXT_TLS1_3_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS_IMPLEMENTATION_ONLY + | SSL_EXT_TLS1_3_ONLY, init_psk_kex_modes, tls_parse_ctos_psk_kex_modes, NULL, NULL, tls_construct_ctos_psk_kex_modes, NULL }, @@ -263,9 +270,9 @@ static const EXTENSION_DEFINITION ext_defs[] = { * been parsed before we do this one. */ TLSEXT_TYPE_key_share, - EXT_CLIENT_HELLO | EXT_TLS1_3_SERVER_HELLO - | EXT_TLS1_3_HELLO_RETRY_REQUEST | EXT_TLS_IMPLEMENTATION_ONLY - | EXT_TLS1_3_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_SERVER_HELLO + | SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST | SSL_EXT_TLS_IMPLEMENTATION_ONLY + | SSL_EXT_TLS1_3_ONLY, NULL, tls_parse_ctos_key_share, tls_parse_stoc_key_share, tls_construct_stoc_key_share, tls_construct_ctos_key_share, final_key_share @@ -273,8 +280,8 @@ static const EXTENSION_DEFINITION ext_defs[] = { #endif { TLSEXT_TYPE_cookie, - EXT_CLIENT_HELLO | EXT_TLS1_3_HELLO_RETRY_REQUEST - | EXT_TLS_IMPLEMENTATION_ONLY | EXT_TLS1_3_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST + | SSL_EXT_TLS_IMPLEMENTATION_ONLY | SSL_EXT_TLS1_3_ONLY, NULL, NULL, tls_parse_stoc_cookie, NULL, tls_construct_ctos_cookie, NULL }, @@ -284,20 +291,21 @@ static const EXTENSION_DEFINITION ext_defs[] = { * SSL_OP_CRYPTOPRO_TLSEXT_BUG is set */ TLSEXT_TYPE_cryptopro_bug, - EXT_TLS1_2_SERVER_HELLO | EXT_TLS1_2_AND_BELOW_ONLY, + SSL_EXT_TLS1_2_SERVER_HELLO | SSL_EXT_TLS1_2_AND_BELOW_ONLY, NULL, NULL, NULL, tls_construct_stoc_cryptopro_bug, NULL, NULL }, { TLSEXT_TYPE_early_data, - EXT_CLIENT_HELLO | EXT_TLS1_3_ENCRYPTED_EXTENSIONS - | EXT_TLS1_3_NEW_SESSION_TICKET, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS + | SSL_EXT_TLS1_3_NEW_SESSION_TICKET, NULL, tls_parse_ctos_early_data, tls_parse_stoc_early_data, tls_construct_stoc_early_data, tls_construct_ctos_early_data, final_early_data }, { TLSEXT_TYPE_certificate_authorities, - EXT_CLIENT_HELLO | EXT_TLS1_3_CERTIFICATE_REQUEST | EXT_TLS1_3_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_CERTIFICATE_REQUEST + | SSL_EXT_TLS1_3_ONLY, init_certificate_authorities, tls_parse_certificate_authorities, tls_parse_certificate_authorities, tls_construct_certificate_authorities, @@ -306,7 +314,7 @@ static const EXTENSION_DEFINITION ext_defs[] = { { /* Must be immediately before pre_shared_key */ TLSEXT_TYPE_padding, - EXT_CLIENT_HELLO, + SSL_EXT_CLIENT_HELLO, NULL, /* We send this, but don't read it */ NULL, NULL, NULL, tls_construct_ctos_padding, NULL @@ -314,8 +322,8 @@ static const EXTENSION_DEFINITION ext_defs[] = { { /* Required by the TLSv1.3 spec to always be the last extension */ TLSEXT_TYPE_psk, - EXT_CLIENT_HELLO | EXT_TLS1_3_SERVER_HELLO | EXT_TLS_IMPLEMENTATION_ONLY - | EXT_TLS1_3_ONLY, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_SERVER_HELLO + | SSL_EXT_TLS_IMPLEMENTATION_ONLY | SSL_EXT_TLS1_3_ONLY, NULL, tls_parse_ctos_psk, tls_parse_stoc_psk, tls_construct_stoc_psk, tls_construct_ctos_psk, NULL } @@ -342,9 +350,9 @@ static int verify_extension(SSL *s, unsigned int context, unsigned int type, return 0; if (SSL_IS_DTLS(s)) { - if ((thisext->context & EXT_TLS_ONLY) != 0) + if ((thisext->context & SSL_EXT_TLS_ONLY) != 0) return 0; - } else if ((thisext->context & EXT_DTLS_ONLY) != 0) { + } else if ((thisext->context & SSL_EXT_DTLS_ONLY) != 0) { return 0; } @@ -353,7 +361,7 @@ static int verify_extension(SSL *s, unsigned int context, unsigned int type, } } - if ((context & (EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO)) == 0) { + if ((context & (SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO)) == 0) { /* * Custom extensions only apply to <=TLS1.2. This extension is unknown * in this context - we allow it @@ -386,12 +394,12 @@ static int extension_is_relevant(SSL *s, unsigned int extctx, unsigned int thisctx) { if ((SSL_IS_DTLS(s) - && (extctx & EXT_TLS_IMPLEMENTATION_ONLY) != 0) + && (extctx & SSL_EXT_TLS_IMPLEMENTATION_ONLY) != 0) || (s->version == SSL3_VERSION - && (extctx & EXT_SSL3_ALLOWED) == 0) + && (extctx & SSL_EXT_SSL3_ALLOWED) == 0) || (SSL_IS_TLS13(s) - && (extctx & EXT_TLS1_2_AND_BELOW_ONLY) != 0) - || (!SSL_IS_TLS13(s) && (extctx & EXT_TLS1_3_ONLY) != 0)) + && (extctx & SSL_EXT_TLS1_2_AND_BELOW_ONLY) != 0) + || (!SSL_IS_TLS13(s) && (extctx & SSL_EXT_TLS1_3_ONLY) != 0)) return 0; return 1; @@ -429,10 +437,10 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context, * Initialise server side custom extensions. Client side is done during * construction of extensions for the ClientHello. */ - if ((context & EXT_CLIENT_HELLO) != 0) { + if ((context & SSL_EXT_CLIENT_HELLO) != 0) { exts = &s->cert->srv_ext; custom_ext_init(&s->cert->srv_ext); - } else if ((context & EXT_TLS1_2_SERVER_HELLO) != 0) { + } else if ((context & SSL_EXT_TLS1_2_SERVER_HELLO) != 0) { exts = &s->cert->cli_ext; } @@ -463,7 +471,7 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context, if (!verify_extension(s, context, type, exts, raw_extensions, &thisex) || (thisex != NULL && thisex->present == 1) || (type == TLSEXT_TYPE_psk - && (context & EXT_CLIENT_HELLO) != 0 + && (context & SSL_EXT_CLIENT_HELLO) != 0 && PACKET_remaining(&extensions) != 0)) { SSLerr(SSL_F_TLS_COLLECT_EXTENSIONS, SSL_R_BAD_EXTENSION); *al = SSL_AD_ILLEGAL_PARAMETER; @@ -562,7 +570,7 @@ int tls_parse_extension(SSL *s, TLSEXT_INDEX idx, int context, */ if ((!s->hit || !s->server) && (context - & (EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO)) != 0 + & (SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO)) != 0 && custom_ext_parse(s, s->server, currext->type, PACKET_data(&currext->data), PACKET_remaining(&currext->data), @@ -587,9 +595,9 @@ int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, X509 *x, const EXTENSION_DEFINITION *thisexd; /* Calculate the number of extensions in the extensions list */ - if ((context & EXT_CLIENT_HELLO) != 0) { + if ((context & SSL_EXT_CLIENT_HELLO) != 0) { numexts += s->cert->srv_ext.meths_count; - } else if ((context & EXT_TLS1_2_SERVER_HELLO) != 0) { + } else if ((context & SSL_EXT_TLS1_2_SERVER_HELLO) != 0) { numexts += s->cert->cli_ext.meths_count; } @@ -640,15 +648,16 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, * If extensions are of zero length then we don't even add the * extensions length bytes to a ClientHello/ServerHello in SSLv3 */ - || ((context & (EXT_CLIENT_HELLO | EXT_TLS1_2_SERVER_HELLO)) != 0 - && s->version == SSL3_VERSION - && !WPACKET_set_flags(pkt, + || ((context & + (SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO)) != 0 + && s->version == SSL3_VERSION + && !WPACKET_set_flags(pkt, WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH))) { SSLerr(SSL_F_TLS_CONSTRUCT_EXTENSIONS, ERR_R_INTERNAL_ERROR); goto err; } - if ((context & EXT_CLIENT_HELLO) != 0) { + if ((context & SSL_EXT_CLIENT_HELLO) != 0) { reason = ssl_get_client_min_max_version(s, &min_version, &max_version); if (reason != 0) { SSLerr(SSL_F_TLS_CONSTRUCT_EXTENSIONS, reason); @@ -657,10 +666,10 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, } /* Add custom extensions first */ - if ((context & EXT_CLIENT_HELLO) != 0) { + if ((context & SSL_EXT_CLIENT_HELLO) != 0) { custom_ext_init(&s->cert->cli_ext); addcustom = 1; - } else if ((context & EXT_TLS1_2_SERVER_HELLO) != 0) { + } else if ((context & SSL_EXT_TLS1_2_SERVER_HELLO) != 0) { /* * We already initialised the custom extensions during ClientHello * parsing. @@ -690,18 +699,18 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, /* Check if this extension is defined for our protocol. If not, skip */ if ((SSL_IS_DTLS(s) - && (thisexd->context & EXT_TLS_IMPLEMENTATION_ONLY) + && (thisexd->context & SSL_EXT_TLS_IMPLEMENTATION_ONLY) != 0) || (s->version == SSL3_VERSION - && (thisexd->context & EXT_SSL3_ALLOWED) == 0) + && (thisexd->context & SSL_EXT_SSL3_ALLOWED) == 0) || (SSL_IS_TLS13(s) - && (thisexd->context & EXT_TLS1_2_AND_BELOW_ONLY) + && (thisexd->context & SSL_EXT_TLS1_2_AND_BELOW_ONLY) != 0) || (!SSL_IS_TLS13(s) - && (thisexd->context & EXT_TLS1_3_ONLY) != 0 - && (context & EXT_CLIENT_HELLO) == 0) - || ((thisexd->context & EXT_TLS1_3_ONLY) != 0 - && (context & EXT_CLIENT_HELLO) != 0 + && (thisexd->context & SSL_EXT_TLS1_3_ONLY) != 0 + && (context & SSL_EXT_CLIENT_HELLO) == 0) + || ((thisexd->context & SSL_EXT_TLS1_3_ONLY) != 0 + && (context & SSL_EXT_CLIENT_HELLO) != 0 && (SSL_IS_DTLS(s) || max_version < TLS1_3_VERSION)) || construct == NULL) continue; diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 8bb9a888f3..af89494507 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -1307,7 +1307,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, return 0; } - if ((context & EXT_TLS1_3_HELLO_RETRY_REQUEST) != 0) { + if ((context & SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST) != 0) { unsigned const char *pcurves = NULL; size_t i, num_curves; @@ -1411,7 +1411,7 @@ int tls_parse_stoc_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context, X509 *x, size_t chainidx, int *al) { - if (context == EXT_TLS1_3_NEW_SESSION_TICKET) { + if (context == SSL_EXT_TLS1_3_NEW_SESSION_TICKET) { unsigned long max_early_data; if (!PACKET_get_net_4(pkt, &max_early_data) diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 076a635d24..da7e8c8aa0 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -1133,7 +1133,7 @@ int tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt, unsigned int context, int tls_construct_stoc_early_data(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, size_t chainidx, int *al) { - if (context == EXT_TLS1_3_NEW_SESSION_TICKET) { + if (context == SSL_EXT_TLS1_3_NEW_SESSION_TICKET) { if (s->max_early_data == 0) return 1; diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index d4f8e0a0c3..8207dde878 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1200,7 +1200,7 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt) } /* TLS extensions */ - if (!tls_construct_extensions(s, pkt, EXT_CLIENT_HELLO, NULL, 0, &al)) { + if (!tls_construct_extensions(s, pkt, SSL_EXT_CLIENT_HELLO, NULL, 0, &al)) { ssl3_send_alert(s, SSL3_AL_FATAL, al); SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); return 0; @@ -1390,8 +1390,8 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) goto f_err; } - context = SSL_IS_TLS13(s) ? EXT_TLS1_3_SERVER_HELLO - : EXT_TLS1_2_SERVER_HELLO; + context = SSL_IS_TLS13(s) ? SSL_EXT_TLS1_3_SERVER_HELLO + : SSL_EXT_TLS1_2_SERVER_HELLO; if (!tls_collect_extensions(s, &extpkt, context, &extensions, &al, NULL)) goto f_err; @@ -1400,7 +1400,7 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) if (SSL_IS_TLS13(s)) { /* This will set s->hit if we are resuming */ if (!tls_parse_extension(s, TLSEXT_IDX_psk, - EXT_TLS1_3_SERVER_HELLO, + SSL_EXT_TLS1_3_SERVER_HELLO, extensions, NULL, 0, &al)) goto f_err; } else { @@ -1634,9 +1634,9 @@ static MSG_PROCESS_RETURN tls_process_hello_retry_request(SSL *s, PACKET *pkt) goto f_err; } - if (!tls_collect_extensions(s, &extpkt, EXT_TLS1_3_HELLO_RETRY_REQUEST, + if (!tls_collect_extensions(s, &extpkt, SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST, &extensions, &al, NULL) - || !tls_parse_all_extensions(s, EXT_TLS1_3_HELLO_RETRY_REQUEST, + || !tls_parse_all_extensions(s, SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST, extensions, NULL, 0, &al)) goto f_err; @@ -1728,9 +1728,10 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, SSL_R_BAD_LENGTH); goto f_err; } - if (!tls_collect_extensions(s, &extensions, EXT_TLS1_3_CERTIFICATE, - &rawexts, &al, NULL) - || !tls_parse_all_extensions(s, EXT_TLS1_3_CERTIFICATE, + if (!tls_collect_extensions(s, &extensions, + SSL_EXT_TLS1_3_CERTIFICATE, &rawexts, + &al, NULL) + || !tls_parse_all_extensions(s, SSL_EXT_TLS1_3_CERTIFICATE, rawexts, x, chainidx, &al)) { OPENSSL_free(rawexts); goto f_err; @@ -2357,9 +2358,9 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt) goto err; } if (!tls_collect_extensions(s, &extensions, - EXT_TLS1_3_CERTIFICATE_REQUEST, + SSL_EXT_TLS1_3_CERTIFICATE_REQUEST, &rawexts, &al, NULL) - || !tls_parse_all_extensions(s, EXT_TLS1_3_CERTIFICATE_REQUEST, + || !tls_parse_all_extensions(s, SSL_EXT_TLS1_3_CERTIFICATE_REQUEST, rawexts, NULL, 0, &al)) { OPENSSL_free(rawexts); goto err; @@ -2511,9 +2512,10 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt) if (!PACKET_as_length_prefixed_2(pkt, &extpkt) || !tls_collect_extensions(s, &extpkt, - EXT_TLS1_3_NEW_SESSION_TICKET, + SSL_EXT_TLS1_3_NEW_SESSION_TICKET, &exts, &al, NULL) - || !tls_parse_all_extensions(s, EXT_TLS1_3_NEW_SESSION_TICKET, + || !tls_parse_all_extensions(s, + SSL_EXT_TLS1_3_NEW_SESSION_TICKET, exts, NULL, 0, &al)) { SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, SSL_R_BAD_EXTENSION); goto f_err; @@ -3479,9 +3481,10 @@ static MSG_PROCESS_RETURN tls_process_encrypted_extensions(SSL *s, PACKET *pkt) goto err; } - if (!tls_collect_extensions(s, &extensions, EXT_TLS1_3_ENCRYPTED_EXTENSIONS, - &rawexts, &al, NULL) - || !tls_parse_all_extensions(s, EXT_TLS1_3_ENCRYPTED_EXTENSIONS, + if (!tls_collect_extensions(s, &extensions, + SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS, &rawexts, + &al, NULL) + || !tls_parse_all_extensions(s, SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS, rawexts, NULL, 0, &al)) goto err; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index f292b829bb..d5e87f7f44 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -801,7 +801,7 @@ static int ssl_add_cert_to_wpacket(SSL *s, WPACKET *pkt, X509 *x, int chain, } if (SSL_IS_TLS13(s) - && !tls_construct_extensions(s, pkt, EXT_TLS1_3_CERTIFICATE, x, + && !tls_construct_extensions(s, pkt, SSL_EXT_TLS1_3_CERTIFICATE, x, chain, al)) return 0; diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h index 9bf1d8aad3..43d79b8b94 100644 --- a/ssl/statem/statem_locl.h +++ b/ssl/statem/statem_locl.h @@ -32,29 +32,6 @@ /* The maximum number of incoming KeyUpdate messages we will accept */ #define MAX_KEY_UPDATE_MESSAGES 32 -/* Extension context codes */ -/* This extension is only allowed in TLS */ -#define EXT_TLS_ONLY 0x0001 -/* This extension is only allowed in DTLS */ -#define EXT_DTLS_ONLY 0x0002 -/* Some extensions may be allowed in DTLS but we don't implement them for it */ -#define EXT_TLS_IMPLEMENTATION_ONLY 0x0004 -/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */ -#define EXT_SSL3_ALLOWED 0x0008 -/* Extension is only defined for TLS1.2 and above */ -#define EXT_TLS1_2_AND_BELOW_ONLY 0x0010 -/* Extension is only defined for TLS1.3 and above */ -#define EXT_TLS1_3_ONLY 0x0020 -#define EXT_CLIENT_HELLO 0x0040 -/* Really means TLS1.2 or below */ -#define EXT_TLS1_2_SERVER_HELLO 0x0080 -#define EXT_TLS1_3_SERVER_HELLO 0x0100 -#define EXT_TLS1_3_ENCRYPTED_EXTENSIONS 0x0200 -#define EXT_TLS1_3_HELLO_RETRY_REQUEST 0x0400 -#define EXT_TLS1_3_CERTIFICATE 0x0800 -#define EXT_TLS1_3_NEW_SESSION_TICKET 0x1000 -#define EXT_TLS1_3_CERTIFICATE_REQUEST 0x2000 - /* Dummy message type */ #define SSL3_MT_DUMMY -1 diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 1c6c35eb06..d931c7f467 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1442,7 +1442,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) /* Preserve the raw extensions PACKET for later use */ extensions = clienthello->extensions; - if (!tls_collect_extensions(s, &extensions, EXT_CLIENT_HELLO, + if (!tls_collect_extensions(s, &extensions, SSL_EXT_CLIENT_HELLO, &clienthello->pre_proc_exts, &al, &clienthello->pre_proc_exts_len)) { /* SSLerr already been called */ @@ -1580,7 +1580,7 @@ static int tls_early_post_process_client_hello(SSL *s, int *al) /* We need to do this before getting the session */ if (!tls_parse_extension(s, TLSEXT_IDX_extended_master_secret, - EXT_CLIENT_HELLO, + SSL_EXT_CLIENT_HELLO, clienthello->pre_proc_exts, NULL, 0, al)) { SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); goto err; @@ -1708,7 +1708,7 @@ static int tls_early_post_process_client_hello(SSL *s, int *al) #endif /* !OPENSSL_NO_EC */ /* TLS extensions */ - if (!tls_parse_all_extensions(s, EXT_CLIENT_HELLO, + if (!tls_parse_all_extensions(s, SSL_EXT_CLIENT_HELLO, clienthello->pre_proc_exts, NULL, 0, al)) { SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_PARSE_TLSEXT); goto err; @@ -2127,8 +2127,8 @@ int tls_construct_server_hello(SSL *s, WPACKET *pkt) && !WPACKET_put_bytes_u8(pkt, compm)) || !tls_construct_extensions(s, pkt, SSL_IS_TLS13(s) - ? EXT_TLS1_3_SERVER_HELLO - : EXT_TLS1_2_SERVER_HELLO, + ? SSL_EXT_TLS1_3_SERVER_HELLO + : SSL_EXT_TLS1_2_SERVER_HELLO, NULL, 0, &al)) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR); goto err; @@ -2510,8 +2510,9 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt) goto err; } - if (!tls_construct_extensions(s, pkt, EXT_TLS1_3_CERTIFICATE_REQUEST, - NULL, 0, &al)) { + if (!tls_construct_extensions(s, pkt, + SSL_EXT_TLS1_3_CERTIFICATE_REQUEST, NULL, + 0, &al)) { SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR); goto err; @@ -3251,9 +3252,10 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt) SSLerr(SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE, SSL_R_BAD_LENGTH); goto f_err; } - if (!tls_collect_extensions(s, &extensions, EXT_TLS1_3_CERTIFICATE, - &rawexts, &al, NULL) - || !tls_parse_all_extensions(s, EXT_TLS1_3_CERTIFICATE, + if (!tls_collect_extensions(s, &extensions, + SSL_EXT_TLS1_3_CERTIFICATE, &rawexts, + &al, NULL) + || !tls_parse_all_extensions(s, SSL_EXT_TLS1_3_CERTIFICATE, rawexts, x, chainidx, &al)) { OPENSSL_free(rawexts); goto f_err; @@ -3550,7 +3552,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt) || !WPACKET_close(pkt) || (SSL_IS_TLS13(s) && !tls_construct_extensions(s, pkt, - EXT_TLS1_3_NEW_SESSION_TICKET, + SSL_EXT_TLS1_3_NEW_SESSION_TICKET, NULL, 0, &al))) { SSLerr(SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET, ERR_R_INTERNAL_ERROR); goto err; @@ -3637,7 +3639,7 @@ static int tls_construct_encrypted_extensions(SSL *s, WPACKET *pkt) { int al; - if (!tls_construct_extensions(s, pkt, EXT_TLS1_3_ENCRYPTED_EXTENSIONS, + if (!tls_construct_extensions(s, pkt, SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS, NULL, 0, &al)) { ssl3_send_alert(s, SSL3_AL_FATAL, al); SSLerr(SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS, ERR_R_INTERNAL_ERROR); @@ -3659,7 +3661,8 @@ static int tls_construct_hello_retry_request(SSL *s, WPACKET *pkt) */ if (!WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT) || !s->method->put_cipher_by_char(s->s3->tmp.new_cipher, pkt, &len) - || !tls_construct_extensions(s, pkt, EXT_TLS1_3_HELLO_RETRY_REQUEST, + || !tls_construct_extensions(s, pkt, + SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST, NULL, 0, &al)) { SSLerr(SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST, ERR_R_INTERNAL_ERROR); goto err; -- 2.25.1