[RFC PATCH] BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2

Mon, 01 Jul 2019 13:35:31 -0700 

Commit 54832b97 ("BUILD: enable several LibreSSL hacks, including")
changed empty handshake detection in OpenSSL <= 1.0.2 and LibreSSL,
from accessing packet_length directly (not available in LibreSSL) to
calling SSL_state() instead.

However, SSL_state() appears to be fully broken in both OpenSSL and
LibreSSL.

Since there is no possibility in LibreSSL to detect an empty handshake,
let's not try (like BoringSSL) and restore this functionality for
OpenSSL 1.0.2 and older, by reverting to the previous behavior.

Should be backported to 2.0.
---

Requesting feedback from Ilya.

---
 src/ssl_sock.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index c9fffbe..d4b6852 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5352,7 +5352,7 @@ static int ssl_sock_handshake(struct connection *conn, 
unsigned int flag)
                                if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
                                        conn->flags &= ~CO_FL_WAIT_L4_CONN;
                                if (!conn->err_code) {
-#ifdef OPENSSL_IS_BORINGSSL /* BoringSSL */
+#if defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER) /* 
BoringSSL or LibreSSL */
                                        conn->err_code = CO_ER_SSL_HANDSHAKE;
 #else
                                        int empty_handshake;
@@ -5360,7 +5360,7 @@ static int ssl_sock_handshake(struct connection *conn, 
unsigned int flag)
                                        OSSL_HANDSHAKE_STATE state = 
SSL_get_state((SSL *)ctx->ssl);
                                        empty_handshake = state == 
TLS_ST_BEFORE;
 #else
-                                       empty_handshake = SSL_state((SSL 
*)ctx->ssl) == SSL_ST_BEFORE;
+                                       empty_handshake = 
!ctx->ssl->packet_length;
 #endif
                                        if (empty_handshake) {
                                                if (!errno) {
@@ -5433,7 +5433,7 @@ check_error:
                        if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
                                conn->flags &= ~CO_FL_WAIT_L4_CONN;
                        if (!conn->err_code) {
-#ifdef OPENSSL_IS_BORINGSSL  /* BoringSSL */
+#if defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER) /* 
BoringSSL or LibreSSL */
                                conn->err_code = CO_ER_SSL_HANDSHAKE;
 #else
                                int empty_handshake;
@@ -5441,7 +5441,7 @@ check_error:
                                OSSL_HANDSHAKE_STATE state = 
SSL_get_state(ctx->ssl);
                                empty_handshake = state == TLS_ST_BEFORE;
 #else
-                               empty_handshake = SSL_state((SSL *)ctx->ssl) == 
SSL_ST_BEFORE;
+                               empty_handshake = !ctx->ssl->packet_length;
 #endif
                                if (empty_handshake) {
                                        if (!errno) {
-- 
2.7.4

Reply via email to