Hello community,
here is the log from the commit of package libressl for openSUSE:Factory
checked in at 2020-08-19 18:59:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libressl (Old)
and /work/SRC/openSUSE:Factory/.libressl.new.3399 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libressl"
Wed Aug 19 18:59:38 2020 rev:52 rq:827860 version:3.1.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/libressl/libressl.changes 2020-06-25
15:08:07.181495488 +0200
+++ /work/SRC/openSUSE:Factory/.libressl.new.3399/libressl.changes
2020-08-19 19:00:18.683956605 +0200
@@ -1,0 +2,21 @@
+Wed Aug 19 10:30:23 UTC 2020 - Jan Engelhardt <jeng...@inai.de>
+
+- Update to release 3.1.4
+ * TLS 1.3 client improvements:
+ * Improve client certificate selection to allow EC certificates
+ instead of only RSA certificates.
+ * Do not error out if a TLSv1.3 server requests an OCSP
+ response as part of a certificate request.
+ * Fix SSL_shutdown behavior to match the legacy stack. The
+ previous behaviour could cause a hang.
+ * Fix a memory leak and add a missing error check in the
+ handling of the key update message.
+ * Fix a memory leak in tls13_record_layer_set_traffic_key.
+ * Avoid calling freezero with a negative size if a server sends
+ a malformed plaintext of all zeroes.
+ * Ensure that only PSS may be used with RSA in TLSv1.3 in order
+ to avoid using PKCS1-based signatures.
+ * Add the P-521 curve to the list of curves supported by
+ default in the client.
+
+-------------------------------------------------------------------
Old:
----
libressl-3.1.3.tar.gz
libressl-3.1.3.tar.gz.asc
New:
----
libressl-3.1.4.tar.gz
libressl-3.1.4.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libressl.spec ++++++
--- /var/tmp/diff_new_pack.NoP41d/_old 2020-08-19 19:00:22.619958585 +0200
+++ /var/tmp/diff_new_pack.NoP41d/_new 2020-08-19 19:00:22.623958587 +0200
@@ -17,7 +17,7 @@
Name: libressl
-Version: 3.1.3
+Version: 3.1.4
Release: 0
Summary: An SSL/TLS protocol implementation
License: OpenSSL
++++++ libressl-3.1.3.tar.gz -> libressl-3.1.4.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/ChangeLog new/libressl-3.1.4/ChangeLog
--- old/libressl-3.1.3/ChangeLog 2020-06-12 16:40:03.000000000 +0200
+++ new/libressl-3.1.4/ChangeLog 2020-08-17 17:24:08.000000000 +0200
@@ -28,6 +28,31 @@
LibreSSL Portable Release Notes:
+3.1.4 - Interoperability and bug fixes for the TLSv1.3 client:
+
+ * Improve client certificate selection to allow EC certificates
+ instead of only RSA certificates.
+
+ * Do not error out if a TLSv1.3 server requests an OCSP response as
+ part of a certificate request.
+
+ * Fix SSL_shutdown behavior to match the legacy stack. The previous
+ behaviour could cause a hang.
+
+ * Fix a memory leak and add a missing error check in the handling of
+ the key update message.
+
+ * Fix a memory leak in tls13_record_layer_set_traffic_key.
+
+ * Avoid calling freezero with a negative size if a server sends a
+ malformed plaintext of all zeroes.
+
+ * Ensure that only PSS may be used with RSA in TLSv1.3 in order
+ to avoid using PKCS1-based signatures.
+
+ * Add the P-521 curve to the list of curves supported by default
+ in the client.
+
3.1.3 - Bug fix
* libcrypto may fail to build a valid certificate chain due to
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/VERSION new/libressl-3.1.4/VERSION
--- old/libressl-3.1.3/VERSION 2020-06-12 20:28:18.000000000 +0200
+++ new/libressl-3.1.4/VERSION 2020-08-17 17:24:23.000000000 +0200
@@ -1,2 +1,2 @@
-3.1.3
+3.1.4
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/configure new/libressl-3.1.4/configure
--- old/libressl-3.1.3/configure 2020-06-12 20:29:08.000000000 +0200
+++ new/libressl-3.1.4/configure 2020-08-17 17:25:13.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for libressl 3.1.3.
+# Generated by GNU Autoconf 2.69 for libressl 3.1.4.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -587,8 +587,8 @@
# Identity of this package.
PACKAGE_NAME='libressl'
PACKAGE_TARNAME='libressl'
-PACKAGE_VERSION='3.1.3'
-PACKAGE_STRING='libressl 3.1.3'
+PACKAGE_VERSION='3.1.4'
+PACKAGE_STRING='libressl 3.1.4'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -1449,7 +1449,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures libressl 3.1.3 to adapt to many kinds of systems.
+\`configure' configures libressl 3.1.4 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1520,7 +1520,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of libressl 3.1.3:";;
+ short | recursive ) echo "Configuration of libressl 3.1.4:";;
esac
cat <<\_ACEOF
@@ -1637,7 +1637,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-libressl configure 3.1.3
+libressl configure 3.1.4
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2185,7 +2185,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by libressl $as_me 3.1.3, which was
+It was created by libressl $as_me 3.1.4, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3126,7 +3126,7 @@
# Define the identity of the package.
PACKAGE='libressl'
- VERSION='3.1.3'
+ VERSION='3.1.4'
cat >>confdefs.h <<_ACEOF
@@ -14899,7 +14899,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by libressl $as_me 3.1.3, which was
+This file was extended by libressl $as_me 3.1.4, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -14956,7 +14956,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-libressl config.status 3.1.3
+libressl config.status 3.1.4
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/include/openssl/opensslv.h
new/libressl-3.1.4/include/openssl/opensslv.h
--- old/libressl-3.1.3/include/openssl/opensslv.h 2020-06-12
17:42:59.000000000 +0200
+++ new/libressl-3.1.4/include/openssl/opensslv.h 2020-08-17
17:24:08.000000000 +0200
@@ -3,9 +3,9 @@
#define HEADER_OPENSSLV_H
/* These will change with each release of LibreSSL-portable */
-#define LIBRESSL_VERSION_NUMBER 0x3010300fL
+#define LIBRESSL_VERSION_NUMBER 0x3010400fL
/* ^ Patch starts here */
-#define LIBRESSL_VERSION_TEXT "LibreSSL 3.1.3"
+#define LIBRESSL_VERSION_TEXT "LibreSSL 3.1.4"
/* These will never change */
#define OPENSSL_VERSION_NUMBER 0x20000000L
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/ssl/ssl_locl.h
new/libressl-3.1.4/ssl/ssl_locl.h
--- old/libressl-3.1.3/ssl/ssl_locl.h 2020-06-11 04:04:13.000000000 +0200
+++ new/libressl-3.1.4/ssl/ssl_locl.h 2020-08-17 17:24:15.000000000 +0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.272 2020/04/18 14:07:56 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.272.4.1 2020/08/10 18:59:47 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (e...@cryptsoft.com)
* All rights reserved.
*
@@ -433,6 +433,12 @@
uint8_t *sigalgs;
} SSL_HANDSHAKE;
+typedef struct cert_pkey_st {
+ X509 *x509;
+ EVP_PKEY *privatekey;
+ STACK_OF(X509) *chain;
+} CERT_PKEY;
+
typedef struct ssl_handshake_tls13_st {
uint16_t min_version;
uint16_t max_version;
@@ -441,6 +447,10 @@
int use_legacy;
int hrr;
+ /* Certificate and sigalg selected for use (static pointers) */
+ const CERT_PKEY *cpk;
+ const struct ssl_sigalg *sigalg;
+
/* Version proposed by peer server. */
uint16_t server_version;
@@ -988,12 +998,6 @@
} DTLS1_STATE_INTERNAL;
#define D1I(s) (s->d1->internal)
-typedef struct cert_pkey_st {
- X509 *x509;
- EVP_PKEY *privatekey;
- STACK_OF(X509) *chain;
-} CERT_PKEY;
-
typedef struct cert_st {
/* Current active set */
CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/ssl/ssl_sigalgs.c
new/libressl-3.1.4/ssl/ssl_sigalgs.c
--- old/libressl-3.1.3/ssl/ssl_sigalgs.c 2020-06-11 04:04:13.000000000
+0200
+++ new/libressl-3.1.4/ssl/ssl_sigalgs.c 2020-08-17 17:24:15.000000000
+0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.20 2019/04/01 02:09:21 beck Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.20.8.1 2020/08/10 18:59:47 tb Exp $ */
/*
* Copyright (c) 2018-2019 Bob Beck <b...@openbsd.org>
*
@@ -322,6 +322,12 @@
tls_sigalgs_len)) == NULL)
continue;
+ /* RSA cannot be used without PSS in TLSv1.3. */
+ if (TLS1_get_version(s) >= TLS1_3_VERSION &&
+ sigalg->key_type == EVP_PKEY_RSA &&
+ (sigalg->flags & SIGALG_FLAG_RSA_PSS) == 0)
+ continue;
+
if (ssl_sigalg_pkey_ok(sigalg, pkey, check_curve))
return sigalg;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/ssl/ssl_tlsext.c
new/libressl-3.1.4/ssl/ssl_tlsext.c
--- old/libressl-3.1.3/ssl/ssl_tlsext.c 2020-06-11 04:04:13.000000000 +0200
+++ new/libressl-3.1.4/ssl/ssl_tlsext.c 2020-08-17 17:24:15.000000000 +0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.63 2020/04/21 17:06:16 jsing Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.63.4.1 2020/08/10 18:59:47 tb Exp $ */
/*
* Copyright (c) 2016, 2017, 2019 Joel Sing <js...@openbsd.org>
* Copyright (c) 2017 Doug Hogan <d...@openbsd.org>
@@ -896,12 +896,49 @@
int
tlsext_ocsp_client_parse(SSL *s, CBS *cbs, int *alert)
{
- if (s->tlsext_status_type == -1) {
- *alert = TLS1_AD_UNSUPPORTED_EXTENSION;
- return 0;
+ CBS response;
+ size_t resp_len;
+ uint16_t version = TLS1_get_client_version(s);
+ uint8_t status_type;
+
+ if (version >= TLS1_3_VERSION) {
+ /*
+ * RFC 8446, 4.4.2.1 - the server may request an OCSP
+ * response with an empty status_request.
+ */
+ if (CBS_len(cbs) == 0)
+ return 1;
+
+ if (!CBS_get_u8(cbs, &status_type)) {
+ SSLerror(s, SSL_R_LENGTH_MISMATCH);
+ return 0;
+ }
+ if (status_type != TLSEXT_STATUSTYPE_ocsp) {
+ SSLerror(s, SSL_R_UNSUPPORTED_STATUS_TYPE);
+ return 0;
+ }
+ if (!CBS_get_u24_length_prefixed(cbs, &response)) {
+ SSLerror(s, SSL_R_LENGTH_MISMATCH);
+ return 0;
+ }
+ if (CBS_len(&response) > 65536) {
+ SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
+ return 0;
+ }
+ if (!CBS_stow(&response, &s->internal->tlsext_ocsp_resp,
+ &resp_len)) {
+ *alert = SSL_AD_INTERNAL_ERROR;
+ return 0;
+ }
+ s->internal->tlsext_ocsp_resplen = (int)resp_len;
+ } else {
+ if (s->tlsext_status_type == -1) {
+ *alert = TLS1_AD_UNSUPPORTED_EXTENSION;
+ return 0;
+ }
+ /* Set flag to expect CertificateStatus message */
+ s->internal->tlsext_status_expected = 1;
}
- /* Set flag to expect CertificateStatus message */
- s->internal->tlsext_status_expected = 1;
return 1;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/ssl/t1_lib.c
new/libressl-3.1.4/ssl/t1_lib.c
--- old/libressl-3.1.3/ssl/t1_lib.c 2020-06-11 04:04:13.000000000 +0200
+++ new/libressl-3.1.4/ssl/t1_lib.c 2020-08-17 17:24:15.000000000 +0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.165 2020/03/10 17:02:21 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.165.4.1 2020/08/10 18:59:47 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (e...@cryptsoft.com)
* All rights reserved.
*
@@ -250,7 +250,14 @@
};
#endif
-static const uint16_t eccurves_default[] = {
+static const uint16_t eccurves_client_default[] = {
+ 29, /* X25519 (29) */
+ 23, /* secp256r1 (23) */
+ 24, /* secp384r1 (24) */
+ 25, /* secp521r1 (25) */
+};
+
+static const uint16_t eccurves_server_default[] = {
29, /* X25519 (29) */
23, /* secp256r1 (23) */
24, /* secp384r1 (24) */
@@ -374,9 +381,15 @@
*pgroups = s->internal->tlsext_supportedgroups;
*pgroupslen = s->internal->tlsext_supportedgroups_length;
- if (*pgroups == NULL) {
- *pgroups = eccurves_default;
- *pgroupslen = sizeof(eccurves_default) / 2;
+ if (*pgroups != NULL)
+ return;
+
+ if (!s->server) {
+ *pgroups = eccurves_client_default;
+ *pgroupslen = sizeof(eccurves_client_default) / 2;
+ } else {
+ *pgroups = eccurves_server_default;
+ *pgroupslen = sizeof(eccurves_server_default) / 2;
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/ssl/tls13_client.c
new/libressl-3.1.4/ssl/tls13_client.c
--- old/libressl-3.1.3/ssl/tls13_client.c 2020-06-11 04:04:13.000000000
+0200
+++ new/libressl-3.1.4/ssl/tls13_client.c 2020-08-17 17:24:15.000000000
+0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.54.4.1 2020/05/19 20:22:33 tb Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.54.4.2 2020/08/10 18:59:47 tb Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <js...@openbsd.org>
*
@@ -811,30 +811,92 @@
return ret;
}
+static int
+tls13_client_check_certificate(struct tls13_ctx *ctx, CERT_PKEY *cpk,
+ int *ok, const struct ssl_sigalg **out_sigalg)
+{
+ const struct ssl_sigalg *sigalg;
+ SSL *s = ctx->ssl;
+
+ *ok = 0;
+ *out_sigalg = NULL;
+
+ if (cpk->x509 == NULL || cpk->privatekey == NULL)
+ goto done;
+
+ if ((sigalg = ssl_sigalg_select(s, cpk->privatekey)) == NULL)
+ goto done;
+
+ *ok = 1;
+ *out_sigalg = sigalg;
+
+ done:
+ return 1;
+}
+
+static int
+tls13_client_select_certificate(struct tls13_ctx *ctx, CERT_PKEY **out_cpk,
+ const struct ssl_sigalg **out_sigalg)
+{
+ SSL *s = ctx->ssl;
+ const struct ssl_sigalg *sigalg;
+ CERT_PKEY *cpk;
+ int cert_ok;
+
+ *out_cpk = NULL;
+ *out_sigalg = NULL;
+
+ cpk = &s->cert->pkeys[SSL_PKEY_ECC];
+ if (!tls13_client_check_certificate(ctx, cpk, &cert_ok, &sigalg))
+ return 0;
+ if (cert_ok)
+ goto done;
+
+ cpk = &s->cert->pkeys[SSL_PKEY_RSA_ENC];
+ if (!tls13_client_check_certificate(ctx, cpk, &cert_ok, &sigalg))
+ return 0;
+ if (cert_ok)
+ goto done;
+
+ cpk = NULL;
+ sigalg = NULL;
+
+ done:
+ *out_cpk = cpk;
+ *out_sigalg = sigalg;
+
+ return 1;
+}
+
int
tls13_client_certificate_send(struct tls13_ctx *ctx, CBB *cbb)
{
SSL *s = ctx->ssl;
CBB cert_request_context, cert_list;
+ const struct ssl_sigalg *sigalg;
STACK_OF(X509) *chain;
CERT_PKEY *cpk;
X509 *cert;
int i, ret = 0;
- /* XXX - Need to revisit certificate selection. */
- cpk = &s->cert->pkeys[SSL_PKEY_RSA_ENC];
+ if (!tls13_client_select_certificate(ctx, &cpk, &sigalg))
+ goto err;
- if ((chain = cpk->chain) == NULL)
- chain = s->ctx->extra_certs;
+ ctx->hs->cpk = cpk;
+ ctx->hs->sigalg = sigalg;
if (!CBB_add_u8_length_prefixed(cbb, &cert_request_context))
goto err;
if (!CBB_add_u24_length_prefixed(cbb, &cert_list))
goto err;
- if (cpk->x509 == NULL)
+ /* No certificate selected. */
+ if (cpk == NULL)
goto done;
+ if ((chain = cpk->chain) == NULL)
+ chain = s->ctx->extra_certs;
+
if (!tls13_cert_add(&cert_list, cpk->x509))
goto err;
@@ -858,27 +920,23 @@
int
tls13_client_certificate_verify_send(struct tls13_ctx *ctx, CBB *cbb)
{
- SSL *s = ctx->ssl;
- const struct ssl_sigalg *sigalg = NULL;
+ const struct ssl_sigalg *sigalg;
uint8_t *sig = NULL, *sig_content = NULL;
size_t sig_len, sig_content_len;
EVP_MD_CTX *mdctx = NULL;
EVP_PKEY_CTX *pctx;
EVP_PKEY *pkey;
- CERT_PKEY *cpk;
+ const CERT_PKEY *cpk;
CBB sig_cbb;
int ret = 0;
memset(&sig_cbb, 0, sizeof(sig_cbb));
- /* XXX - Need to revisit certificate selection. */
- cpk = &s->cert->pkeys[SSL_PKEY_RSA_ENC];
- pkey = cpk->privatekey;
-
- if ((sigalg = ssl_sigalg_select(s, pkey)) == NULL) {
- /* XXX - SSL_R_SIGNATURE_ALGORITHMS_ERROR */
+ if ((cpk = ctx->hs->cpk) == NULL)
goto err;
- }
+ if ((sigalg = ctx->hs->sigalg) == NULL)
+ goto err;
+ pkey = cpk->privatekey;
if (!CBB_init(&sig_cbb, 0))
goto err;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/ssl/tls13_legacy.c
new/libressl-3.1.4/ssl/tls13_legacy.c
--- old/libressl-3.1.3/ssl/tls13_legacy.c 2020-06-11 04:04:13.000000000
+0200
+++ new/libressl-3.1.4/ssl/tls13_legacy.c 2020-08-17 17:24:15.000000000
+0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_legacy.c,v 1.3.4.1 2020/05/19 20:22:33 tb Exp $ */
+/* $OpenBSD: tls13_legacy.c,v 1.3.4.3 2020/08/17 11:04:20 tb Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <js...@openbsd.org>
*
@@ -486,29 +486,31 @@
return 1;
}
- /* Send close notify. */
if (!ctx->close_notify_sent) {
- ctx->close_notify_sent = 1;
- if ((ret = tls13_send_alert(ctx->rl, SSL_AD_CLOSE_NOTIFY)) < 0)
+ /* Enqueue and send close notify. */
+ if (!(ssl->internal->shutdown & SSL_SENT_SHUTDOWN)) {
+ ssl->internal->shutdown |= SSL_SENT_SHUTDOWN;
+ if ((ret = tls13_send_alert(ctx->rl,
+ SSL_AD_CLOSE_NOTIFY)) < 0)
+ return tls13_legacy_return_code(ssl, ret);
+ }
+ if ((ret = tls13_record_layer_send_pending(ctx->rl)) !=
+ TLS13_IO_SUCCESS)
return tls13_legacy_return_code(ssl, ret);
- }
-
- /* Ensure close notify has been sent. */
- if ((ret = tls13_record_layer_send_pending(ctx->rl)) !=
TLS13_IO_SUCCESS)
- return tls13_legacy_return_code(ssl, ret);
-
- /* Receive close notify. */
- if (!ctx->close_notify_recv) {
+ ctx->close_notify_sent = 1;
+ } else if (!ctx->close_notify_recv) {
/*
- * If there is still application data pending then we have no
- * option but to discard it here. The application should have
- * continued to call SSL_read() instead of SSL_shutdown().
+ * If there is no application data pending, attempt to read more
+ * data in order to receive a close notify. This should trigger
+ * a record to be read from the wire, which may be application
+ * handshake or alert data. Only one attempt is made to match
+ * previous semantics.
*/
- /* XXX - tls13_drain_application_data()? */
- if ((ret = tls13_read_application_data(ctx->rl, buf,
sizeof(buf))) > 0)
- ret = TLS13_IO_WANT_POLLIN;
- if (ret != TLS13_IO_EOF)
- return tls13_legacy_return_code(ssl, ret);
+ if (tls13_pending_application_data(ctx->rl) == 0) {
+ if ((ret = tls13_read_application_data(ctx->rl, buf,
+ sizeof(buf))) < 0)
+ return tls13_legacy_return_code(ssl, ret);
+ }
}
if (ctx->close_notify_recv)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/ssl/tls13_lib.c
new/libressl-3.1.4/ssl/tls13_lib.c
--- old/libressl-3.1.3/ssl/tls13_lib.c 2020-06-11 04:04:13.000000000 +0200
+++ new/libressl-3.1.4/ssl/tls13_lib.c 2020-08-17 17:24:15.000000000 +0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_lib.c,v 1.36 2020/04/28 20:30:41 jsing Exp $ */
+/* $OpenBSD: tls13_lib.c,v 1.36.4.1 2020/08/10 18:59:47 tb Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <js...@openbsd.org>
* Copyright (c) 2019 Bob Beck <b...@openbsd.org>
@@ -227,8 +227,9 @@
CBB cbb;
CBS cbs; /* XXX */
- free(ctx->hs_msg);
- ctx->hs_msg = tls13_handshake_msg_new();
+ tls13_handshake_msg_free(ctx->hs_msg);
+ if ((ctx->hs_msg = tls13_handshake_msg_new()) == NULL)
+ goto err;
if (!tls13_handshake_msg_start(ctx->hs_msg, &cbb,
TLS13_MT_KEY_UPDATE))
goto err;
if (!CBB_add_u8(&cbb, 0))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/ssl/tls13_record_layer.c
new/libressl-3.1.4/ssl/tls13_record_layer.c
--- old/libressl-3.1.3/ssl/tls13_record_layer.c 2020-06-11 04:04:13.000000000
+0200
+++ new/libressl-3.1.4/ssl/tls13_record_layer.c 2020-08-17 17:24:15.000000000
+0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.33 2020/05/03 15:57:25 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.33.4.1 2020/08/10 18:59:47 tb Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <js...@openbsd.org>
*
@@ -435,6 +435,8 @@
struct tls13_secret key = { .data = NULL, .len = 0 };
int ret = 0;
+ EVP_AEAD_CTX_cleanup(aead_ctx);
+
freezero(iv->data, iv->len);
iv->data = NULL;
iv->len = 0;
@@ -523,8 +525,9 @@
tls13_record_layer_open_record_protected(struct tls13_record_layer *rl)
{
CBS header, enc_record;
+ ssize_t inner_len;
uint8_t *content = NULL;
- ssize_t content_len = 0;
+ size_t content_len = 0;
uint8_t content_type;
size_t out_len;
@@ -560,18 +563,18 @@
* Time to hunt for that elusive content type!
*/
/* XXX - CBS from end? CBS_get_end_u8()? */
- content_len = out_len - 1;
- while (content_len >= 0 && content[content_len] == 0)
- content_len--;
- if (content_len < 0)
+ inner_len = out_len - 1;
+ while (inner_len >= 0 && content[inner_len] == 0)
+ inner_len--;
+ if (inner_len < 0)
goto err;
- content_type = content[content_len];
+ content_type = content[inner_len];
tls13_record_layer_rbuf_free(rl);
rl->rbuf_content_type = content_type;
rl->rbuf = content;
- rl->rbuf_len = content_len;
+ rl->rbuf_len = inner_len;
CBS_init(&rl->rbuf_cbs, rl->rbuf, rl->rbuf_len);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libressl-3.1.3/tests/tlsexttest.c
new/libressl-3.1.4/tests/tlsexttest.c
--- old/libressl-3.1.3/tests/tlsexttest.c 2020-06-12 20:28:50.000000000
+0200
+++ new/libressl-3.1.4/tests/tlsexttest.c 2020-08-17 17:24:55.000000000
+0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: tlsexttest.c,v 1.35 2020/04/17 17:24:03 jsing Exp $ */
+/* $OpenBSD: tlsexttest.c,v 1.35.2.1 2020/08/10 18:59:47 tb Exp $ */
/*
* Copyright (c) 2017 Joel Sing <js...@openbsd.org>
* Copyright (c) 2017 Doug Hogan <d...@openbsd.org>
@@ -470,10 +470,11 @@
*/
static uint8_t tlsext_supportedgroups_client_default[] = {
- 0x00, 0x06,
+ 0x00, 0x08,
0x00, 0x1d, /* X25519 (29) */
0x00, 0x17, /* secp256r1 (23) */
- 0x00, 0x18 /* secp384r1 (24) */
+ 0x00, 0x18, /* secp384r1 (24) */
+ 0x00, 0x19, /* secp521r1 (25) */
};
static uint16_t tlsext_supportedgroups_client_secp384r1_val[] = {
@@ -2714,13 +2715,13 @@
#endif /* OPENSSL_NO_SRTP */
unsigned char tlsext_clienthello_default[] = {
- 0x00, 0x32, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00,
- 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d,
- 0x00, 0x17, 0x00, 0x18, 0x00, 0x23, 0x00, 0x00,
- 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08, 0x06,
- 0x06, 0x01, 0x06, 0x03, 0x08, 0x05, 0x05, 0x01,
- 0x05, 0x03, 0x08, 0x04, 0x04, 0x01, 0x04, 0x03,
- 0x02, 0x01, 0x02, 0x03,
+ 0x00, 0x34, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00,
+ 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d,
+ 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23,
+ 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16,
+ 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08, 0x05,
+ 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01,
+ 0x04, 0x03, 0x02, 0x01, 0x02, 0x03,
};
unsigned char tlsext_clienthello_disabled[] = {
