diff options
author | Matt Caswell <matt@openssl.org> | 2017-11-08 15:00:48 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-12-14 15:06:37 +0000 |
commit | db37d32cb89160328b0ba48e3808f601a7b3ebe8 (patch) | |
tree | 0a2e56a2614588b59d356945f57f5ce21002cfef /ssl | |
parent | 066904cceef26bbb5c63c237d20829fb0db82ddc (diff) |
Send a CCS after ServerHello in TLSv1.3 if using middlebox compat mode
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_conf.c | 2 | ||||
-rw-r--r-- | ssl/statem/statem_srvr.c | 16 |
2 files changed, 15 insertions, 3 deletions
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 0f53a47043..0cd8ace437 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -592,7 +592,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = { SSL_CONF_CMD_SWITCH("allow_no_dhe_kex", 0), SSL_CONF_CMD_SWITCH("prioritize_chacha", SSL_CONF_FLAG_SERVER), SSL_CONF_CMD_SWITCH("strict", 0), - SSL_CONF_CMD_SWITCH("no_middlebox", SSL_CONF_FLAG_CLIENT), + SSL_CONF_CMD_SWITCH("no_middlebox", 0), SSL_CONF_CMD_STRING(SignatureAlgorithms, "sigalgs", 0), SSL_CONF_CMD_STRING(ClientSignatureAlgorithms, "client_sigalgs", 0), SSL_CONF_CMD_STRING(Curves, "curves", 0), diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 36083096b9..43ad4a4623 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -403,6 +403,13 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s) return WRITE_TRAN_CONTINUE; case TLS_ST_SW_SRVR_HELLO: + if ((s->options & SSL_OP_ENABLE_MIDDLEBOX_COMPAT) != 0) + st->hand_state = TLS_ST_SW_CHANGE; + else + st->hand_state = TLS_ST_SW_ENCRYPTED_EXTENSIONS; + return WRITE_TRAN_CONTINUE; + + case TLS_ST_SW_CHANGE: st->hand_state = TLS_ST_SW_ENCRYPTED_EXTENSIONS; return WRITE_TRAN_CONTINUE; @@ -763,6 +770,12 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst) sizeof(sctpauthkey), sctpauthkey); } #endif + if (!SSL_IS_TLS13(s) + || (s->options & SSL_OP_ENABLE_MIDDLEBOX_COMPAT) != 0) + break; + /* Fall through */ + + case TLS_ST_SW_CHANGE: /* * TODO(TLS1.3): This actually causes a problem. We don't yet know * whether the next record we are going to receive is an unencrypted @@ -783,10 +796,9 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst) /* SSLfatal() already called */ return WORK_ERROR; } + break; } - break; - case TLS_ST_SW_CHANGE: #ifndef OPENSSL_NO_SCTP if (SSL_IS_DTLS(s) && !s->hit) { /* |