[openssl] master update

Matt Caswell matt at openssl.org
Wed Dec 9 14:58:22 UTC 2020


The branch master has been updated
       via  6582661f7b369c3ce7edab5fea2529de5f2fb408 (commit)
       via  ebda646db6dcc4c3813ffa06d9c548bdf9b9a717 (commit)
      from  7eea331eabe8b0a7ce03c9602a2bc72e9ddfe676 (commit)


- Log -----------------------------------------------------------------
commit 6582661f7b369c3ce7edab5fea2529de5f2fb408
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Nov 3 15:51:23 2020 +0000

    Test that we can negotiate TLSv1.3 if we have an SNI callback
    
    If an SNI callback has been set then we may have no certificuates suitable
    for TLSv1.3 use configured for the current SSL_CTX. This should not prevent
    us from negotiating TLSv1.3, since we may change the SSL_CTX by the time we
    need a suitable certificate.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/13304)

commit ebda646db6dcc4c3813ffa06d9c548bdf9b9a717
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Nov 3 14:01:46 2020 +0000

    Modify is_tls13_capable() to take account of the servername cb
    
    A servername cb may change the available certificates, so if we have one
    set then we cannot rely on the configured certificates to determine if we
    are capable of negotiating TLSv1.3 or not.
    
    Fixes #13291
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/13304)

-----------------------------------------------------------------------

Summary of changes:
 ssl/statem/statem_lib.c | 15 +++++++++++--
 test/sslapitest.c       | 59 +++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 72 insertions(+), 2 deletions(-)

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 44cf5a6ce0..d5def193a0 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -1515,8 +1515,8 @@ static int ssl_method_error(const SSL *s, const SSL_METHOD *method)
 
 /*
  * Only called by servers. Returns 1 if the server has a TLSv1.3 capable
- * certificate type, or has PSK or a certificate callback configured. Otherwise
- * returns 0.
+ * certificate type, or has PSK or a certificate callback configured, or has
+ * a servername callback configure. Otherwise returns 0.
  */
 static int is_tls13_capable(const SSL *s)
 {
@@ -1525,6 +1525,17 @@ static int is_tls13_capable(const SSL *s)
     int curve;
 #endif
 
+    if (!ossl_assert(s->ctx != NULL) || !ossl_assert(s->session_ctx != NULL))
+        return 0;
+
+    /*
+     * A servername callback can change the available certs, so if a servername
+     * cb is set then we just assume TLSv1.3 will be ok
+     */
+    if (s->ctx->ext.servername_cb != NULL
+            || s->session_ctx->ext.servername_cb != NULL)
+        return 1;
+
 #ifndef OPENSSL_NO_PSK
     if (s->psk_server_callback != NULL)
         return 1;
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 6592b6bda6..6683fccbed 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -8372,6 +8372,62 @@ static int test_dh_auto(int idx)
 # endif /* OPENSSL_NO_DH */
 #endif /* OPENSSL_NO_TLS1_2 */
 
+#ifndef OPENSSL_NO_TLS1_3
+/*
+ * Test that setting an SNI callback works with TLSv1.3. Specifically we check
+ * that it works even without a certificate configured for the original
+ * SSL_CTX
+ */
+static int test_sni_tls13(void)
+{
+    SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL;
+    SSL *clientssl = NULL, *serverssl = NULL;
+    int testresult = 0;
+
+    /* Reset callback counter */
+    snicb = 0;
+
+    /* Create an initial SSL_CTX with no certificate configured */
+    sctx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method());
+    if (!TEST_ptr(sctx))
+        goto end;
+    /* Require TLSv1.3 as a minimum */
+    if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
+                                       TLS_client_method(), TLS1_3_VERSION, 0,
+                                       &sctx2, &cctx, cert, privkey)))
+        goto end;
+
+    /* Set up SNI */
+    if (!TEST_true(SSL_CTX_set_tlsext_servername_callback(sctx, sni_cb))
+            || !TEST_true(SSL_CTX_set_tlsext_servername_arg(sctx, sctx2)))
+        goto end;
+
+    /*
+     * Connection should still succeed because the final SSL_CTX has the right
+     * certificates configured.
+     */
+    if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
+                                      &clientssl, NULL, NULL))
+            || !TEST_true(create_ssl_connection(serverssl, clientssl,
+                                                SSL_ERROR_NONE)))
+        goto end;
+
+    /* We should have had the SNI callback called exactly once */
+    if (!TEST_int_eq(snicb, 1))
+        goto end;
+
+    testresult = 1;
+
+end:
+    SSL_free(serverssl);
+    SSL_free(clientssl);
+    SSL_CTX_free(sctx2);
+    SSL_CTX_free(sctx);
+    SSL_CTX_free(cctx);
+    return testresult;
+}
+#endif
+
 OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile provider config\n")
 
 int setup_tests(void)
@@ -8614,6 +8670,9 @@ int setup_tests(void)
     ADD_ALL_TESTS(test_set_tmp_dh, 11);
     ADD_ALL_TESTS(test_dh_auto, 7);
 # endif
+#endif
+#ifndef OPENSSL_NO_TLS1_3
+    ADD_TEST(test_sni_tls13);
 #endif
     return 1;
 


More information about the openssl-commits mailing list