Change-Id: Ib31a12527006ff57beb99bcfd0bf1f906773e1ca Reviewed-on: https://boringssl-review.googlesource.com/29593 Reviewed-by: Adam Langley <agl@google.com>kris/onging/CECPQ3_patch15
@@ -165,7 +165,7 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) { | |||
!CBB_add_asn1_octet_string(&seq, read_iv, read_iv_len) || | |||
!CBB_add_asn1_octet_string(&seq, write_iv, write_iv_len) || | |||
!CBB_add_asn1_bool(&seq, s3->session_reused) || | |||
!CBB_add_asn1_bool(&seq, s3->tlsext_channel_id_valid) || | |||
!CBB_add_asn1_bool(&seq, s3->channel_id_valid) || | |||
!ssl_session_serialize(session, &seq) || | |||
!CBB_add_asn1_octet_string(&seq, s3->next_proto_negotiated.data(), | |||
s3->next_proto_negotiated.size()) || | |||
@@ -174,8 +174,8 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) { | |||
!CBB_add_asn1_octet_string( | |||
&seq, reinterpret_cast<uint8_t *>(s3->hostname.get()), | |||
hostname_len) || | |||
!CBB_add_asn1_octet_string(&seq, s3->tlsext_channel_id, | |||
sizeof(s3->tlsext_channel_id)) || | |||
!CBB_add_asn1_octet_string(&seq, s3->channel_id, | |||
sizeof(s3->channel_id)) || | |||
!CBB_add_asn1_bool(&seq, ssl->s3->token_binding_negotiated) || | |||
!CBB_add_asn1_uint64(&seq, ssl->s3->negotiated_token_binding_param) || | |||
!CBB_add_asn1_bool(&seq, s3->hs->next_proto_neg_seen) || | |||
@@ -251,9 +251,9 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) { | |||
!CBS_get_asn1(&seq, &alpn, CBS_ASN1_OCTETSTRING) || | |||
!CBS_get_asn1(&seq, &hostname, CBS_ASN1_OCTETSTRING) || | |||
!CBS_get_asn1(&seq, &channel_id, CBS_ASN1_OCTETSTRING) || | |||
CBS_len(&channel_id) != sizeof(s3->tlsext_channel_id) || | |||
!CBS_copy_bytes(&channel_id, s3->tlsext_channel_id, | |||
sizeof(s3->tlsext_channel_id)) || | |||
CBS_len(&channel_id) != sizeof(s3->channel_id) || | |||
!CBS_copy_bytes(&channel_id, s3->channel_id, | |||
sizeof(s3->channel_id)) || | |||
!CBS_get_asn1_bool(&seq, &token_binding_negotiated) || | |||
!CBS_get_asn1_uint64(&seq, &negotiated_token_binding_param) || | |||
!CBS_get_asn1_bool(&seq, &next_proto_neg_seen) || | |||
@@ -302,7 +302,7 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) { | |||
return false; | |||
} | |||
s3->session_reused = session_reused; | |||
s3->tlsext_channel_id_valid = channel_id_valid; | |||
s3->channel_id_valid = channel_id_valid; | |||
s3->next_proto_negotiated.CopyFrom(next_proto); | |||
s3->alpn_selected.CopyFrom(alpn); | |||
@@ -1396,12 +1396,12 @@ static enum ssl_hs_wait_t do_send_client_certificate_verify(SSL_HANDSHAKE *hs) { | |||
static enum ssl_hs_wait_t do_send_client_finished(SSL_HANDSHAKE *hs) { | |||
SSL *const ssl = hs->ssl; | |||
// Resolve Channel ID first, before any non-idempotent operations. | |||
if (ssl->s3->tlsext_channel_id_valid) { | |||
if (ssl->s3->channel_id_valid) { | |||
if (!ssl_do_channel_id_callback(hs)) { | |||
return ssl_hs_error; | |||
} | |||
if (hs->config->tlsext_channel_id_private == NULL) { | |||
if (hs->config->channel_id_private == NULL) { | |||
hs->state = state_send_client_finished; | |||
return ssl_hs_channel_id_lookup; | |||
} | |||
@@ -1431,7 +1431,7 @@ static enum ssl_hs_wait_t do_send_client_finished(SSL_HANDSHAKE *hs) { | |||
} | |||
} | |||
if (ssl->s3->tlsext_channel_id_valid) { | |||
if (ssl->s3->channel_id_valid) { | |||
ScopedCBB cbb; | |||
CBB body; | |||
if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_CHANNEL_ID) || | |||
@@ -631,7 +631,7 @@ static enum ssl_hs_wait_t do_select_parameters(SSL_HANDSHAKE *hs) { | |||
hs->cert_request = !!(hs->config->verify_mode & SSL_VERIFY_PEER); | |||
// Only request a certificate if Channel ID isn't negotiated. | |||
if ((hs->config->verify_mode & SSL_VERIFY_PEER_IF_NO_OBC) && | |||
ssl->s3->tlsext_channel_id_valid) { | |||
ssl->s3->channel_id_valid) { | |||
hs->cert_request = false; | |||
} | |||
// CertificateRequest may only be sent in certificate-based ciphers. | |||
@@ -679,9 +679,9 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) { | |||
// We only accept ChannelIDs on connections with ECDHE in order to avoid a | |||
// known attack while we fix ChannelID itself. | |||
if (ssl->s3->tlsext_channel_id_valid && | |||
if (ssl->s3->channel_id_valid && | |||
(hs->new_cipher->algorithm_mkey & SSL_kECDHE) == 0) { | |||
ssl->s3->tlsext_channel_id_valid = false; | |||
ssl->s3->channel_id_valid = false; | |||
} | |||
// If this is a resumption and the original handshake didn't support | |||
@@ -689,7 +689,7 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) { | |||
// session and so cannot resume with ChannelIDs. | |||
if (ssl->session != NULL && | |||
ssl->session->original_handshake_hash_len == 0) { | |||
ssl->s3->tlsext_channel_id_valid = false; | |||
ssl->s3->channel_id_valid = false; | |||
} | |||
struct OPENSSL_timeval now; | |||
@@ -1363,7 +1363,7 @@ static enum ssl_hs_wait_t do_read_next_proto(SSL_HANDSHAKE *hs) { | |||
static enum ssl_hs_wait_t do_read_channel_id(SSL_HANDSHAKE *hs) { | |||
SSL *const ssl = hs->ssl; | |||
if (!ssl->s3->tlsext_channel_id_valid) { | |||
if (!ssl->s3->channel_id_valid) { | |||
hs->state = state12_read_client_finished; | |||
return ssl_hs_ok; | |||
} | |||
@@ -1400,7 +1400,7 @@ static enum ssl_hs_wait_t do_read_client_finished(SSL_HANDSHAKE *hs) { | |||
// If this is a full handshake with ChannelID then record the handshake | |||
// hashes in |hs->new_session| in case we need them to verify a | |||
// ChannelID signature on a resumption of this session in the future. | |||
if (ssl->session == NULL && ssl->s3->tlsext_channel_id_valid && | |||
if (ssl->session == NULL && ssl->s3->channel_id_valid && | |||
!tls1_record_handshake_hashes_for_channel_id(hs)) { | |||
return ssl_hs_error; | |||
} | |||
@@ -2163,9 +2163,8 @@ struct SSL3_STATE { | |||
// In a client, this means that the server supported Channel ID and that a | |||
// Channel ID was sent. In a server it means that we echoed support for | |||
// Channel IDs and that tlsext_channel_id will be valid after the | |||
// handshake. | |||
bool tlsext_channel_id_valid:1; | |||
// Channel IDs and that |channel_id| will be valid after the handshake. | |||
bool channel_id_valid:1; | |||
// key_update_pending is true if we have a KeyUpdate acknowledgment | |||
// outstanding. | |||
@@ -2258,10 +2257,10 @@ struct SSL3_STATE { | |||
UniquePtr<char> hostname; | |||
// For a server: | |||
// If |tlsext_channel_id_valid| is true, then this contains the | |||
// If |channel_id_valid| is true, then this contains the | |||
// verified Channel ID from the client: a P256 point, (x,y), where | |||
// each are big-endian values. | |||
uint8_t tlsext_channel_id[64] = {0}; | |||
uint8_t channel_id[64] = {0}; | |||
// Contains the QUIC transport params received by the peer. | |||
Array<uint8_t> peer_quic_transport_params; | |||
@@ -2450,7 +2449,7 @@ struct SSL_CONFIG { | |||
Array<uint16_t> supported_group_list; // our list | |||
// The client's Channel ID private key. | |||
UniquePtr<EVP_PKEY> tlsext_channel_id_private; | |||
UniquePtr<EVP_PKEY> channel_id_private; | |||
// For a client, this contains the list of supported protocols in wire | |||
// format. | |||
@@ -2476,10 +2475,10 @@ struct SSL_CONFIG { | |||
// whether OCSP stapling will be requested. | |||
bool ocsp_stapling_enabled:1; | |||
// tlsext_channel_id_enabled is copied from the |SSL_CTX|. For a server, | |||
// means that we'll accept Channel IDs from clients. For a client, means that | |||
// we'll advertise support. | |||
bool tlsext_channel_id_enabled:1; | |||
// channel_id_enabled is copied from the |SSL_CTX|. For a server, means that | |||
// we'll accept Channel IDs from clients. For a client, means that we'll | |||
// advertise support. | |||
bool channel_id_enabled:1; | |||
// retain_only_sha256_of_client_certs is true if we should compute the SHA256 | |||
// hash of the peer's certificate and then discard it to save memory and | |||
@@ -2749,8 +2748,8 @@ enum ssl_ticket_aead_result_t ssl_process_ticket( | |||
int tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg); | |||
// tls1_write_channel_id generates a Channel ID message and puts the output in | |||
// |cbb|. |ssl->tlsext_channel_id_private| must already be set before calling. | |||
// This function returns true on success and false on error. | |||
// |cbb|. |ssl->channel_id_private| must already be set before calling. This | |||
// function returns true on success and false on error. | |||
bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb); | |||
// tls1_channel_id_hash computes the hash to be signed by Channel ID and writes | |||
@@ -2762,7 +2761,7 @@ int tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs); | |||
// ssl_do_channel_id_callback checks runs |hs->ssl->ctx->channel_id_cb| if | |||
// necessary. It returns one on success and zero on fatal error. Note that, on | |||
// success, |hs->ssl->tlsext_channel_id_private| may be unset, in which case the | |||
// success, |hs->ssl->channel_id_private| may be unset, in which case the | |||
// operation should be retried later. | |||
int ssl_do_channel_id_callback(SSL_HANDSHAKE *hs); | |||
@@ -2949,8 +2948,8 @@ struct ssl_ctx_st { | |||
uint16_t max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; | |||
// TLS extensions servername callback | |||
int (*tlsext_servername_callback)(SSL *, int *, void *) = nullptr; | |||
void *tlsext_servername_arg = nullptr; | |||
int (*servername_callback)(SSL *, int *, void *) = nullptr; | |||
void *servername_arg = nullptr; | |||
// RFC 4507 session ticket keys. |ticket_key_current| may be NULL before the | |||
// first handshake and |ticket_key_prev| may be NULL at any time. | |||
@@ -3019,7 +3018,7 @@ struct ssl_ctx_st { | |||
bssl::Array<uint16_t> supported_group_list; | |||
// The client's Channel ID private key. | |||
bssl::UniquePtr<EVP_PKEY> tlsext_channel_id_private; | |||
bssl::UniquePtr<EVP_PKEY> channel_id_private; | |||
// keylog_callback, if not NULL, is the key logging callback. See | |||
// |SSL_CTX_set_keylog_callback|. | |||
@@ -3063,10 +3062,10 @@ struct ssl_ctx_st { | |||
// If true, a client will request certificate timestamps. | |||
bool signed_cert_timestamps_enabled:1; | |||
// tlsext_channel_id_enabled is whether Channel ID is enabled. For a server, | |||
// means that we'll accept Channel IDs from clients. For a client, means that | |||
// we'll advertise support. | |||
bool tlsext_channel_id_enabled:1; | |||
// channel_id_enabled is whether Channel ID is enabled. For a server, means | |||
// that we'll accept Channel IDs from clients. For a client, means that we'll | |||
// advertise support. | |||
bool channel_id_enabled:1; | |||
// grease_enabled is whether draft-davidben-tls-grease-01 is enabled. | |||
bool grease_enabled:1; | |||
@@ -3171,7 +3170,7 @@ struct ssl_st { | |||
uint32_t options = 0; // protocol behaviour | |||
uint32_t mode = 0; // API behaviour | |||
uint32_t max_cert_list = 0; | |||
bssl::UniquePtr<char> tlsext_hostname; | |||
bssl::UniquePtr<char> hostname; | |||
// renegotiate_mode controls how peer renegotiation attempts are handled. | |||
ssl_renegotiate_mode_t renegotiate_mode = ssl_renegotiate_never; | |||
@@ -173,7 +173,7 @@ SSL3_STATE::SSL3_STATE() | |||
initial_handshake_complete(false), | |||
session_reused(false), | |||
send_connection_binding(false), | |||
tlsext_channel_id_valid(false), | |||
channel_id_valid(false), | |||
key_update_pending(false), | |||
wpend_pending(false), | |||
early_data_accepted(false), | |||
@@ -540,7 +540,7 @@ ssl_ctx_st::ssl_ctx_st(const SSL_METHOD *ssl_method) | |||
quiet_shutdown(false), | |||
ocsp_stapling_enabled(false), | |||
signed_cert_timestamps_enabled(false), | |||
tlsext_channel_id_enabled(false), | |||
channel_id_enabled(false), | |||
grease_enabled(false), | |||
allow_unknown_alpn_protos(false), | |||
ed25519_enabled(false), | |||
@@ -691,9 +691,8 @@ SSL *SSL_new(SSL_CTX *ctx) { | |||
ssl->config->psk_client_callback = ctx->psk_client_callback; | |||
ssl->config->psk_server_callback = ctx->psk_server_callback; | |||
ssl->config->tlsext_channel_id_enabled = ctx->tlsext_channel_id_enabled; | |||
ssl->config->tlsext_channel_id_private = | |||
UpRef(ctx->tlsext_channel_id_private); | |||
ssl->config->channel_id_enabled = ctx->channel_id_enabled; | |||
ssl->config->channel_id_private = UpRef(ctx->channel_id_private); | |||
ssl->config->signed_cert_timestamps_enabled = | |||
ctx->signed_cert_timestamps_enabled; | |||
@@ -712,7 +711,7 @@ SSL_CONFIG::SSL_CONFIG(SSL *ssl_arg) | |||
: ssl(ssl_arg), | |||
signed_cert_timestamps_enabled(false), | |||
ocsp_stapling_enabled(false), | |||
tlsext_channel_id_enabled(false), | |||
channel_id_enabled(false), | |||
retain_only_sha256_of_client_certs(false), | |||
handoff(false), | |||
shed_handshake_config(false) { | |||
@@ -1827,8 +1826,8 @@ const char *SSL_get_servername(const SSL *ssl, const int type) { | |||
// Historically, |SSL_get_servername| was also the configuration getter | |||
// corresponding to |SSL_set_tlsext_host_name|. | |||
if (ssl->tlsext_hostname != nullptr) { | |||
return ssl->tlsext_hostname.get(); | |||
if (ssl->hostname != nullptr) { | |||
return ssl->hostname.get(); | |||
} | |||
return ssl->s3->hostname.get(); | |||
@@ -1907,7 +1906,7 @@ void SSL_get0_ocsp_response(const SSL *ssl, const uint8_t **out, | |||
} | |||
int SSL_set_tlsext_host_name(SSL *ssl, const char *name) { | |||
ssl->tlsext_hostname.reset(); | |||
ssl->hostname.reset(); | |||
if (name == nullptr) { | |||
return 1; | |||
} | |||
@@ -1917,8 +1916,8 @@ int SSL_set_tlsext_host_name(SSL *ssl, const char *name) { | |||
OPENSSL_PUT_ERROR(SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); | |||
return 0; | |||
} | |||
ssl->tlsext_hostname.reset(BUF_strdup(name)); | |||
if (ssl->tlsext_hostname == nullptr) { | |||
ssl->hostname.reset(BUF_strdup(name)); | |||
if (ssl->hostname == nullptr) { | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); | |||
return 0; | |||
} | |||
@@ -1927,12 +1926,12 @@ int SSL_set_tlsext_host_name(SSL *ssl, const char *name) { | |||
int SSL_CTX_set_tlsext_servername_callback( | |||
SSL_CTX *ctx, int (*callback)(SSL *ssl, int *out_alert, void *arg)) { | |||
ctx->tlsext_servername_callback = callback; | |||
ctx->servername_callback = callback; | |||
return 1; | |||
} | |||
int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg) { | |||
ctx->tlsext_servername_arg = arg; | |||
ctx->servername_arg = arg; | |||
return 1; | |||
} | |||
@@ -2080,7 +2079,7 @@ err: | |||
} | |||
void SSL_CTX_set_tls_channel_id_enabled(SSL_CTX *ctx, int enabled) { | |||
ctx->tlsext_channel_id_enabled = !!enabled; | |||
ctx->channel_id_enabled = !!enabled; | |||
} | |||
int SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx) { | |||
@@ -2092,7 +2091,7 @@ void SSL_set_tls_channel_id_enabled(SSL *ssl, int enabled) { | |||
if (!ssl->config) { | |||
return; | |||
} | |||
ssl->config->tlsext_channel_id_enabled = !!enabled; | |||
ssl->config->channel_id_enabled = !!enabled; | |||
} | |||
int SSL_enable_tls_channel_id(SSL *ssl) { | |||
@@ -2113,8 +2112,8 @@ int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, EVP_PKEY *private_key) { | |||
return 0; | |||
} | |||
ctx->tlsext_channel_id_private = UpRef(private_key); | |||
ctx->tlsext_channel_id_enabled = true; | |||
ctx->channel_id_private = UpRef(private_key); | |||
ctx->channel_id_enabled = true; | |||
return 1; | |||
} | |||
@@ -2128,18 +2127,17 @@ int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key) { | |||
return 0; | |||
} | |||
ssl->config->tlsext_channel_id_private = UpRef(private_key); | |||
ssl->config->tlsext_channel_id_enabled = true; | |||
ssl->config->channel_id_private = UpRef(private_key); | |||
ssl->config->channel_id_enabled = true; | |||
return 1; | |||
} | |||
size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out, size_t max_out) { | |||
if (!ssl->s3->tlsext_channel_id_valid) { | |||
if (!ssl->s3->channel_id_valid) { | |||
return 0; | |||
} | |||
OPENSSL_memcpy(out, ssl->s3->tlsext_channel_id, | |||
(max_out < 64) ? max_out : 64); | |||
OPENSSL_memcpy(out, ssl->s3->channel_id, (max_out < 64) ? max_out : 64); | |||
return 64; | |||
} | |||
@@ -591,7 +591,7 @@ static bool dont_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) { | |||
static bool ext_sni_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) { | |||
SSL *const ssl = hs->ssl; | |||
if (ssl->tlsext_hostname == nullptr) { | |||
if (ssl->hostname == nullptr) { | |||
return true; | |||
} | |||
@@ -601,8 +601,8 @@ static bool ext_sni_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) { | |||
!CBB_add_u16_length_prefixed(&contents, &server_name_list) || | |||
!CBB_add_u8(&server_name_list, TLSEXT_NAMETYPE_host_name) || | |||
!CBB_add_u16_length_prefixed(&server_name_list, &name) || | |||
!CBB_add_bytes(&name, (const uint8_t *)ssl->tlsext_hostname.get(), | |||
strlen(ssl->tlsext_hostname.get())) || | |||
!CBB_add_bytes(&name, (const uint8_t *)ssl->hostname.get(), | |||
strlen(ssl->hostname.get())) || | |||
!CBB_flush(out)) { | |||
return false; | |||
} | |||
@@ -1552,12 +1552,12 @@ static bool ext_alpn_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) { | |||
// https://tools.ietf.org/html/draft-balfanz-tls-channelid-01 | |||
static void ext_channel_id_init(SSL_HANDSHAKE *hs) { | |||
hs->ssl->s3->tlsext_channel_id_valid = false; | |||
hs->ssl->s3->channel_id_valid = false; | |||
} | |||
static bool ext_channel_id_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) { | |||
SSL *const ssl = hs->ssl; | |||
if (!hs->config->tlsext_channel_id_enabled || SSL_is_dtls(ssl)) { | |||
if (!hs->config->channel_id_enabled || SSL_is_dtls(ssl)) { | |||
return true; | |||
} | |||
@@ -1578,13 +1578,13 @@ static bool ext_channel_id_parse_serverhello(SSL_HANDSHAKE *hs, | |||
} | |||
assert(!SSL_is_dtls(ssl)); | |||
assert(hs->config->tlsext_channel_id_enabled); | |||
assert(hs->config->channel_id_enabled); | |||
if (CBS_len(contents) != 0) { | |||
return false; | |||
} | |||
ssl->s3->tlsext_channel_id_valid = true; | |||
ssl->s3->channel_id_valid = true; | |||
return true; | |||
} | |||
@@ -1592,8 +1592,7 @@ static bool ext_channel_id_parse_clienthello(SSL_HANDSHAKE *hs, | |||
uint8_t *out_alert, | |||
CBS *contents) { | |||
SSL *const ssl = hs->ssl; | |||
if (contents == NULL || !hs->config->tlsext_channel_id_enabled || | |||
SSL_is_dtls(ssl)) { | |||
if (contents == NULL || !hs->config->channel_id_enabled || SSL_is_dtls(ssl)) { | |||
return true; | |||
} | |||
@@ -1601,13 +1600,13 @@ static bool ext_channel_id_parse_clienthello(SSL_HANDSHAKE *hs, | |||
return false; | |||
} | |||
ssl->s3->tlsext_channel_id_valid = true; | |||
ssl->s3->channel_id_valid = true; | |||
return true; | |||
} | |||
static bool ext_channel_id_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) { | |||
SSL *const ssl = hs->ssl; | |||
if (!ssl->s3->tlsext_channel_id_valid) { | |||
if (!ssl->s3->channel_id_valid) { | |||
return true; | |||
} | |||
@@ -3396,12 +3395,11 @@ static int ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs) { | |||
int ret = SSL_TLSEXT_ERR_NOACK; | |||
int al = SSL_AD_UNRECOGNIZED_NAME; | |||
if (ssl->ctx->tlsext_servername_callback != 0) { | |||
ret = ssl->ctx->tlsext_servername_callback(ssl, &al, | |||
ssl->ctx->tlsext_servername_arg); | |||
} else if (ssl->session_ctx->tlsext_servername_callback != 0) { | |||
ret = ssl->session_ctx->tlsext_servername_callback( | |||
ssl, &al, ssl->session_ctx->tlsext_servername_arg); | |||
if (ssl->ctx->servername_callback != 0) { | |||
ret = ssl->ctx->servername_callback(ssl, &al, ssl->ctx->servername_arg); | |||
} else if (ssl->session_ctx->servername_callback != 0) { | |||
ret = ssl->session_ctx->servername_callback( | |||
ssl, &al, ssl->session_ctx->servername_arg); | |||
} | |||
switch (ret) { | |||
@@ -3759,11 +3757,11 @@ int tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg) { | |||
if (!sig_ok) { | |||
OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID); | |||
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR); | |||
ssl->s3->tlsext_channel_id_valid = false; | |||
ssl->s3->channel_id_valid = false; | |||
return 0; | |||
} | |||
OPENSSL_memcpy(ssl->s3->tlsext_channel_id, p, 64); | |||
OPENSSL_memcpy(ssl->s3->channel_id, p, 64); | |||
return 1; | |||
} | |||
@@ -3774,8 +3772,7 @@ bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb) { | |||
return false; | |||
} | |||
EC_KEY *ec_key = | |||
EVP_PKEY_get0_EC_KEY(hs->config->tlsext_channel_id_private.get()); | |||
EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(hs->config->channel_id_private.get()); | |||
if (ec_key == nullptr) { | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); | |||
return false; | |||
@@ -3879,7 +3876,7 @@ int tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs) { | |||
} | |||
int ssl_do_channel_id_callback(SSL_HANDSHAKE *hs) { | |||
if (hs->config->tlsext_channel_id_private != NULL || | |||
if (hs->config->channel_id_private != NULL || | |||
hs->ssl->ctx->channel_id_cb == NULL) { | |||
return 1; | |||
} | |||
@@ -442,7 +442,7 @@ static enum ssl_hs_wait_t do_read_encrypted_extensions(SSL_HANDSHAKE *hs) { | |||
OPENSSL_PUT_ERROR(SSL, SSL_R_ALPN_MISMATCH_ON_EARLY_DATA); | |||
return ssl_hs_error; | |||
} | |||
if (ssl->s3->tlsext_channel_id_valid || hs->received_custom_extension || | |||
if (ssl->s3->channel_id_valid || hs->received_custom_extension || | |||
ssl->s3->token_binding_negotiated) { | |||
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION_ON_EARLY_DATA); | |||
return ssl_hs_error; | |||
@@ -691,13 +691,13 @@ static enum ssl_hs_wait_t do_complete_second_flight(SSL_HANDSHAKE *hs) { | |||
SSL *const ssl = hs->ssl; | |||
// Send a Channel ID assertion if necessary. | |||
if (ssl->s3->tlsext_channel_id_valid) { | |||
if (ssl->s3->channel_id_valid) { | |||
if (!ssl_do_channel_id_callback(hs)) { | |||
hs->tls13_state = state_complete_second_flight; | |||
return ssl_hs_error; | |||
} | |||
if (hs->config->tlsext_channel_id_private == NULL) { | |||
if (hs->config->channel_id_private == NULL) { | |||
return ssl_hs_channel_id_lookup; | |||
} | |||
@@ -389,7 +389,7 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) { | |||
// The client must have offered early data. | |||
hs->early_data_offered && | |||
// Channel ID is incompatible with 0-RTT. | |||
!ssl->s3->tlsext_channel_id_valid && | |||
!ssl->s3->channel_id_valid && | |||
// If Token Binding is negotiated, reject 0-RTT. | |||
!ssl->s3->token_binding_negotiated && | |||
// Custom extensions is incompatible with 0-RTT. | |||
@@ -596,7 +596,7 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) { | |||
hs->cert_request = !!(hs->config->verify_mode & SSL_VERIFY_PEER); | |||
// Only request a certificate if Channel ID isn't negotiated. | |||
if ((hs->config->verify_mode & SSL_VERIFY_PEER_IF_NO_OBC) && | |||
ssl->s3->tlsext_channel_id_valid) { | |||
ssl->s3->channel_id_valid) { | |||
hs->cert_request = false; | |||
} | |||
} | |||
@@ -852,7 +852,7 @@ static enum ssl_hs_wait_t do_read_client_certificate_verify( | |||
static enum ssl_hs_wait_t do_read_channel_id(SSL_HANDSHAKE *hs) { | |||
SSL *const ssl = hs->ssl; | |||
if (!ssl->s3->tlsext_channel_id_valid) { | |||
if (!ssl->s3->channel_id_valid) { | |||
hs->tls13_state = state_read_client_finished; | |||
return ssl_hs_ok; | |||
} | |||