Commit cfef5027 authored by Matt Caswell's avatar Matt Caswell
Browse files

Add basic TLSv1.3 cookie support 



We do not allow the generation of TLSv1.3 cookies. But if we receive one
in an HRR we will echo it back in the ClientHello.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2839)
parent 6356716a

include/openssl/ssl.h

+2 −0
Original line number Diff line number Diff line
@@ -2348,6 +2348,7 @@ int ERR_load_SSL_strings(void); 
# define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY                489

# define SSL_F_TLS_CONSTRUCT_CTOS_ALPN                    466

# define SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE             355

# define SSL_F_TLS_CONSTRUCT_CTOS_COOKIE                  535

# define SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA              530

# define SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS           467

# define SSL_F_TLS_CONSTRUCT_CTOS_EMS                     468
@@ -2408,6 +2409,7 @@ int ERR_load_SSL_strings(void); 
# define SSL_F_TLS_PARSE_CTOS_PSK                         505

# define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE                 464

# define SSL_F_TLS_PARSE_CTOS_USE_SRTP                    465

# define SSL_F_TLS_PARSE_STOC_COOKIE                      534

# define SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO             528

# define SSL_F_TLS_PARSE_STOC_KEY_SHARE                   445

# define SSL_F_TLS_PARSE_STOC_PSK                         502

include/openssl/tls1.h

+1 −0
Original line number Diff line number Diff line
@@ -181,6 +181,7 @@ extern "C" { 
# define TLSEXT_TYPE_psk                         41

# define TLSEXT_TYPE_early_data                  42

# define TLSEXT_TYPE_supported_versions          43

# define TLSEXT_TYPE_cookie                      44

# define TLSEXT_TYPE_psk_kex_modes               45

# define TLSEXT_TYPE_early_data_info             46

ssl/ssl_err.c

+2 −0
Original line number Diff line number Diff line
@@ -304,6 +304,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { 
    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_ALPN), "tls_construct_ctos_alpn"},

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE),

     "TLS_CONSTRUCT_CTOS_CERTIFICATE"},

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_COOKIE), "tls_construct_ctos_cookie"},

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA),

     "tls_construct_ctos_early_data"},

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS),
@@ -401,6 +402,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { 
    {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_RENEGOTIATE),

     "tls_parse_ctos_renegotiate"},

    {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_USE_SRTP), "tls_parse_ctos_use_srtp"},

    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_COOKIE), "tls_parse_stoc_cookie"},

    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO),

     "tls_parse_stoc_early_data_info"},

    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_KEY_SHARE), "tls_parse_stoc_key_share"},

ssl/ssl_lib.c

+1 −0
Original line number Diff line number Diff line
@@ -1017,6 +1017,7 @@ void SSL_free(SSL *s) 
#endif

    OPENSSL_free(s->ext.ocsp.resp);

    OPENSSL_free(s->ext.alpn);

    OPENSSL_free(s->ext.tls13_cookie);

    OPENSSL_free(s->clienthello);



    sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);

ssl/ssl_locl.h

+5 −0
Original line number Diff line number Diff line
@@ -1211,6 +1211,10 @@ struct ssl_st { 
        int early_data;

        /* Is the session suitable for early data? */

        int early_data_ok;



        /* May be sent by a server in HRR. Must be echoed back in ClientHello */

        unsigned char *tls13_cookie;

        size_t tls13_cookie_len;

    } ext;



    /* Parsed form of the ClientHello, kept around across early_cb calls. */
@@ -1801,6 +1805,7 @@ typedef enum tlsext_index_en { 
    TLSEXT_IDX_supported_versions,

    TLSEXT_IDX_psk_kex_modes,

    TLSEXT_IDX_key_share,

    TLSEXT_IDX_cookie,

    TLSEXT_IDX_cryptopro_bug,

    TLSEXT_IDX_early_data,

    TLSEXT_IDX_padding,