Send a CCS after ServerHello in TLSv1.3 if using middlebox compat mode (db37d32c) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/ssl_conf.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -592,7 +592,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
		SSL_CONF_CMD_SWITCH("allow_no_dhe_kex", 0),
		SSL_CONF_CMD_SWITCH("prioritize_chacha", SSL_CONF_FLAG_SERVER),
		SSL_CONF_CMD_SWITCH("strict", 0),
		SSL_CONF_CMD_SWITCH("no_middlebox", SSL_CONF_FLAG_CLIENT),
		SSL_CONF_CMD_SWITCH("no_middlebox", 0),
		SSL_CONF_CMD_STRING(SignatureAlgorithms, "sigalgs", 0),
		SSL_CONF_CMD_STRING(ClientSignatureAlgorithms, "client_sigalgs", 0),
		SSL_CONF_CMD_STRING(Curves, "curves", 0),

+14 −2

Original line number	Diff line number	Diff line
		@@ -403,6 +403,13 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
		return WRITE_TRAN_CONTINUE;

		case TLS_ST_SW_SRVR_HELLO:
		if ((s->options & SSL_OP_ENABLE_MIDDLEBOX_COMPAT) != 0)
		st->hand_state = TLS_ST_SW_CHANGE;
		else
		st->hand_state = TLS_ST_SW_ENCRYPTED_EXTENSIONS;
		return WRITE_TRAN_CONTINUE;

		case TLS_ST_SW_CHANGE:
		st->hand_state = TLS_ST_SW_ENCRYPTED_EXTENSIONS;
		return WRITE_TRAN_CONTINUE;

		@@ -763,6 +770,12 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst)
		sizeof(sctpauthkey), sctpauthkey);
		}
		#endif
		if (!SSL_IS_TLS13(s)
		\|\| (s->options & SSL_OP_ENABLE_MIDDLEBOX_COMPAT) != 0)
		break;
		/* Fall through */

		case TLS_ST_SW_CHANGE:
		/*
		* TODO(TLS1.3): This actually causes a problem. We don't yet know
		* whether the next record we are going to receive is an unencrypted
		@@ -783,10 +796,9 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst)
		/* SSLfatal() already called */
		return WORK_ERROR;
		}
		}
		break;
		}

		case TLS_ST_SW_CHANGE:
		#ifndef OPENSSL_NO_SCTP
		if (SSL_IS_DTLS(s) && !s->hit) {
		/*