Update code for the final RFC version of TLSv1.3 (RFC8446)

Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6741)
author: Matt Caswell <matt@openssl.org> 2018-07-18 16:05:49 +0100
committer: Matt Caswell <matt@openssl.org> 2018-08-15 12:33:30 +0100
commit: 35e742ecac9239539db016e1282b4cbdf501509c (patch)
tree: 69505449d87cb5902f7db623738266782bb98ac2 /ssl
parent: 58094ab60ff51918a248dc6bd977d48f981fe2c1 (diff)
download: openssl-new-35e742ecac9239539db016e1282b4cbdf501509c.tar.gz
5 files changed, 5 insertions, 67 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index a1a880c05c..6d6404ba3d 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1071,8 +1071,6 @@ struct ssl_st {
      * DTLS1_VERSION)
      */
     int version;
-    /* TODO(TLS1.3): Remove this before release */
-    int version_draft;
     /* SSLv3 */
     const SSL_METHOD *method;
     /*
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index cc4563b357..86d6189ea1 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -530,23 +530,8 @@ EXT_RETURN tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt,
         return EXT_RETURN_FAIL;
     }
 
-    /*
-     * TODO(TLS1.3): There is some discussion on the TLS list as to whether
-     * we should include versions <TLS1.2. For the moment we do. To be
-     * reviewed later.
-     */
     for (currv = max_version; currv >= min_version; currv--) {
-        /* TODO(TLS1.3): Remove this first if clause prior to release!! */
-        if (currv == TLS1_3_VERSION) {
-            if (!WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT)
-                    || !WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT_27)
-                    || !WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION_DRAFT_26)) {
-                SSLfatal(s, SSL_AD_INTERNAL_ERROR,
-                         SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS,
-                         ERR_R_INTERNAL_ERROR);
-                return EXT_RETURN_FAIL;
-            }
-        } else if (!WPACKET_put_bytes_u16(pkt, currv)) {
+        if (!WPACKET_put_bytes_u16(pkt, currv)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS,
                      ERR_R_INTERNAL_ERROR);
@@ -1790,12 +1775,6 @@ int tls_parse_stoc_supported_versions(SSL *s, PACKET *pkt, unsigned int context,
         return 0;
     }
 
-    /* TODO(TLS1.3): Remove this before release */
-    if (version == TLS1_3_VERSION_DRAFT
-            || version == TLS1_3_VERSION_DRAFT_27
-            || version == TLS1_3_VERSION_DRAFT_26)
-        version = TLS1_3_VERSION;
-
     /*
      * The only protocol version we support which is valid in this extension in
      * a ServerHello is TLSv1.3 therefore we shouldn't be getting anything else.
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 00c0ec9c09..295d3e7ee5 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -897,8 +897,7 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     }
     if (!WPACKET_put_bytes_u16(&hrrpkt, TLSEXT_TYPE_supported_versions)
             || !WPACKET_start_sub_packet_u16(&hrrpkt)
-               /* TODO(TLS1.3): Fix this before release */
-            || !WPACKET_put_bytes_u16(&hrrpkt, s->version_draft)
+            || !WPACKET_put_bytes_u16(&hrrpkt, s->version)
             || !WPACKET_close(&hrrpkt)) {
         WPACKET_cleanup(&hrrpkt);
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE,
@@ -1651,8 +1650,7 @@ EXT_RETURN tls_construct_stoc_supported_versions(SSL *s, WPACKET *pkt,
 
     if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_supported_versions)
             || !WPACKET_start_sub_packet_u16(pkt)
-                /* TODO(TLS1.3): Update to remove the TLSv1.3 draft indicator */
-            || !WPACKET_put_bytes_u16(pkt, s->version_draft)
+            || !WPACKET_put_bytes_u16(pkt, s->version)
             || !WPACKET_close(pkt)) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                  SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS,
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index d602846416..d04f8773de 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -1742,8 +1742,6 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
         unsigned int best_vers = 0;
         const SSL_METHOD *best_method = NULL;
         PACKET versionslist;
-        /* TODO(TLS1.3): Remove this before release */
-        unsigned int orig_candidate = 0;
 
         suppversions->parsed = 1;
 
@@ -1765,24 +1763,6 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
             return SSL_R_BAD_LEGACY_VERSION;
 
         while (PACKET_get_net_2(&versionslist, &candidate_vers)) {
-            /* TODO(TLS1.3): Remove this before release */
-            if (candidate_vers == TLS1_3_VERSION_DRAFT
-                    || candidate_vers == TLS1_3_VERSION_DRAFT_27
-                    || candidate_vers == TLS1_3_VERSION_DRAFT_26) {
-                if (best_vers == TLS1_3_VERSION
-                        && orig_candidate > candidate_vers)
-                    continue;
-                orig_candidate = candidate_vers;
-                candidate_vers = TLS1_3_VERSION;
-            } else if (candidate_vers == TLS1_3_VERSION) {
-                /* Don't actually accept real TLSv1.3 */
-                continue;
-            }
-            /*
-             * TODO(TLS1.3): There is some discussion on the TLS list about
-             * whether to ignore versions <TLS1.2 in supported_versions. At the
-             * moment we honour them if present. To be reviewed later
-             */
             if (version_cmp(s, candidate_vers, best_vers) <= 0)
                 continue;
             if (ssl_version_supported(s, candidate_vers, &best_method))
@@ -1805,9 +1785,6 @@ int ssl_choose_server_version(SSL *s, CLIENTHELLO_MSG *hello, DOWNGRADE *dgrd)
             }
             check_for_downgrade(s, best_vers, dgrd);
             s->version = best_vers;
-            /* TODO(TLS1.3): Remove this before release */
-            if (best_vers == TLS1_3_VERSION)
-                s->version_draft = orig_candidate;
             s->method = best_method;
             return 0;
         }
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 4d052d0705..b79c776f2d 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -65,10 +65,6 @@ static const ssl_trace_tbl ssl_version_tbl[] = {
     {TLS1_1_VERSION, "TLS 1.1"},
     {TLS1_2_VERSION, "TLS 1.2"},
     {TLS1_3_VERSION, "TLS 1.3"},
-    /* TODO(TLS1.3): Remove these lines before release */
-    {TLS1_3_VERSION_DRAFT_26, TLS1_3_VERSION_DRAFT_TXT_26},
-    {TLS1_3_VERSION_DRAFT_27, TLS1_3_VERSION_DRAFT_TXT_27},
-    {TLS1_3_VERSION_DRAFT, TLS1_3_VERSION_DRAFT_TXT},
     {DTLS1_VERSION, "DTLS 1.0"},
     {DTLS1_2_VERSION, "DTLS 1.2"},
     {DTLS1_BAD_VER, "DTLS 1.0 (bad)"}
@@ -642,18 +638,8 @@ static int ssl_print_version(BIO *bio, int indent, const char *name,
     if (*pmsglen < 2)
         return 0;
     vers = ((*pmsg)[0] << 8) | (*pmsg)[1];
-    if (version != NULL) {
-        /* TODO(TLS1.3): Remove the draft conditional here before release */
-        switch(vers) {
-        case TLS1_3_VERSION_DRAFT_26:
-        case TLS1_3_VERSION_DRAFT_27:
-        case TLS1_3_VERSION_DRAFT:
-            *version = TLS1_3_VERSION;
-            break;
-        default:
-            *version = vers;
-        }
-    }
+    if (version != NULL)
+        *version = vers;
     BIO_indent(bio, indent, 80);
     BIO_printf(bio, "%s=0x%x (%s)\n",
                name, vers, ssl_trace_str(vers, ssl_version_tbl));
author	Matt Caswell <matt@openssl.org>	2018-07-18 16:05:49 +0100
committer	Matt Caswell <matt@openssl.org>	2018-08-15 12:33:30 +0100
commit	35e742ecac9239539db016e1282b4cbdf501509c (patch)
tree	69505449d87cb5902f7db623738266782bb98ac2 /ssl
parent	58094ab60ff51918a248dc6bd977d48f981fe2c1 (diff)
download	openssl-new-35e742ecac9239539db016e1282b4cbdf501509c.tar.gz