summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--crypto/err/openssl.txt1
-rw-r--r--include/openssl/core_names.h1
-rw-r--r--include/openssl/sslerr.h1
-rw-r--r--ssl/record/methods/ktls_meth.c142
-rw-r--r--ssl/record/methods/recmethod_local.h6
-rw-r--r--ssl/record/methods/ssl3_meth.c2
-rw-r--r--ssl/record/methods/tls1_meth.c21
-rw-r--r--ssl/record/methods/tls_common.c29
-rw-r--r--ssl/record/rec_layer_s3.c59
-rw-r--r--ssl/ssl_err.c2
-rw-r--r--ssl/ssl_local.h12
-rw-r--r--ssl/t1_enc.c28
-rw-r--r--ssl/tls13_enc.c2
-rwxr-xr-xutil/mkerr.pl5
14 files changed, 200 insertions, 111 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 8c0d2f4793..3f1d844e04 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1529,6 +1529,7 @@ SSL_R_UNKNOWN_CMD_NAME:386:unknown cmd name
SSL_R_UNKNOWN_COMMAND:139:unknown command
SSL_R_UNKNOWN_DIGEST:368:unknown digest
SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE:250:unknown key exchange type
+SSL_R_UNKNOWN_MANDATORY_PARAMETER:323:unknown mandatory parameter
SSL_R_UNKNOWN_PKEY_TYPE:251:unknown pkey type
SSL_R_UNKNOWN_PROTOCOL:252:unknown protocol
SSL_R_UNKNOWN_SSL_VERSION:254:unknown ssl version
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 1d866368f7..aadce3c034 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -561,6 +561,7 @@ extern "C" {
#define OSSL_LIBSSL_RECORD_LAYER_PARAM_OPTIONS "options"
#define OSSL_LIBSSL_RECORD_LAYER_PARAM_MODE "mode"
#define OSSL_LIBSSL_RECORD_LAYER_PARAM_READ_AHEAD "read_ahead"
+#define OSSL_LIBSSL_RECORD_LAYER_PARAM_USE_ETM "use_etm"
# ifdef __cplusplus
}
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index 0e46b7b026..8248b641d7 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -320,6 +320,7 @@
# define SSL_R_UNKNOWN_COMMAND 139
# define SSL_R_UNKNOWN_DIGEST 368
# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
+# define SSL_R_UNKNOWN_MANDATORY_PARAMETER 323
# define SSL_R_UNKNOWN_PKEY_TYPE 251
# define SSL_R_UNKNOWN_PROTOCOL 252
# define SSL_R_UNKNOWN_SSL_VERSION 254
diff --git a/ssl/record/methods/ktls_meth.c b/ssl/record/methods/ktls_meth.c
index 59f52e4488..dbebb8acf5 100644
--- a/ssl/record/methods/ktls_meth.c
+++ b/ssl/record/methods/ktls_meth.c
@@ -79,14 +79,13 @@ static int check_rx_read_ahead(SSL_CONNECTION *s, unsigned char *rec_seq)
#if defined(__FreeBSD__)
# include "crypto/cryptodev.h"
-/*-
- * Check if a given cipher is supported by the KTLS interface.
- * The kernel might still fail the setsockopt() if no suitable
- * provider is found, but this checks if the socket option
- * supports the cipher suite used at all.
+/*
+ * TODO(RECLAYER): This is essentially a copy of ktls_int_check_supported_cipher
+ * but using an SSL object instead of an OSSL_RECORD_LAYER object. Once
+ * everything has been moved to the reocrd layer this can be deleted
*/
int ktls_check_supported_cipher(const SSL_CONNECTION *s, const EVP_CIPHER *c,
- size_t taglen)
+ const EVP_MD *md, size_t taglen)
{
switch (s->version) {
@@ -99,29 +98,73 @@ int ktls_check_supported_cipher(const SSL_CONNECTION *s, const EVP_CIPHER *c,
return 0;
}
- switch (s->s3.tmp.new_cipher->algorithm_enc) {
- case SSL_AES128GCM:
- case SSL_AES256GCM:
- return 1;
+ if (EVP_CIPHER_is_a(c, "AES-128-GCM")
+ || EVP_CIPHER_is_a(c, "AES-256-GCM")
# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
- case SSL_CHACHA20POLY1305:
- return 1;
+ || EVP_CIPHER_is_a(c, "CHACHA20-POLY1305")
# endif
- case SSL_AES128:
- case SSL_AES256:
- if (s->ext.use_etm)
- return 0;
- switch (s->s3.tmp.new_cipher->algorithm_mac) {
- case SSL_SHA1:
- case SSL_SHA256:
- case SSL_SHA384:
- return 1;
- default:
- return 0;
- }
+ )
+ return 1;
+
+ if (!EVP_CIPHER_is_a(c, "AES-128-CBC")
+ && !EVP_CIPHER_is_a(c, "AES-256-CBC"))
+ return 0;
+
+ if (s->ext.use_etm)
+ return 0;
+
+ if (md == NULL
+ || EVP_MD_is_a(md, "SHA1")
+ || EVP_MD_is_a(md, "SHA2-256")
+ || EVP_MD_is_a(md, "SHA2-384"))
+ return 1;
+
+ return 0;
+}
+
+/*-
+ * Check if a given cipher is supported by the KTLS interface.
+ * The kernel might still fail the setsockopt() if no suitable
+ * provider is found, but this checks if the socket option
+ * supports the cipher suite used at all.
+ */
+static int ktls_int_check_supported_cipher(OSSL_RECORD_LAYER *rl,
+ const EVP_CIPHER *c,
+ const EVP_MD *md,
+ size_t taglen)
+{
+ switch (rl->version) {
+ case TLS1_VERSION:
+ case TLS1_1_VERSION:
+ case TLS1_2_VERSION:
+ case TLS1_3_VERSION:
+ break;
default:
return 0;
}
+
+ if (EVP_CIPHER_is_a(c, "AES-128-GCM")
+ || EVP_CIPHER_is_a(c, "AES-256-GCM")
+# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
+ || EVP_CIPHER_is_a(c, "CHACHA20-POLY1305")
+# endif
+ )
+ return 1;
+
+ if (!EVP_CIPHER_is_a(c, "AES-128-CBC")
+ && !EVP_CIPHER_is_a(c, "AES-256-CBC"))
+ return 0;
+
+ if (rl->use_etm)
+ return 0;
+
+ if (md == NULL
+ || EVP_MD_is_a(md, "SHA1")
+ || EVP_MD_is_a(md, "SHA2-256")
+ || EVP_MD_is_a(md, "SHA2-384"))
+ return 1;
+
+ return 0;
}
/* Function to configure kernel TLS structure */
@@ -187,9 +230,13 @@ int ktls_configure_crypto(SSL_CONNECTION *s, const EVP_CIPHER *c,
#if defined(OPENSSL_SYS_LINUX)
-/* Function to check supported ciphers in Linux */
+/*
+ * TODO(RECLAYER): This is essentially a copy of ktls_int_check_supported_cipher
+ * but using an SSL object instead of an OSSL_RECORD_LAYER object. Once
+ * everything has been moved to the reocrd layer this can be deleted
+ */
int ktls_check_supported_cipher(const SSL_CONNECTION *s, const EVP_CIPHER *c,
- size_t taglen)
+ const EVP_MD *md, size_t taglen)
{
switch (s->version) {
case TLS1_2_VERSION:
@@ -226,6 +273,47 @@ int ktls_check_supported_cipher(const SSL_CONNECTION *s, const EVP_CIPHER *c,
return 0;
}
+/* Function to check supported ciphers in Linux */
+static int ktls_int_check_supported_cipher(OSSL_RECORD_LAYER *rl,
+ const EVP_CIPHER *c,
+ const EVP_MD *md,
+ size_t taglen)
+{
+ switch (rl->version) {
+ case TLS1_2_VERSION:
+ case TLS1_3_VERSION:
+ break;
+ default:
+ return 0;
+ }
+
+ /* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128
+ * or Chacha20-Poly1305
+ */
+# ifdef OPENSSL_KTLS_AES_CCM_128
+ if (EVP_CIPHER_is_a(c, "AES-128-CCM")) {
+ if (rl->version == TLS_1_3_VERSION /* broken on 5.x kernels */
+ || taglen != EVP_CCM_TLS_TAG_LEN)
+ return 0;
+ return 1;
+ } else
+# endif
+ if (0
+# ifdef OPENSSL_KTLS_AES_GCM_128
+ || EVP_CIPHER_is_a(c, "AES-128-GCM")
+# endif
+# ifdef OPENSSL_KTLS_AES_GCM_256
+ || EVP_CIPHER_is_a(c, "AES-256-GCM")
+# endif
+# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
+ || EVP_CIPHER_is_a(c, "ChaCha20-Poly1305")
+# endif
+ ) {
+ return 1;
+ }
+ return 0;
+}
+
/* Function to configure kernel TLS structure */
int ktls_configure_crypto(SSL_CONNECTION *s, const EVP_CIPHER *c,
void *rl_sequence, ktls_crypto_info_t *crypto_info,
@@ -378,7 +466,7 @@ static int ktls_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
return OSSL_RECORD_RETURN_NON_FATAL_ERR;
/* check that cipher is supported */
- if (!ktls_check_supported_cipher(s, ciph, taglen))
+ if (!ktls_int_check_supported_cipher(rl, ciph, md, taglen))
return OSSL_RECORD_RETURN_NON_FATAL_ERR;
/*
diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h
index 6e3f3ee20c..56fd278e76 100644
--- a/ssl/record/methods/recmethod_local.h
+++ b/ssl/record/methods/recmethod_local.h
@@ -139,6 +139,9 @@ struct ossl_record_layer_st
/* Only used by SSLv3 */
unsigned char mac_secret[EVP_MAX_MD_SIZE];
+ /* TLSv1.0/TLSv1.1/TLSv1.2 */
+ int use_etm;
+
/* TLSv1.3 fields */
/* static IV */
unsigned char iv[EVP_MAX_IV_LENGTH];
@@ -177,8 +180,7 @@ void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason,
int ossl_set_tls_provider_parameters(OSSL_RECORD_LAYER *rl,
EVP_CIPHER_CTX *ctx,
const EVP_CIPHER *ciph,
- const EVP_MD *md,
- SSL_CONNECTION *s);
+ const EVP_MD *md);
/* ssl3_cbc.c */
__owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
__owur int ssl3_cbc_digest_record(const EVP_MD *md,
diff --git a/ssl/record/methods/ssl3_meth.c b/ssl/record/methods/ssl3_meth.c
index fa0e1c28a8..a2761de96a 100644
--- a/ssl/record/methods/ssl3_meth.c
+++ b/ssl/record/methods/ssl3_meth.c
@@ -61,7 +61,7 @@ static int ssl3_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
}
if (EVP_CIPHER_get0_provider(ciph) != NULL
- && !ossl_set_tls_provider_parameters(rl, ciph_ctx, ciph, md, s)) {
+ && !ossl_set_tls_provider_parameters(rl, ciph_ctx, ciph, md)) {
return OSSL_RECORD_RETURN_FATAL;
}
diff --git a/ssl/record/methods/tls1_meth.c b/ssl/record/methods/tls1_meth.c
index 0b972e975c..d744c6f260 100644
--- a/ssl/record/methods/tls1_meth.c
+++ b/ssl/record/methods/tls1_meth.c
@@ -34,21 +34,6 @@ static int tls1_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
if (level != OSSL_RECORD_PROTECTION_LEVEL_APPLICATION)
return OSSL_RECORD_RETURN_FATAL;
- if (s->ext.use_etm)
- s->s3.flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
- else
- s->s3.flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
-
- if (s->s3.tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
-
- if (s->s3.tmp.new_cipher->algorithm2 & TLS1_TLSTREE)
- s->mac_flags |= SSL_MAC_FLAG_READ_MAC_TLSTREE;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_TLSTREE;
-
if ((rl->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
return OSSL_RECORD_RETURN_FATAL;
@@ -143,7 +128,7 @@ static int tls1_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
return OSSL_RECORD_RETURN_FATAL;
}
if (EVP_CIPHER_get0_provider(ciph) != NULL
- && !ossl_set_tls_provider_parameters(rl, ciph_ctx, ciph, md, s))
+ && !ossl_set_tls_provider_parameters(rl, ciph_ctx, ciph, md))
return OSSL_RECORD_RETURN_FATAL;
return OSSL_RECORD_RETURN_SUCCESS;
@@ -362,7 +347,7 @@ static int tls1_cipher(OSSL_RECORD_LAYER *rl, SSL3_RECORD *recs, size_t n_recs,
* So if we are in ETM mode, we use seq 'as is' in the ctrl-function.
* Otherwise we have to decrease it in the implementation
*/
- if (sending && !SSL_WRITE_ETM(s))
+ if (sending && !rl->use_etm)
decrement_seq = 1;
seq = sending ? RECORD_LAYER_get_write_sequence(&s->rlayer)
@@ -543,7 +528,7 @@ static int tls1_mac(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec, unsigned char *md,
header[11] = (unsigned char)(rec->length >> 8);
header[12] = (unsigned char)(rec->length & 0xff);
- if (!sending && !SSL_READ_ETM(ssl)
+ if (!sending && !rl->use_etm
&& EVP_CIPHER_CTX_get_mode(rl->enc_read_ctx) == EVP_CIPH_CBC_MODE
&& ssl3_cbc_record_digest_supported(mac_ctx)) {
OSSL_PARAM tls_hmac_params[2], *p = tls_hmac_params;
diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c
index accb5b1120..f5d51ef697 100644
--- a/ssl/record/methods/tls_common.c
+++ b/ssl/record/methods/tls_common.c
@@ -36,8 +36,7 @@ void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason,
int ossl_set_tls_provider_parameters(OSSL_RECORD_LAYER *rl,
EVP_CIPHER_CTX *ctx,
const EVP_CIPHER *ciph,
- const EVP_MD *md,
- SSL_CONNECTION *s)
+ const EVP_MD *md)
{
/*
* Provided cipher, the TLS padding/MAC removal is performed provider
@@ -48,12 +47,7 @@ int ossl_set_tls_provider_parameters(OSSL_RECORD_LAYER *rl,
int imacsize = -1;
if ((EVP_CIPHER_get_flags(ciph) & EVP_CIPH_FLAG_AEAD_CIPHER) == 0
- /*
- * We look at s->ext.use_etm instead of SSL_READ_ETM() or
- * SSL_WRITE_ETM() because this test applies to both reading
- * and writing.
- */
- && !s->ext.use_etm)
+ && !rl->use_etm)
imacsize = EVP_MD_get_size(md);
if (imacsize >= 0)
macsize = (size_t)imacsize;
@@ -662,7 +656,7 @@ static int tls_get_more_records(OSSL_RECORD_LAYER *rl,
* If in encrypt-then-mac mode calculate mac from encrypted record. All
* the details below are public so no timing details can leak.
*/
- if (SSL_READ_ETM(s) && rl->read_hash) {
+ if (rl->use_etm && rl->read_hash) {
unsigned char *mac;
for (j = 0; j < num_recs; j++) {
@@ -748,7 +742,7 @@ static int tls_get_more_records(OSSL_RECORD_LAYER *rl,
/* r->length is now the compressed data plus mac */
if ((sess != NULL)
&& (rl->enc_read_ctx != NULL)
- && (!SSL_READ_ETM(s) && EVP_MD_CTX_get0_md(rl->read_hash) != NULL)) {
+ && (!rl->use_etm && EVP_MD_CTX_get0_md(rl->read_hash) != NULL)) {
/* rl->read_hash != NULL => mac_size != -1 */
for (j = 0; j < num_recs; j++) {
@@ -1049,6 +1043,21 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
goto err;
}
+ /* Loop through all the settings since they must all be understood */
+ for (p = settings; p->key != NULL; p++) {
+ if (strcmp(p->key, OSSL_LIBSSL_RECORD_LAYER_PARAM_USE_ETM) == 0) {
+ if (!OSSL_PARAM_get_int(p, &rl->use_etm)) {
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_FAILED_TO_GET_PARAMETER);
+ goto err;
+ }
+ break;
+ } else {
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_UNKNOWN_MANDATORY_PARAMETER);
+ goto err;
+ }
+ }
+
+
if (level == OSSL_RECORD_PROTECTION_LEVEL_APPLICATION) {
/*
* We ignore any read_ahead setting prior to the application protection
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 8ea42d19b9..6f40b73c2b 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -15,7 +15,6 @@
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/core_names.h>
-#include <openssl/param_build.h>
#include "record_local.h"
#include "internal/packet.h"
@@ -1797,18 +1796,18 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version,
int mactype, const EVP_MD *md,
const SSL_COMP *comp)
{
- OSSL_PARAM_BLD *tmpl = NULL;
- OSSL_PARAM *options = NULL;
+ OSSL_PARAM options[4], *opts = options;
+ OSSL_PARAM settings[2], *set = settings;
const OSSL_RECORD_METHOD *origmeth = s->rrlmethod;
- int ret = 0;
SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
const OSSL_RECORD_METHOD *meth;
+ int use_etm;
meth = ssl_select_next_record_layer(s, level);
if (s->rrlmethod != NULL && !s->rrlmethod->free(s->rrl)) {
ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
if (meth != NULL)
@@ -1819,20 +1818,25 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version,
return 0;
}
- if ((tmpl = OSSL_PARAM_BLD_new()) == NULL
- || !OSSL_PARAM_BLD_push_uint64(tmpl,
- OSSL_LIBSSL_RECORD_LAYER_PARAM_OPTIONS,
- s->options)
- || !OSSL_PARAM_BLD_push_uint32(tmpl,
- OSSL_LIBSSL_RECORD_LAYER_PARAM_MODE,
- s->mode)
- || !OSSL_PARAM_BLD_push_int(tmpl,
- OSSL_LIBSSL_RECORD_LAYER_PARAM_READ_AHEAD,
- s->rlayer.read_ahead)
- || (options = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) {
- ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
- goto err;
- }
+ /* Parameters that *may* be supported by a record layer if passed */
+ *opts++ = OSSL_PARAM_construct_uint64(OSSL_LIBSSL_RECORD_LAYER_PARAM_OPTIONS,
+ &s->options);
+ *opts++ = OSSL_PARAM_construct_uint32(OSSL_LIBSSL_RECORD_LAYER_PARAM_MODE,
+ &s->mode);
+ *opts++ = OSSL_PARAM_construct_int(OSSL_LIBSSL_RECORD_LAYER_PARAM_MODE,
+ &s->rlayer.read_ahead);
+ *opts = OSSL_PARAM_construct_end();
+
+ /* Parameters that *must* be supported by a record layer if passed */
+ if (direction == OSSL_RECORD_DIRECTION_READ)
+ use_etm = SSL_READ_ETM(s) ? 1 : 0;
+ else
+ use_etm = SSL_WRITE_ETM(s) ? 1 : 0;
+
+ if (use_etm)
+ *set++ = OSSL_PARAM_construct_int(OSSL_LIBSSL_RECORD_LAYER_PARAM_USE_ETM,
+ &use_etm);
+ *set = OSSL_PARAM_construct_end();
for (;;) {
int rlret;
@@ -1843,7 +1847,7 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version,
if (s->rrlnext == NULL) {
BIO_free(prev);
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
rlret = s->rrlmethod->new_record_layer(sctx->libctx, sctx->propq,
@@ -1851,13 +1855,13 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version,
level, key, keylen, iv, ivlen,
mackey, mackeylen, ciph, taglen,
mactype, md, comp, prev, s->rbio,
- s->rrlnext, NULL, NULL, NULL,
+ s->rrlnext, NULL, NULL, settings,
options, &s->rrl, s);
BIO_free(prev);
switch (rlret) {
case OSSL_RECORD_RETURN_FATAL:
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_RECORD_LAYER_FAILURE);
- goto err;
+ return 0;
case OSSL_RECORD_RETURN_NON_FATAL_ERR:
if (s->rrlmethod != origmeth && origmeth != NULL) {
@@ -1869,7 +1873,7 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version,
continue;
}
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_NO_SUITABLE_RECORD_LAYER);
- goto err;
+ return 0;
case OSSL_RECORD_RETURN_SUCCESS:
break;
@@ -1877,15 +1881,10 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version,
default:
/* Should not happen */
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- goto err;
+ return 0;
}
break;
}
- ret = ssl_post_record_layer_select(s);
- err:
- OSSL_PARAM_free(options);
- OSSL_PARAM_BLD_free(tmpl);
-
- return ret;
+ return ssl_post_record_layer_select(s);
}
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 7abd6de4a2..fb825eb371 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -523,6 +523,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_DIGEST), "unknown digest"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
"unknown key exchange type"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_MANDATORY_PARAMETER),
+ "unknown mandatory parameter"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_PROTOCOL), "unknown protocol"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_SSL_VERSION),
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index b4920a1c12..16cb7d64db 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -2861,12 +2861,12 @@ __owur int ssl_log_secret(SSL_CONNECTION *s, const char *label,
# ifndef OPENSSL_NO_KTLS
/* ktls.c */
int ktls_check_supported_cipher(const SSL_CONNECTION *s, const EVP_CIPHER *c,
- size_t taglen);
-int ktls_configure_crypto(SSL_CONNECTION *s, const EVP_CIPHER *c,
- void *rl_sequence, ktls_crypto_info_t *crypto_info,
- int is_tx, unsigned char *iv, size_t ivlen,
- unsigned char *key, size_t keylen,
- unsigned char *mac_key, size_t mac_secret_size);
+ const EVP_MD *md, size_t taglen);
+int ktls_configure_crypto(SSL_CONNECTION *s, const EVP_CIPHER *c, void *rl_sequence,
+ ktls_crypto_info_t *crypto_info, int is_tx,
+ unsigned char *iv, size_t ivlen, unsigned char *key,
+ size_t keylen, unsigned char *mac_key,
+ size_t mac_secret_size);
# endif
__owur int srp_generate_server_master_secret(SSL_CONNECTION *s);
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index b7adc9daff..7083cd8151 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -227,22 +227,22 @@ int tls1_change_cipher_state(SSL_CONNECTION *s, int which)
}
if (which & SSL3_CC_READ) {
- if (SSL_CONNECTION_IS_DTLS(s)) {
- if (s->ext.use_etm)
- s->s3.flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
- else
- s->s3.flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
+ if (s->ext.use_etm)
+ s->s3.flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
+ else
+ s->s3.flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
- if (s->s3.tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
+ if (s->s3.tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+ s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
+ else
+ s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
- if (s->s3.tmp.new_cipher->algorithm2 & TLS1_TLSTREE)
- s->mac_flags |= SSL_MAC_FLAG_READ_MAC_TLSTREE;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_TLSTREE;
+ if (s->s3.tmp.new_cipher->algorithm2 & TLS1_TLSTREE)
+ s->mac_flags |= SSL_MAC_FLAG_READ_MAC_TLSTREE;
+ else
+ s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_TLSTREE;
+ if (SSL_CONNECTION_IS_DTLS(s)) {
if (s->enc_read_ctx != NULL) {
reuse_dd = 1;
} else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) {
@@ -425,7 +425,7 @@ int tls1_change_cipher_state(SSL_CONNECTION *s, int which)
goto skip_ktls;
/* check that cipher is supported */
- if (!ktls_check_supported_cipher(s, c, taglen))
+ if (!ktls_check_supported_cipher(s, c, m, taglen))
goto skip_ktls;
if (which & SSL3_CC_WRITE)
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index 7e5f551aae..01461894fe 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -743,7 +743,7 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which)
goto skip_ktls;
/* check that cipher is supported */
- if (!ktls_check_supported_cipher(s, cipher, taglen))
+ if (!ktls_check_supported_cipher(s, cipher, NULL, taglen))
goto skip_ktls;
if (which & SSL3_CC_WRITE)
diff --git a/util/mkerr.pl b/util/mkerr.pl
index 1cb772c00f..861b613b0d 100755
--- a/util/mkerr.pl
+++ b/util/mkerr.pl
@@ -117,8 +117,9 @@ if ( $internal ) {
die "Cannot mix -internal and -static\n" if $static;
die "Extra parameters given.\n" if @ARGV;
@source = ( glob('crypto/*.c'), glob('crypto/*/*.c'),
- glob('ssl/*.c'), glob('ssl/*/*.c'), glob('providers/*.c'),
- glob('providers/*/*.c'), glob('providers/*/*/*.c') );
+ glob('ssl/*.c'), glob('ssl/*/*.c'), glob('ssl/*/*/*.c'),
+ glob('providers/*.c'), glob('providers/*/*.c'),
+ glob('providers/*/*/*.c') );
} else {
die "-module isn't useful without -internal\n" if scalar keys %modules > 0;
@source = @ARGV;
View Lorry Controller Status