diff options
author | Adam Langley <agl@google.com> | 2015-06-23 16:20:13 -0700 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2015-06-23 16:32:39 -0700 |
commit | 56d250321ea9dfa66ea9afa599f12c83a4147c86 (patch) | |
tree | 32f131cd6ff8f2c2db1ba6a533d0b2da3853f58d /src/ssl/internal.h | |
parent | 0e6bb1c72014c26289d09f4deea9c25706be5824 (diff) | |
download | external_boringssl-56d250321ea9dfa66ea9afa599f12c83a4147c86.zip external_boringssl-56d250321ea9dfa66ea9afa599f12c83a4147c86.tar.gz external_boringssl-56d250321ea9dfa66ea9afa599f12c83a4147c86.tar.bz2 |
Fixes for CVE-2015-1791.
If a NewSessionTicket is received by a multi-threaded client when
attempting to reuse a previous ticket then a race condition can occur
potentially leading to a double free of the ticket data.
This change cherry-picks the following BoringSSL changes:
b31040d0 – Get rid of CERT_PKEY slots in SESS_CERT.
fd67aa8c – Add SSL_SESSION_from_bytes.
95d31825 – Duplicate SSL_SESSIONs when renewing them.
d65bb78c – Add SSL_initial_handshake_complete.
680ca961 – Preserve session->sess_cert on ticket renewal.
Change-Id: I474065330842e4ab0066b2485c1489a50e4dfd5b
Diffstat (limited to 'src/ssl/internal.h')
-rw-r--r-- | src/ssl/internal.h | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/src/ssl/internal.h b/src/ssl/internal.h index 7d9a5ad..4d70431 100644 --- a/src/ssl/internal.h +++ b/src/ssl/internal.h @@ -581,15 +581,13 @@ typedef struct cert_st { } CERT; typedef struct sess_cert_st { - STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */ + /* cert_chain is the certificate chain sent by the peer. NOTE: for a client, + * this does includes the server's leaf certificate, but, for a server, this + * does NOT include the client's leaf. */ + STACK_OF(X509) *cert_chain; - /* The 'peer_...' members are used only by clients. */ - int peer_cert_type; - - CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */ - CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; - /* Obviously we don't have the private keys of these, - * so maybe we shouldn't even use the CERT_PKEY type here. */ + /* peer_cert, on a client, is the leaf certificate of the peer. */ + X509 *peer_cert; DH *peer_dh_tmp; EC_KEY *peer_ecdh_tmp; @@ -799,8 +797,8 @@ CERT *ssl_cert_dup(CERT *cert); void ssl_cert_clear_certs(CERT *c); void ssl_cert_free(CERT *c); SESS_CERT *ssl_sess_cert_new(void); -void ssl_sess_cert_free(SESS_CERT *sc); -int ssl_set_peer_cert_type(SESS_CERT *c, int type); +SESS_CERT *ssl_sess_cert_dup(const SESS_CERT *sess_cert); +void ssl_sess_cert_free(SESS_CERT *sess_cert); int ssl_get_new_session(SSL *s, int session); int ssl_get_prev_session(SSL *s, const struct ssl_early_callback_ctx *ctx); STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const CBS *cbs); |