openssl/SOURCES/openssl-1.1.1-reneg-no-extms.patch

diff -up openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms openssl-1.1.1g/include/openssl/ssl3.h
--- openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms	2020-04-21 14:22:39.000000000 +0200
+++ openssl-1.1.1g/include/openssl/ssl3.h	2020-06-05 15:20:22.090682776 +0200
@@ -292,6 +292,9 @@ extern "C" {
 
 # define TLS1_FLAGS_STATELESS                    0x0800
 
+/* Set if extended master secret extension required on renegotiation */
+# define TLS1_FLAGS_REQUIRED_EXTMS               0x1000
+
 # define SSL3_MT_HELLO_REQUEST                   0
 # define SSL3_MT_CLIENT_HELLO                    1
 # define SSL3_MT_SERVER_HELLO                    2
diff -up openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms openssl-1.1.1g/ssl/statem/extensions.c
--- openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms	2020-04-21 14:22:39.000000000 +0200
+++ openssl-1.1.1g/ssl/statem/extensions.c	2020-06-05 15:22:19.677653437 +0200
@@ -1168,14 +1168,26 @@ static int init_etm(SSL *s, unsigned int
 
 static int init_ems(SSL *s, unsigned int context)
 {
-    if (!s->server)
+    if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {
         s->s3->flags &= ~TLS1_FLAGS_RECEIVED_EXTMS;
+        s->s3->flags |= TLS1_FLAGS_REQUIRED_EXTMS;
+    }
 
     return 1;
 }
 
 static int final_ems(SSL *s, unsigned int context, int sent)
 {
+    /*
+     * Check extended master secret extension is not dropped on
+     * renegotiation.
+     */
+    if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)
+        && (s->s3->flags & TLS1_FLAGS_REQUIRED_EXTMS)) {
+        SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_FINAL_EMS,
+                 SSL_R_INCONSISTENT_EXTMS);
+        return 0;
+    }
     if (!s->server && s->hit) {
         /*
          * Check extended master secret extension is consistent with
import openssl-1.1.1g-9.el8 2020-07-28 07:48:24 +00:00			`diff -up openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms openssl-1.1.1g/include/openssl/ssl3.h`
			`--- openssl-1.1.1g/include/openssl/ssl3.h.reneg-no-extms 2020-04-21 14:22:39.000000000 +0200`
			`+++ openssl-1.1.1g/include/openssl/ssl3.h 2020-06-05 15:20:22.090682776 +0200`
			`@@ -292,6 +292,9 @@ extern "C" {`

			`# define TLS1_FLAGS_STATELESS 0x0800`

			`+/* Set if extended master secret extension required on renegotiation */`
			`+# define TLS1_FLAGS_REQUIRED_EXTMS 0x1000`
			`+`
			`# define SSL3_MT_HELLO_REQUEST 0`
			`# define SSL3_MT_CLIENT_HELLO 1`
			`# define SSL3_MT_SERVER_HELLO 2`
			`diff -up openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms openssl-1.1.1g/ssl/statem/extensions.c`
			`--- openssl-1.1.1g/ssl/statem/extensions.c.reneg-no-extms 2020-04-21 14:22:39.000000000 +0200`
			`+++ openssl-1.1.1g/ssl/statem/extensions.c 2020-06-05 15:22:19.677653437 +0200`
			`@@ -1168,14 +1168,26 @@ static int init_etm(SSL *s, unsigned int`

			`static int init_ems(SSL *s, unsigned int context)`
			`{`
			`- if (!s->server)`
			`+ if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {`
			`s->s3->flags &= ~TLS1_FLAGS_RECEIVED_EXTMS;`
			`+ s->s3->flags \|= TLS1_FLAGS_REQUIRED_EXTMS;`
			`+ }`

			`return 1;`
			`}`

			`static int final_ems(SSL *s, unsigned int context, int sent)`
			`{`
			`+ /*`
			`+ * Check extended master secret extension is not dropped on`
			`+ * renegotiation.`
			`+ */`
			`+ if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)`
			`+ && (s->s3->flags & TLS1_FLAGS_REQUIRED_EXTMS)) {`
			`+ SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_FINAL_EMS,`
			`+ SSL_R_INCONSISTENT_EXTMS);`
			`+ return 0;`
			`+ }`
			`if (!s->server && s->hit) {`
			`/*`
			`* Check extended master secret extension is consistent with`