62ab4bd374
Resolves: #2077973 Signed-off-by: Davide Caratti <dcaratti@redhat.com>
107 lines
3.7 KiB
Diff
107 lines
3.7 KiB
Diff
From a561d12d24c2c8bb0f825d4a3a55a5e47e845853 Mon Sep 17 00:00:00 2001
|
|
Message-Id: <a561d12d24c2c8bb0f825d4a3a55a5e47e845853.1652450863.git.davide.caratti@gmail.com>
|
|
From: Jouni Malinen <quic_jouni@quicinc.com>
|
|
Date: Wed, 4 May 2022 23:55:38 +0300
|
|
Subject: [PATCH] EAP peer status notification for server not supporting RFC
|
|
5746
|
|
|
|
Add a notification message to indicate reason for TLS handshake failure
|
|
due to the server not supporting safe renegotiation (RFC 5746).
|
|
|
|
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
|
|
---
|
|
src/ap/authsrv.c | 3 +++
|
|
src/crypto/tls.h | 3 ++-
|
|
src/crypto/tls_openssl.c | 15 +++++++++++++--
|
|
src/eap_peer/eap.c | 5 +++++
|
|
4 files changed, 23 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c
|
|
index 516c1da74..fd9c96fad 100644
|
|
--- a/src/ap/authsrv.c
|
|
+++ b/src/ap/authsrv.c
|
|
@@ -169,6 +169,9 @@ static void authsrv_tls_event(void *ctx, enum tls_event ev,
|
|
wpa_printf(MSG_DEBUG, "authsrv: remote TLS alert: %s",
|
|
data->alert.description);
|
|
break;
|
|
+ case TLS_UNSAFE_RENEGOTIATION_DISABLED:
|
|
+ /* Not applicable to TLS server */
|
|
+ break;
|
|
}
|
|
}
|
|
#endif /* EAP_TLS_FUNCS */
|
|
diff --git a/src/crypto/tls.h b/src/crypto/tls.h
|
|
index 7ea32ee4a..7a2ee32df 100644
|
|
--- a/src/crypto/tls.h
|
|
+++ b/src/crypto/tls.h
|
|
@@ -22,7 +22,8 @@ enum tls_event {
|
|
TLS_CERT_CHAIN_SUCCESS,
|
|
TLS_CERT_CHAIN_FAILURE,
|
|
TLS_PEER_CERTIFICATE,
|
|
- TLS_ALERT
|
|
+ TLS_ALERT,
|
|
+ TLS_UNSAFE_RENEGOTIATION_DISABLED,
|
|
};
|
|
|
|
/*
|
|
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
|
|
index 0d23f44ad..912471ba2 100644
|
|
--- a/src/crypto/tls_openssl.c
|
|
+++ b/src/crypto/tls_openssl.c
|
|
@@ -4443,6 +4443,7 @@ int tls_connection_get_eap_fast_key(void *tls_ctx, struct tls_connection *conn,
|
|
static struct wpabuf *
|
|
openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data)
|
|
{
|
|
+ struct tls_context *context = conn->context;
|
|
int res;
|
|
struct wpabuf *out_data;
|
|
|
|
@@ -4472,7 +4473,19 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data)
|
|
wpa_printf(MSG_DEBUG, "SSL: SSL_connect - want to "
|
|
"write");
|
|
else {
|
|
+ unsigned long error = ERR_peek_last_error();
|
|
+
|
|
tls_show_errors(MSG_INFO, __func__, "SSL_connect");
|
|
+
|
|
+ if (context->event_cb &&
|
|
+ ERR_GET_LIB(error) == ERR_LIB_SSL &&
|
|
+ ERR_GET_REASON(error) ==
|
|
+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED) {
|
|
+ context->event_cb(
|
|
+ context->cb_ctx,
|
|
+ TLS_UNSAFE_RENEGOTIATION_DISABLED,
|
|
+ NULL);
|
|
+ }
|
|
conn->failed++;
|
|
if (!conn->server && !conn->client_hello_generated) {
|
|
/* The server would not understand TLS Alert
|
|
@@ -4495,8 +4508,6 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data)
|
|
if ((conn->flags & TLS_CONN_SUITEB) && !conn->server &&
|
|
os_strncmp(SSL_get_cipher(conn->ssl), "DHE-", 4) == 0 &&
|
|
conn->server_dh_prime_len < 3072) {
|
|
- struct tls_context *context = conn->context;
|
|
-
|
|
/*
|
|
* This should not be reached since earlier cert_cb should have
|
|
* terminated the handshake. Keep this check here for extra
|
|
diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
|
|
index 429b20d3a..729388f4f 100644
|
|
--- a/src/eap_peer/eap.c
|
|
+++ b/src/eap_peer/eap.c
|
|
@@ -2172,6 +2172,11 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
|
|
eap_notify_status(sm, "remote TLS alert",
|
|
data->alert.description);
|
|
break;
|
|
+ case TLS_UNSAFE_RENEGOTIATION_DISABLED:
|
|
+ wpa_printf(MSG_INFO,
|
|
+ "TLS handshake failed due to the server not supporting safe renegotiation (RFC 5746); phase1 parameter allow_unsafe_renegotiation=1 can be used to work around this");
|
|
+ eap_notify_status(sm, "unsafe server renegotiation", "failure");
|
|
+ break;
|
|
}
|
|
|
|
os_free(hash_hex);
|
|
--
|
|
2.35.1
|
|
|