summaryrefslogtreecommitdiffstats
path: root/src/ssl_sock.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-11 17:06:50 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-11 17:06:50 +0000
commit889a8235a21475be105941679b10f92532d26ac1 (patch)
tree19c3c098346c0d07f306e64960bb66ff452a650d /src/ssl_sock.c
parentAdding upstream version 3.0.0. (diff)
downloadhaproxy-889a8235a21475be105941679b10f92532d26ac1.tar.xz
haproxy-889a8235a21475be105941679b10f92532d26ac1.zip
Adding upstream version 3.0.1.upstream/3.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/ssl_sock.c')
-rw-r--r--src/ssl_sock.c39
1 files changed, 25 insertions, 14 deletions
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index e6bf3ff..8bd6099 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2268,10 +2268,14 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
}
if (has_ecdsa_sig) { /* in very rare case: has ecdsa sign but not a ECDSA cipher */
const SSL_CIPHER *cipher;
+ STACK_OF(SSL_CIPHER) *ha_ciphers; /* haproxy side ciphers */
uint32_t cipher_id;
size_t len;
const uint8_t *cipher_suites;
+
+ ha_ciphers = SSL_get_ciphers(ssl);
has_ecdsa_sig = 0;
+
#ifdef OPENSSL_IS_BORINGSSL
len = ctx->cipher_suites_len;
cipher_suites = ctx->cipher_suites;
@@ -2290,6 +2294,10 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
if (!cipher)
continue;
+ /* check if this cipher is available in haproxy configuration */
+ if (sk_SSL_CIPHER_find(ha_ciphers, cipher) == -1)
+ continue;
+
cipher_id = SSL_CIPHER_get_id(cipher);
/* skip the SCSV "fake" signaling ciphersuites because they are NID_auth_any (RFC 7507) */
if (cipher_id == SSL3_CK_SCSV || cipher_id == SSL3_CK_FALLBACK_SCSV)
@@ -2556,6 +2564,10 @@ static int ssl_sock_switchctx_wolfSSL_cbk(WOLFSSL* ssl, void* arg)
return 0;
if (SSL_version(ssl) != TLS1_3_VERSION) {
+
+ /* with TLS <= 1.2, we must use the auth which is provided by the cipher, but we don't need to
+ * consider the auth provided by the signature algorithms */
+
for (idx = 0; idx < suiteSz; idx += 2) {
WOLFSSL_CIPHERSUITE_INFO info;
info = wolfSSL_get_ciphersuite_info(suites[idx], suites[idx+1]);
@@ -2564,23 +2576,22 @@ static int ssl_sock_switchctx_wolfSSL_cbk(WOLFSSL* ssl, void* arg)
else if (info.eccAuth)
has_ecdsa_sig = 1;
}
- }
+ } else {
+ /* with TLS >= 1.3, we must use the auth which is provided by the signature algorithms because
+ * the ciphers does not provide the auth */
- if (hashSigAlgoSz > 0) {
- /* sigalgs extension takes precedence over ciphersuites */
- has_ecdsa_sig = 0;
- has_rsa_sig = 0;
- }
- for (idx = 0; idx < hashSigAlgoSz; idx += 2) {
- int hashAlgo;
- int sigAlgo;
+ for (idx = 0; idx < hashSigAlgoSz; idx += 2) {
+ int hashAlgo;
+ int sigAlgo;
- wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1], &hashAlgo, &sigAlgo);
+ wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1], &hashAlgo, &sigAlgo);
- if (sigAlgo == RSAk || sigAlgo == RSAPSSk)
- has_rsa_sig = 1;
- else if (sigAlgo == ECDSAk)
- has_ecdsa_sig = 1;
+ if (sigAlgo == RSAk || sigAlgo == RSAPSSk)
+ has_rsa_sig = 1;
+ else if (sigAlgo == ECDSAk)
+ has_ecdsa_sig = 1;
+
+ }
}
}