diff options
Diffstat (limited to 'src/ssl_sock.c')
| -rw-r--r-- | src/ssl_sock.c | 39 |
1 files changed, 25 insertions, 14 deletions
diff --git a/src/ssl_sock.c b/src/ssl_sock.c index e6bf3ff..8bd6099 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -2268,10 +2268,14 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg) } if (has_ecdsa_sig) { /* in very rare case: has ecdsa sign but not a ECDSA cipher */ const SSL_CIPHER *cipher; + STACK_OF(SSL_CIPHER) *ha_ciphers; /* haproxy side ciphers */ uint32_t cipher_id; size_t len; const uint8_t *cipher_suites; + + ha_ciphers = SSL_get_ciphers(ssl); has_ecdsa_sig = 0; + #ifdef OPENSSL_IS_BORINGSSL len = ctx->cipher_suites_len; cipher_suites = ctx->cipher_suites; @@ -2290,6 +2294,10 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg) if (!cipher) continue; + /* check if this cipher is available in haproxy configuration */ + if (sk_SSL_CIPHER_find(ha_ciphers, cipher) == -1) + continue; + cipher_id = SSL_CIPHER_get_id(cipher); /* skip the SCSV "fake" signaling ciphersuites because they are NID_auth_any (RFC 7507) */ if (cipher_id == SSL3_CK_SCSV || cipher_id == SSL3_CK_FALLBACK_SCSV) @@ -2556,6 +2564,10 @@ static int ssl_sock_switchctx_wolfSSL_cbk(WOLFSSL* ssl, void* arg) return 0; if (SSL_version(ssl) != TLS1_3_VERSION) { + + /* with TLS <= 1.2, we must use the auth which is provided by the cipher, but we don't need to + * consider the auth provided by the signature algorithms */ + for (idx = 0; idx < suiteSz; idx += 2) { WOLFSSL_CIPHERSUITE_INFO info; info = wolfSSL_get_ciphersuite_info(suites[idx], suites[idx+1]); @@ -2564,23 +2576,22 @@ static int ssl_sock_switchctx_wolfSSL_cbk(WOLFSSL* ssl, void* arg) else if (info.eccAuth) has_ecdsa_sig = 1; } - } + } else { + /* with TLS >= 1.3, we must use the auth which is provided by the signature algorithms because + * the ciphers does not provide the auth */ - if (hashSigAlgoSz > 0) { - /* sigalgs extension takes precedence over ciphersuites */ - has_ecdsa_sig = 0; - has_rsa_sig = 0; - } - for (idx = 0; idx < hashSigAlgoSz; idx += 2) { - int hashAlgo; - int sigAlgo; + for (idx = 0; idx < hashSigAlgoSz; idx += 2) { + int hashAlgo; + int sigAlgo; - wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1], &hashAlgo, &sigAlgo); + wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1], &hashAlgo, &sigAlgo); - if (sigAlgo == RSAk || sigAlgo == RSAPSSk) - has_rsa_sig = 1; - else if (sigAlgo == ECDSAk) - has_ecdsa_sig = 1; + if (sigAlgo == RSAk || sigAlgo == RSAPSSk) + has_rsa_sig = 1; + else if (sigAlgo == ECDSAk) + has_ecdsa_sig = 1; + + } } } |