1Patch-Source: https://w1.fi/cgit/hostap/commit/?id=a561d12d24c2c8bb0f825d4a3a55a5e47e8458532From a561d12d24c2c8bb0f825d4a3a55a5e47e845853 Mon Sep 17 00:00:00 20013From: Jouni Malinen <quic_jouni@quicinc.com>4Date: Wed, 4 May 2022 23:55:38 +03005Subject: EAP peer status notification for server not supporting RFC 574667Add a notification message to indicate reason for TLS handshake failure8due to the server not supporting safe renegotiation (RFC 5746).910Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>11---12 src/ap/authsrv.c | 3 +++13 src/crypto/tls.h | 3 ++-14 src/crypto/tls_openssl.c | 15 +++++++++++++--15 src/eap_peer/eap.c | 5 +++++16 4 files changed, 23 insertions(+), 3 deletions(-)1718diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c19index 516c1da74..fd9c96fad 10064420--- a/src/ap/authsrv.c21+++ b/src/ap/authsrv.c22@@ -169,6 +169,9 @@ static void authsrv_tls_event(void *ctx, enum tls_event ev,23 wpa_printf(MSG_DEBUG, "authsrv: remote TLS alert: %s",24 data->alert.description);25 break;26+ case TLS_UNSAFE_RENEGOTIATION_DISABLED:27+ /* Not applicable to TLS server */28+ break;29 }30 }31 #endif /* EAP_TLS_FUNCS */32diff --git a/src/crypto/tls.h b/src/crypto/tls.h33index 7ea32ee4a..7a2ee32df 10064434--- a/src/crypto/tls.h35+++ b/src/crypto/tls.h36@@ -22,7 +22,8 @@ enum tls_event {37 TLS_CERT_CHAIN_SUCCESS,38 TLS_CERT_CHAIN_FAILURE,39 TLS_PEER_CERTIFICATE,40- TLS_ALERT41+ TLS_ALERT,42+ TLS_UNSAFE_RENEGOTIATION_DISABLED,43 };4445 /*46diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c47index 0d23f44ad..912471ba2 10064448--- a/src/crypto/tls_openssl.c49+++ b/src/crypto/tls_openssl.c50@@ -4443,6 +4443,7 @@ int tls_connection_get_eap_fast_key(void *tls_ctx, struct tls_connection *conn,51 static struct wpabuf *52 openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data)53 {54+ struct tls_context *context = conn->context;55 int res;56 struct wpabuf *out_data;5758@@ -4472,7 +4473,19 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data)59 wpa_printf(MSG_DEBUG, "SSL: SSL_connect - want to "60 "write");61 else {62+ unsigned long error = ERR_peek_last_error();63+64 tls_show_errors(MSG_INFO, __func__, "SSL_connect");65+66+ if (context->event_cb &&67+ ERR_GET_LIB(error) == ERR_LIB_SSL &&68+ ERR_GET_REASON(error) ==69+ SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED) {70+ context->event_cb(71+ context->cb_ctx,72+ TLS_UNSAFE_RENEGOTIATION_DISABLED,73+ NULL);74+ }75 conn->failed++;76 if (!conn->server && !conn->client_hello_generated) {77 /* The server would not understand TLS Alert78@@ -4495,8 +4508,6 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data)79 if ((conn->flags & TLS_CONN_SUITEB) && !conn->server &&80 os_strncmp(SSL_get_cipher(conn->ssl), "DHE-", 4) == 0 &&81 conn->server_dh_prime_len < 3072) {82- struct tls_context *context = conn->context;83-84 /*85 * This should not be reached since earlier cert_cb should have86 * terminated the handshake. Keep this check here for extra87diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c88index 429b20d3a..729388f4f 10064489--- a/src/eap_peer/eap.c90+++ b/src/eap_peer/eap.c91@@ -2172,6 +2172,11 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,92 eap_notify_status(sm, "remote TLS alert",93 data->alert.description);94 break;95+ case TLS_UNSAFE_RENEGOTIATION_DISABLED:96+ wpa_printf(MSG_INFO,97+ "TLS handshake failed due to the server not supporting safe renegotiation (RFC 5746); phase1 parameter allow_unsafe_renegotiation=1 can be used to work around this");98+ eap_notify_status(sm, "unsafe server renegotiation", "failure");99+ break;100 }101102 os_free(hash_hex);103--104cgit v1.2.3-18-g5258105