diff -Nru openssl-1.1.1/debian/changelog openssl-1.1.1/debian/changelog --- openssl-1.1.1/debian/changelog 2021-07-23 06:32:42.000000000 -0600 +++ openssl-1.1.1/debian/changelog 2021-08-16 08:37:23.000000000 -0600 @@ -1,3 +1,11 @@ +openssl (1.1.1-1ubuntu2.1~18.04.10ubuntu1) bionic; urgency=medium + + * Cherry-pick upstream patches for https://github.com/openssl/openssl/issues/9767 + - debian/patches/0001-Don-t-send-a-status_request-extension-in-a-Certifica.patch + - debian/patches/0002-Teach-TLSProxy-how-to-parse-CertificateRequest-messa.patch + + -- Nicolas Bock Mon, 16 Aug 2021 14:37:23 +0000 + openssl (1.1.1-1ubuntu2.1~18.04.10) bionic; urgency=medium * Cherry-pick an upstream patch to fix s390x AES code (LP: #1931994) diff -Nru openssl-1.1.1/debian/patches/0001-Don-t-send-a-status_request-extension-in-a-Certifica.patch openssl-1.1.1/debian/patches/0001-Don-t-send-a-status_request-extension-in-a-Certifica.patch --- openssl-1.1.1/debian/patches/0001-Don-t-send-a-status_request-extension-in-a-Certifica.patch 1969-12-31 17:00:00.000000000 -0700 +++ openssl-1.1.1/debian/patches/0001-Don-t-send-a-status_request-extension-in-a-Certifica.patch 2021-08-16 08:33:50.000000000 -0600 @@ -0,0 +1,44 @@ +From f8affa299534532b42b09eac5457f8bbf5216941 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 5 Sep 2019 16:43:57 +0100 +Subject: [PATCH 1/2] Don't send a status_request extension in a + CertificateRequest message + +If a TLSv1.3 server configured to respond to the status_request extension +also attempted to send a CertificateRequest then it was incorrectly +inserting a non zero length status_request extension into that message. + +The TLSv1.3 RFC does allow that extension in that message but it must +always be zero length. + +In fact we should not be sending the extension at all in that message +because we don't support it. + +Fixes #9767 + +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/9780) + +(cherry picked from commit debb64a0ca43969eb3f043aa8895a4faa7f12b6e) +--- + ssl/statem/extensions_srvr.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c +index ff4287c584..ab5453f63e 100644 +--- a/ssl/statem/extensions_srvr.c ++++ b/ssl/statem/extensions_srvr.c +@@ -1487,6 +1487,10 @@ EXT_RETURN tls_construct_stoc_status_request(SSL *s, WPACKET *pkt, + unsigned int context, X509 *x, + size_t chainidx) + { ++ /* We don't currently support this extension inside a CertificateRequest */ ++ if (context == SSL_EXT_TLS1_3_CERTIFICATE_REQUEST) ++ return EXT_RETURN_NOT_SENT; ++ + if (!s->ext.status_expected) + return EXT_RETURN_NOT_SENT; + +-- +2.32.0 + diff -Nru openssl-1.1.1/debian/patches/0002-Teach-TLSProxy-how-to-parse-CertificateRequest-messa.patch openssl-1.1.1/debian/patches/0002-Teach-TLSProxy-how-to-parse-CertificateRequest-messa.patch --- openssl-1.1.1/debian/patches/0002-Teach-TLSProxy-how-to-parse-CertificateRequest-messa.patch 1969-12-31 17:00:00.000000000 -0700 +++ openssl-1.1.1/debian/patches/0002-Teach-TLSProxy-how-to-parse-CertificateRequest-messa.patch 2021-08-16 08:34:36.000000000 -0600 @@ -0,0 +1,727 @@ +From 6f34a16ea9a4d37e11a26dd4c3694ea5b107e53f Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 5 Sep 2019 16:21:56 +0100 +Subject: [PATCH 2/2] Teach TLSProxy how to parse CertificateRequest messages + +We also use this in test_tls13messages to check that the extensions we +expect to see in a CertificateRequest are there. + +Reviewed-by: Tomas Mraz +(Merged from https://github.com/openssl/openssl/pull/9780) + +(cherry picked from commit dc5bcb88d819de55eb37460c122e02fec91c6d86) +--- + test/recipes/70-test_sslmessages.t | 25 +++++- + test/recipes/70-test_tls13kexmodes.t | 36 +++++++- + test/recipes/70-test_tls13messages.t | 89 +++++++++++++++---- + util/perl/TLSProxy/CertificateRequest.pm | 105 +++++++++++++++++++++++ + util/perl/TLSProxy/Message.pm | 14 +++ + util/perl/TLSProxy/Proxy.pm | 1 + + util/perl/checkhandshake.pm | 18 ++-- + 7 files changed, 262 insertions(+), 26 deletions(-) + create mode 100644 util/perl/TLSProxy/CertificateRequest.pm + +Index: openssl-1.1.1/test/recipes/70-test_sslmessages.t +=================================================================== +--- openssl-1.1.1.orig/test/recipes/70-test_sslmessages.t ++++ openssl-1.1.1/test/recipes/70-test_sslmessages.t +@@ -95,58 +95,81 @@ my $proxy = TLSProxy::Proxy->new( + + @extensions = ( + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + (disabled("ec") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, + TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS]), + (disabled("ec") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, + TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS]), + (disabled("tls1_2") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS]), + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_RENEGOTIATE, ++ TLSProxy::Message::CLIENT, + checkhandshake::RENEGOTIATE_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_NPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::NPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SRP, ++ TLSProxy::Message::CLIENT, + checkhandshake::SRP_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_RENEGOTIATE, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::SERVER, + checkhandshake::SESSION_TICKET_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::SERVER, + checkhandshake::SERVER_NAME_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::SERVER, + checkhandshake::STATUS_REQUEST_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::SERVER, + checkhandshake::ALPN_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::SERVER, + checkhandshake::SCT_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_NPN, ++ TLSProxy::Message::SERVER, + checkhandshake::NPN_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::SERVER, + checkhandshake::EC_POINT_FORMAT_SRV_EXTENSION], +- [0,0,0] ++ [0,0,0,0] + ); + + #Test 1: Check we get all the right messages for a default handshake +Index: openssl-1.1.1/test/recipes/70-test_tls13kexmodes.t +=================================================================== +--- openssl-1.1.1.orig/test/recipes/70-test_tls13kexmodes.t ++++ openssl-1.1.1/test/recipes/70-test_tls13kexmodes.t +@@ -62,78 +62,112 @@ $ENV{CTLOG_FILE} = srctop_file("test", " + + @extensions = ( + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_KEX_MODES_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::SERVER, + checkhandshake::KEY_SHARE_HRR_EXTENSION], + + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_KEX_MODES_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::SERVER, + checkhandshake::KEY_SHARE_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::SERVER, + checkhandshake::PSK_SRV_EXTENSION], + + [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::SERVER, + checkhandshake::STATUS_REQUEST_SRV_EXTENSION], +- [0,0,0] ++ [0,0,0,0] + ); + + use constant { +Index: openssl-1.1.1/test/recipes/70-test_tls13messages.t +=================================================================== +--- openssl-1.1.1.orig/test/recipes/70-test_tls13messages.t ++++ openssl-1.1.1/test/recipes/70-test_tls13messages.t +@@ -62,92 +62,136 @@ $ENV{CTLOG_FILE} = srctop_file("test", " + + @extensions = ( + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH, ++ TLSProxy::Message::CLIENT, + checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::SERVER, + checkhandshake::KEY_SHARE_HRR_EXTENSION], + + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH, ++ TLSProxy::Message::CLIENT, + checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::SERVER, + checkhandshake::PSK_SRV_EXTENSION], + + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::SERVER, + checkhandshake::SERVER_NAME_SRV_EXTENSION], + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::SERVER, + checkhandshake::ALPN_SRV_EXTENSION], + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::SERVER, + checkhandshake::SUPPORTED_GROUPS_SRV_EXTENSION], + ++ [TLSProxy::Message::MT_CERTIFICATE_REQUEST, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::SERVER, ++ checkhandshake::DEFAULT_EXTENSIONS], ++ + [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::SERVER, + checkhandshake::STATUS_REQUEST_SRV_EXTENSION], + [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::SERVER, + checkhandshake::SCT_SRV_EXTENSION], + +- [0,0,0] ++ [0,0,0,0] + ); + + my $proxy = TLSProxy::Proxy->new( +@@ -163,7 +207,7 @@ $proxy->serverconnects(2); + $proxy->clientflags("-sess_out ".$session); + $proxy->sessionfile($session); + $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +-plan tests => 16; ++plan tests => 17; + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "Default handshake test"); +@@ -179,7 +223,7 @@ checkhandshake($proxy, checkhandshake::R + "Resumption handshake test"); + + SKIP: { +- skip "No OCSP support in this OpenSSL build", 3 ++ skip "No OCSP support in this OpenSSL build", 4 + if disabled("ct") || disabled("ec") || disabled("ocsp"); + #Test 3: A status_request handshake (client request only) + $proxy->clear(); +@@ -210,9 +254,23 @@ SKIP: { + | checkhandshake::STATUS_REQUEST_CLI_EXTENSION + | checkhandshake::STATUS_REQUEST_SRV_EXTENSION, + "status_request handshake test"); ++ ++ #Test 6: A status_request handshake (client and server) with client auth ++ $proxy->clear(); ++ $proxy->clientflags("-status -enable_pha -cert " ++ .srctop_file("apps", "server.pem")); ++ $proxy->serverflags("-Verify 5 -status_file " ++ .srctop_file("test", "recipes", "ocsp-response.der")); ++ $proxy->start(); ++ checkhandshake($proxy, checkhandshake::CLIENT_AUTH_HANDSHAKE, ++ checkhandshake::DEFAULT_EXTENSIONS ++ | checkhandshake::STATUS_REQUEST_CLI_EXTENSION ++ | checkhandshake::STATUS_REQUEST_SRV_EXTENSION ++ | checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION, ++ "status_request handshake with client auth test"); + } + +-#Test 6: A client auth handshake ++#Test 7: A client auth handshake + $proxy->clear(); + $proxy->clientflags("-enable_pha -cert ".srctop_file("apps", "server.pem")); + $proxy->serverflags("-Verify 5"); +@@ -222,7 +280,7 @@ checkhandshake($proxy, checkhandshake::C + checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION, + "Client auth handshake test"); + +-#Test 7: Server name handshake (no client request) ++#Test 8: Server name handshake (no client request) + $proxy->clear(); + $proxy->clientflags("-noservername"); + $proxy->start(); +@@ -231,7 +289,7 @@ checkhandshake($proxy, checkhandshake::D + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, + "Server name handshake test (client)"); + +-#Test 8: Server name handshake (server support only) ++#Test 9: Server name handshake (server support only) + $proxy->clear(); + $proxy->clientflags("-noservername"); + $proxy->serverflags("-servername testhost"); +@@ -241,7 +299,7 @@ checkhandshake($proxy, checkhandshake::D + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, + "Server name handshake test (server)"); + +-#Test 9: Server name handshake (client and server) ++#Test 10: Server name handshake (client and server) + $proxy->clear(); + $proxy->clientflags("-servername testhost"); + $proxy->serverflags("-servername testhost"); +@@ -251,7 +309,7 @@ checkhandshake($proxy, checkhandshake::D + | checkhandshake::SERVER_NAME_SRV_EXTENSION, + "Server name handshake test"); + +-#Test 10: ALPN handshake (client request only) ++#Test 11: ALPN handshake (client request only) + $proxy->clear(); + $proxy->clientflags("-alpn test"); + $proxy->start(); +@@ -260,7 +318,7 @@ checkhandshake($proxy, checkhandshake::D + | checkhandshake::ALPN_CLI_EXTENSION, + "ALPN handshake test (client)"); + +-#Test 11: ALPN handshake (server support only) ++#Test 12: ALPN handshake (server support only) + $proxy->clear(); + $proxy->serverflags("-alpn test"); + $proxy->start(); +@@ -268,7 +326,7 @@ checkhandshake($proxy, checkhandshake::D + checkhandshake::DEFAULT_EXTENSIONS, + "ALPN handshake test (server)"); + +-#Test 12: ALPN handshake (client and server) ++#Test 13: ALPN handshake (client and server) + $proxy->clear(); + $proxy->clientflags("-alpn test"); + $proxy->serverflags("-alpn test"); +@@ -283,7 +341,7 @@ SKIP: { + skip "No CT, EC or OCSP support in this OpenSSL build", 1 + if disabled("ct") || disabled("ec") || disabled("ocsp"); + +- #Test 13: SCT handshake (client request only) ++ #Test 14: SCT handshake (client request only) + $proxy->clear(); + #Note: -ct also sends status_request + $proxy->clientflags("-ct"); +@@ -300,10 +358,7 @@ SKIP: { + "SCT handshake test"); + } + +- +- +- +-#Test 14: HRR Handshake ++#Test 15: HRR Handshake + $proxy->clear(); + $proxy->serverflags("-curves P-256"); + $proxy->start(); +@@ -312,7 +367,7 @@ checkhandshake($proxy, checkhandshake::H + | checkhandshake::KEY_SHARE_HRR_EXTENSION, + "HRR handshake test"); + +-#Test 15: Resumption handshake with HRR ++#Test 16: Resumption handshake with HRR + $proxy->clear(); + $proxy->clientflags("-sess_in ".$session); + $proxy->serverflags("-curves P-256"); +@@ -324,7 +379,7 @@ checkhandshake($proxy, checkhandshake::H + | checkhandshake::PSK_SRV_EXTENSION), + "Resumption handshake with HRR test"); + +-#Test 16: Acceptable but non preferred key_share ++#Test 17: Acceptable but non preferred key_share + $proxy->clear(); + $proxy->clientflags("-curves P-256"); + $proxy->start(); +Index: openssl-1.1.1/util/perl/TLSProxy/CertificateRequest.pm +=================================================================== +--- /dev/null ++++ openssl-1.1.1/util/perl/TLSProxy/CertificateRequest.pm +@@ -0,0 +1,105 @@ ++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++use strict; ++ ++package TLSProxy::CertificateRequest; ++ ++use vars '@ISA'; ++push @ISA, 'TLSProxy::Message'; ++ ++sub new ++{ ++ my $class = shift; ++ my ($server, ++ $data, ++ $records, ++ $startoffset, ++ $message_frag_lens) = @_; ++ ++ my $self = $class->SUPER::new( ++ $server, ++ TLSProxy::Message::MT_CERTIFICATE_REQUEST, ++ $data, ++ $records, ++ $startoffset, ++ $message_frag_lens); ++ ++ $self->{extension_data} = ""; ++ ++ return $self; ++} ++ ++sub parse ++{ ++ my $self = shift; ++ my $ptr = 1; ++ ++ if (TLSProxy::Proxy->is_tls13()) { ++ my $request_ctx_len = unpack('C', $self->data); ++ my $request_ctx = substr($self->data, $ptr, $request_ctx_len); ++ $ptr += $request_ctx_len; ++ ++ my $extensions_len = unpack('n', substr($self->data, $ptr)); ++ $ptr += 2; ++ my $extension_data = substr($self->data, $ptr); ++ if (length($extension_data) != $extensions_len) { ++ die "Invalid extension length\n"; ++ } ++ my %extensions = (); ++ while (length($extension_data) >= 4) { ++ my ($type, $size) = unpack("nn", $extension_data); ++ my $extdata = substr($extension_data, 4, $size); ++ $extension_data = substr($extension_data, 4 + $size); ++ $extensions{$type} = $extdata; ++ } ++ $self->extension_data(\%extensions); ++ ++ print " Extensions Len:".$extensions_len."\n"; ++ } ++ # else parse TLSv1.2 version - we don't support that at the moment ++} ++ ++#Reconstruct the on-the-wire message data following changes ++sub set_message_contents ++{ ++ my $self = shift; ++ my $data; ++ my $extensions = ""; ++ ++ foreach my $key (keys %{$self->extension_data}) { ++ my $extdata = ${$self->extension_data}{$key}; ++ $extensions .= pack("n", $key); ++ $extensions .= pack("n", length($extdata)); ++ $extensions .= $extdata; ++ } ++ ++ $data = pack('n', length($extensions)); ++ $data .= $extensions; ++ $self->data($data); ++} ++ ++#Read/write accessors ++sub extension_data ++{ ++ my $self = shift; ++ if (@_) { ++ $self->{extension_data} = shift; ++ } ++ return $self->{extension_data}; ++} ++sub set_extension ++{ ++ my ($self, $ext_type, $ext_data) = @_; ++ $self->{extension_data}{$ext_type} = $ext_data; ++} ++sub delete_extension ++{ ++ my ($self, $ext_type) = @_; ++ delete $self->{extension_data}{$ext_type}; ++} ++1; +Index: openssl-1.1.1/util/perl/TLSProxy/Message.pm +=================================================================== +--- openssl-1.1.1.orig/util/perl/TLSProxy/Message.pm ++++ openssl-1.1.1/util/perl/TLSProxy/Message.pm +@@ -132,6 +132,11 @@ use constant { + CIPHER_TLS13_AES_256_GCM_SHA384 => 0x1302 + }; + ++use constant { ++ CLIENT => 0, ++ SERVER => 1 ++}; ++ + my $payload = ""; + my $messlen = -1; + my $mt; +@@ -337,6 +342,15 @@ sub create_message + $server, + $data, + [@message_rec_list], ++ $startoffset, ++ [@message_frag_lens] ++ ); ++ $message->parse(); ++ } elsif ($mt == MT_CERTIFICATE_REQUEST) { ++ $message = TLSProxy::CertificateRequest->new( ++ $server, ++ $data, ++ [@message_rec_list], + $startoffset, + [@message_frag_lens] + ); +Index: openssl-1.1.1/util/perl/TLSProxy/Proxy.pm +=================================================================== +--- openssl-1.1.1.orig/util/perl/TLSProxy/Proxy.pm ++++ openssl-1.1.1/util/perl/TLSProxy/Proxy.pm +@@ -19,6 +19,7 @@ use TLSProxy::ClientHello; + use TLSProxy::ServerHello; + use TLSProxy::EncryptedExtensions; + use TLSProxy::Certificate; ++use TLSProxy::CertificateRequest; + use TLSProxy::CertificateVerify; + use TLSProxy::ServerKeyExchange; + use TLSProxy::NewSessionTicket; +Index: openssl-1.1.1/util/perl/checkhandshake.pm +=================================================================== +--- openssl-1.1.1.orig/util/perl/checkhandshake.pm ++++ openssl-1.1.1/util/perl/checkhandshake.pm +@@ -116,7 +116,8 @@ sub checkhandshake($$$$) + && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO + && $message->mt() != + TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS +- && $message->mt() != TLSProxy::Message::MT_CERTIFICATE); ++ && $message->mt() != TLSProxy::Message::MT_CERTIFICATE ++ && $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST); + + next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE + && !TLSProxy::Proxy::is_tls13(); +@@ -124,7 +125,7 @@ sub checkhandshake($$$$) + my $extchnum = 1; + my $extshnum = 1; + for (my $extloop = 0; +- $extensions[$extloop][2] != 0; ++ $extensions[$extloop][3] != 0; + $extloop++) { + $extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO + && TLSProxy::Proxy::is_tls13(); +@@ -135,6 +136,7 @@ sub checkhandshake($$$$) + next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO + && $extshnum != $shnum; + next if ($message->mt() != $extensions[$extloop][0]); ++ next if ($message->server() != $extensions[$extloop][2]); + $numtests++; + } + $numtests++; +@@ -182,7 +184,8 @@ sub checkhandshake($$$$) + && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO + && $message->mt() != + TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS +- && $message->mt() != TLSProxy::Message::MT_CERTIFICATE); ++ && $message->mt() != TLSProxy::Message::MT_CERTIFICATE ++ && $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST); + + next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE + && !TLSProxy::Proxy::is_tls13(); +@@ -197,7 +200,7 @@ sub checkhandshake($$$$) + my $msgexts = $message->extension_data(); + my $extchnum = 1; + my $extshnum = 1; +- for (my $extloop = 0, $extcount = 0; $extensions[$extloop][2] != 0; ++ for (my $extloop = 0, $extcount = 0; $extensions[$extloop][3] != 0; + $extloop++) { + #In TLSv1.3 we can have two ClientHellos if there has been a + #HelloRetryRequest, and they may have different extensions. Skip +@@ -211,12 +214,13 @@ sub checkhandshake($$$$) + next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO + && $extshnum != $shnum; + next if ($message->mt() != $extensions[$extloop][0]); +- ok (($extensions[$extloop][2] & $exttype) == 0 ++ next if ($message->server() != $extensions[$extloop][2]); ++ ok (($extensions[$extloop][3] & $exttype) == 0 + || defined ($msgexts->{$extensions[$extloop][1]}), + "Extension presence check (Message: ".$message->mt() +- ." Extension: ".($extensions[$extloop][2] & $exttype).", " ++ ." Extension: ".($extensions[$extloop][3] & $exttype).", " + .$extloop.")"); +- $extcount++ if (($extensions[$extloop][2] & $exttype) != 0); ++ $extcount++ if (($extensions[$extloop][3] & $exttype) != 0); + } + ok($extcount == keys %$msgexts, "Extensions count mismatch (" + .$extcount.", ".(keys %$msgexts) diff -Nru openssl-1.1.1/debian/patches/9780.patch openssl-1.1.1/debian/patches/9780.patch --- openssl-1.1.1/debian/patches/9780.patch 1969-12-31 17:00:00.000000000 -0700 +++ openssl-1.1.1/debian/patches/9780.patch 2021-08-16 08:10:49.000000000 -0600 @@ -0,0 +1,740 @@ +From 93e26cedac20844733d59f33e313880da17fa23a Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 5 Sep 2019 16:43:57 +0100 +Subject: [PATCH 1/2] Don't send a status_request extension in a + CertificateRequest message + +If a TLSv1.3 server configured to respond to the status_request extension +also attempted to send a CertificateRequest then it was incorrectly +inserting a non zero length status_request extension into that message. + +The TLSv1.3 RFC does allow that extension in that message but it must +always be zero length. + +In fact we should not be sending the extension at all in that message +because we don't support it. + +Fixes #9767 +--- + ssl/statem/extensions_srvr.c | 4 ++++ + 1 file changed, 4 insertions(+) + +Index: openssl-1.1.1/ssl/statem/extensions_srvr.c +=================================================================== +--- openssl-1.1.1.orig/ssl/statem/extensions_srvr.c ++++ openssl-1.1.1/ssl/statem/extensions_srvr.c +@@ -1487,6 +1487,10 @@ EXT_RETURN tls_construct_stoc_status_req + unsigned int context, X509 *x, + size_t chainidx) + { ++ /* We don't currently support this extension inside a CertificateRequest */ ++ if (context == SSL_EXT_TLS1_3_CERTIFICATE_REQUEST) ++ return EXT_RETURN_NOT_SENT; ++ + if (!s->ext.status_expected) + return EXT_RETURN_NOT_SENT; + +Index: openssl-1.1.1/test/recipes/70-test_sslmessages.t +=================================================================== +--- openssl-1.1.1.orig/test/recipes/70-test_sslmessages.t ++++ openssl-1.1.1/test/recipes/70-test_sslmessages.t +@@ -95,58 +95,81 @@ my $proxy = TLSProxy::Proxy->new( + + @extensions = ( + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + (disabled("ec") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, + TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS]), + (disabled("ec") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, + TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS]), + (disabled("tls1_2") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS]), + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_RENEGOTIATE, ++ TLSProxy::Message::CLIENT, + checkhandshake::RENEGOTIATE_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_NPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::NPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SRP, ++ TLSProxy::Message::CLIENT, + checkhandshake::SRP_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_RENEGOTIATE, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::SERVER, + checkhandshake::SESSION_TICKET_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::SERVER, + checkhandshake::SERVER_NAME_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::SERVER, + checkhandshake::STATUS_REQUEST_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::SERVER, + checkhandshake::ALPN_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::SERVER, + checkhandshake::SCT_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_NPN, ++ TLSProxy::Message::SERVER, + checkhandshake::NPN_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::SERVER, + checkhandshake::EC_POINT_FORMAT_SRV_EXTENSION], +- [0,0,0] ++ [0,0,0,0] + ); + + #Test 1: Check we get all the right messages for a default handshake +Index: openssl-1.1.1/test/recipes/70-test_tls13kexmodes.t +=================================================================== +--- openssl-1.1.1.orig/test/recipes/70-test_tls13kexmodes.t ++++ openssl-1.1.1/test/recipes/70-test_tls13kexmodes.t +@@ -62,78 +62,112 @@ $ENV{CTLOG_FILE} = srctop_file("test", " + + @extensions = ( + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_KEX_MODES_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::SERVER, + checkhandshake::KEY_SHARE_HRR_EXTENSION], + + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_KEX_MODES_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::SERVER, + checkhandshake::KEY_SHARE_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::SERVER, + checkhandshake::PSK_SRV_EXTENSION], + + [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::SERVER, + checkhandshake::STATUS_REQUEST_SRV_EXTENSION], +- [0,0,0] ++ [0,0,0,0] + ); + + use constant { +Index: openssl-1.1.1/test/recipes/70-test_tls13messages.t +=================================================================== +--- openssl-1.1.1.orig/test/recipes/70-test_tls13messages.t ++++ openssl-1.1.1/test/recipes/70-test_tls13messages.t +@@ -62,92 +62,136 @@ $ENV{CTLOG_FILE} = srctop_file("test", " + + @extensions = ( + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH, ++ TLSProxy::Message::CLIENT, + checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::SERVER, + checkhandshake::KEY_SHARE_HRR_EXTENSION], + + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::CLIENT, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::CLIENT, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::CLIENT, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::CLIENT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, ++ TLSProxy::Message::CLIENT, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::CLIENT, + checkhandshake::PSK_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH, ++ TLSProxy::Message::CLIENT, + checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, ++ TLSProxy::Message::SERVER, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK, ++ TLSProxy::Message::SERVER, + checkhandshake::PSK_SRV_EXTENSION], + + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SERVER_NAME, ++ TLSProxy::Message::SERVER, + checkhandshake::SERVER_NAME_SRV_EXTENSION], + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_ALPN, ++ TLSProxy::Message::SERVER, + checkhandshake::ALPN_SRV_EXTENSION], + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SUPPORTED_GROUPS, ++ TLSProxy::Message::SERVER, + checkhandshake::SUPPORTED_GROUPS_SRV_EXTENSION], + ++ [TLSProxy::Message::MT_CERTIFICATE_REQUEST, TLSProxy::Message::EXT_SIG_ALGS, ++ TLSProxy::Message::SERVER, ++ checkhandshake::DEFAULT_EXTENSIONS], ++ + [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST, ++ TLSProxy::Message::SERVER, + checkhandshake::STATUS_REQUEST_SRV_EXTENSION], + [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_SCT, ++ TLSProxy::Message::SERVER, + checkhandshake::SCT_SRV_EXTENSION], + +- [0,0,0] ++ [0,0,0,0] + ); + + my $proxy = TLSProxy::Proxy->new( +@@ -163,7 +207,7 @@ $proxy->serverconnects(2); + $proxy->clientflags("-sess_out ".$session); + $proxy->sessionfile($session); + $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +-plan tests => 16; ++plan tests => 17; + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "Default handshake test"); +@@ -179,7 +223,7 @@ checkhandshake($proxy, checkhandshake::R + "Resumption handshake test"); + + SKIP: { +- skip "No OCSP support in this OpenSSL build", 3 ++ skip "No OCSP support in this OpenSSL build", 4 + if disabled("ct") || disabled("ec") || disabled("ocsp"); + #Test 3: A status_request handshake (client request only) + $proxy->clear(); +@@ -210,9 +254,23 @@ SKIP: { + | checkhandshake::STATUS_REQUEST_CLI_EXTENSION + | checkhandshake::STATUS_REQUEST_SRV_EXTENSION, + "status_request handshake test"); ++ ++ #Test 6: A status_request handshake (client and server) with client auth ++ $proxy->clear(); ++ $proxy->clientflags("-status -enable_pha -cert " ++ .srctop_file("apps", "server.pem")); ++ $proxy->serverflags("-Verify 5 -status_file " ++ .srctop_file("test", "recipes", "ocsp-response.der")); ++ $proxy->start(); ++ checkhandshake($proxy, checkhandshake::CLIENT_AUTH_HANDSHAKE, ++ checkhandshake::DEFAULT_EXTENSIONS ++ | checkhandshake::STATUS_REQUEST_CLI_EXTENSION ++ | checkhandshake::STATUS_REQUEST_SRV_EXTENSION ++ | checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION, ++ "status_request handshake with client auth test"); + } + +-#Test 6: A client auth handshake ++#Test 7: A client auth handshake + $proxy->clear(); + $proxy->clientflags("-enable_pha -cert ".srctop_file("apps", "server.pem")); + $proxy->serverflags("-Verify 5"); +@@ -222,7 +280,7 @@ checkhandshake($proxy, checkhandshake::C + checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION, + "Client auth handshake test"); + +-#Test 7: Server name handshake (no client request) ++#Test 8: Server name handshake (no client request) + $proxy->clear(); + $proxy->clientflags("-noservername"); + $proxy->start(); +@@ -231,7 +289,7 @@ checkhandshake($proxy, checkhandshake::D + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, + "Server name handshake test (client)"); + +-#Test 8: Server name handshake (server support only) ++#Test 9: Server name handshake (server support only) + $proxy->clear(); + $proxy->clientflags("-noservername"); + $proxy->serverflags("-servername testhost"); +@@ -241,7 +299,7 @@ checkhandshake($proxy, checkhandshake::D + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, + "Server name handshake test (server)"); + +-#Test 9: Server name handshake (client and server) ++#Test 10: Server name handshake (client and server) + $proxy->clear(); + $proxy->clientflags("-servername testhost"); + $proxy->serverflags("-servername testhost"); +@@ -251,7 +309,7 @@ checkhandshake($proxy, checkhandshake::D + | checkhandshake::SERVER_NAME_SRV_EXTENSION, + "Server name handshake test"); + +-#Test 10: ALPN handshake (client request only) ++#Test 11: ALPN handshake (client request only) + $proxy->clear(); + $proxy->clientflags("-alpn test"); + $proxy->start(); +@@ -260,7 +318,7 @@ checkhandshake($proxy, checkhandshake::D + | checkhandshake::ALPN_CLI_EXTENSION, + "ALPN handshake test (client)"); + +-#Test 11: ALPN handshake (server support only) ++#Test 12: ALPN handshake (server support only) + $proxy->clear(); + $proxy->serverflags("-alpn test"); + $proxy->start(); +@@ -268,7 +326,7 @@ checkhandshake($proxy, checkhandshake::D + checkhandshake::DEFAULT_EXTENSIONS, + "ALPN handshake test (server)"); + +-#Test 12: ALPN handshake (client and server) ++#Test 13: ALPN handshake (client and server) + $proxy->clear(); + $proxy->clientflags("-alpn test"); + $proxy->serverflags("-alpn test"); +@@ -283,7 +341,7 @@ SKIP: { + skip "No CT, EC or OCSP support in this OpenSSL build", 1 + if disabled("ct") || disabled("ec") || disabled("ocsp"); + +- #Test 13: SCT handshake (client request only) ++ #Test 14: SCT handshake (client request only) + $proxy->clear(); + #Note: -ct also sends status_request + $proxy->clientflags("-ct"); +@@ -300,10 +358,7 @@ SKIP: { + "SCT handshake test"); + } + +- +- +- +-#Test 14: HRR Handshake ++#Test 15: HRR Handshake + $proxy->clear(); + $proxy->serverflags("-curves P-256"); + $proxy->start(); +@@ -312,7 +367,7 @@ checkhandshake($proxy, checkhandshake::H + | checkhandshake::KEY_SHARE_HRR_EXTENSION, + "HRR handshake test"); + +-#Test 15: Resumption handshake with HRR ++#Test 16: Resumption handshake with HRR + $proxy->clear(); + $proxy->clientflags("-sess_in ".$session); + $proxy->serverflags("-curves P-256"); +@@ -324,7 +379,7 @@ checkhandshake($proxy, checkhandshake::H + | checkhandshake::PSK_SRV_EXTENSION), + "Resumption handshake with HRR test"); + +-#Test 16: Acceptable but non preferred key_share ++#Test 17: Acceptable but non preferred key_share + $proxy->clear(); + $proxy->clientflags("-curves P-256"); + $proxy->start(); +Index: openssl-1.1.1/util/perl/TLSProxy/CertificateRequest.pm +=================================================================== +--- /dev/null ++++ openssl-1.1.1/util/perl/TLSProxy/CertificateRequest.pm +@@ -0,0 +1,105 @@ ++# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. ++# ++# Licensed under the Apache License 2.0 (the "License"). You may not use ++# this file except in compliance with the License. You can obtain a copy ++# in the file LICENSE in the source distribution or at ++# https://www.openssl.org/source/license.html ++ ++use strict; ++ ++package TLSProxy::CertificateRequest; ++ ++use vars '@ISA'; ++push @ISA, 'TLSProxy::Message'; ++ ++sub new ++{ ++ my $class = shift; ++ my ($server, ++ $data, ++ $records, ++ $startoffset, ++ $message_frag_lens) = @_; ++ ++ my $self = $class->SUPER::new( ++ $server, ++ TLSProxy::Message::MT_CERTIFICATE_REQUEST, ++ $data, ++ $records, ++ $startoffset, ++ $message_frag_lens); ++ ++ $self->{extension_data} = ""; ++ ++ return $self; ++} ++ ++sub parse ++{ ++ my $self = shift; ++ my $ptr = 1; ++ ++ if (TLSProxy::Proxy->is_tls13()) { ++ my $request_ctx_len = unpack('C', $self->data); ++ my $request_ctx = substr($self->data, $ptr, $request_ctx_len); ++ $ptr += $request_ctx_len; ++ ++ my $extensions_len = unpack('n', substr($self->data, $ptr)); ++ $ptr += 2; ++ my $extension_data = substr($self->data, $ptr); ++ if (length($extension_data) != $extensions_len) { ++ die "Invalid extension length\n"; ++ } ++ my %extensions = (); ++ while (length($extension_data) >= 4) { ++ my ($type, $size) = unpack("nn", $extension_data); ++ my $extdata = substr($extension_data, 4, $size); ++ $extension_data = substr($extension_data, 4 + $size); ++ $extensions{$type} = $extdata; ++ } ++ $self->extension_data(\%extensions); ++ ++ print " Extensions Len:".$extensions_len."\n"; ++ } ++ # else parse TLSv1.2 version - we don't support that at the moment ++} ++ ++#Reconstruct the on-the-wire message data following changes ++sub set_message_contents ++{ ++ my $self = shift; ++ my $data; ++ my $extensions = ""; ++ ++ foreach my $key (keys %{$self->extension_data}) { ++ my $extdata = ${$self->extension_data}{$key}; ++ $extensions .= pack("n", $key); ++ $extensions .= pack("n", length($extdata)); ++ $extensions .= $extdata; ++ } ++ ++ $data = pack('n', length($extensions)); ++ $data .= $extensions; ++ $self->data($data); ++} ++ ++#Read/write accessors ++sub extension_data ++{ ++ my $self = shift; ++ if (@_) { ++ $self->{extension_data} = shift; ++ } ++ return $self->{extension_data}; ++} ++sub set_extension ++{ ++ my ($self, $ext_type, $ext_data) = @_; ++ $self->{extension_data}{$ext_type} = $ext_data; ++} ++sub delete_extension ++{ ++ my ($self, $ext_type) = @_; ++ delete $self->{extension_data}{$ext_type}; ++} ++1; +Index: openssl-1.1.1/util/perl/TLSProxy/Message.pm +=================================================================== +--- openssl-1.1.1.orig/util/perl/TLSProxy/Message.pm ++++ openssl-1.1.1/util/perl/TLSProxy/Message.pm +@@ -132,6 +132,11 @@ use constant { + CIPHER_TLS13_AES_256_GCM_SHA384 => 0x1302 + }; + ++use constant { ++ CLIENT => 0, ++ SERVER => 1 ++}; ++ + my $payload = ""; + my $messlen = -1; + my $mt; +@@ -337,6 +342,15 @@ sub create_message + $server, + $data, + [@message_rec_list], ++ $startoffset, ++ [@message_frag_lens] ++ ); ++ $message->parse(); ++ } elsif ($mt == MT_CERTIFICATE_REQUEST) { ++ $message = TLSProxy::CertificateRequest->new( ++ $server, ++ $data, ++ [@message_rec_list], + $startoffset, + [@message_frag_lens] + ); +Index: openssl-1.1.1/util/perl/TLSProxy/Proxy.pm +=================================================================== +--- openssl-1.1.1.orig/util/perl/TLSProxy/Proxy.pm ++++ openssl-1.1.1/util/perl/TLSProxy/Proxy.pm +@@ -19,6 +19,7 @@ use TLSProxy::ClientHello; + use TLSProxy::ServerHello; + use TLSProxy::EncryptedExtensions; + use TLSProxy::Certificate; ++use TLSProxy::CertificateRequest; + use TLSProxy::CertificateVerify; + use TLSProxy::ServerKeyExchange; + use TLSProxy::NewSessionTicket; +Index: openssl-1.1.1/util/perl/checkhandshake.pm +=================================================================== +--- openssl-1.1.1.orig/util/perl/checkhandshake.pm ++++ openssl-1.1.1/util/perl/checkhandshake.pm +@@ -116,7 +116,8 @@ sub checkhandshake($$$$) + && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO + && $message->mt() != + TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS +- && $message->mt() != TLSProxy::Message::MT_CERTIFICATE); ++ && $message->mt() != TLSProxy::Message::MT_CERTIFICATE ++ && $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST); + + next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE + && !TLSProxy::Proxy::is_tls13(); +@@ -124,7 +125,7 @@ sub checkhandshake($$$$) + my $extchnum = 1; + my $extshnum = 1; + for (my $extloop = 0; +- $extensions[$extloop][2] != 0; ++ $extensions[$extloop][3] != 0; + $extloop++) { + $extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO + && TLSProxy::Proxy::is_tls13(); +@@ -135,6 +136,7 @@ sub checkhandshake($$$$) + next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO + && $extshnum != $shnum; + next if ($message->mt() != $extensions[$extloop][0]); ++ next if ($message->server() != $extensions[$extloop][2]); + $numtests++; + } + $numtests++; +@@ -182,7 +184,8 @@ sub checkhandshake($$$$) + && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO + && $message->mt() != + TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS +- && $message->mt() != TLSProxy::Message::MT_CERTIFICATE); ++ && $message->mt() != TLSProxy::Message::MT_CERTIFICATE ++ && $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST); + + next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE + && !TLSProxy::Proxy::is_tls13(); +@@ -197,7 +200,7 @@ sub checkhandshake($$$$) + my $msgexts = $message->extension_data(); + my $extchnum = 1; + my $extshnum = 1; +- for (my $extloop = 0, $extcount = 0; $extensions[$extloop][2] != 0; ++ for (my $extloop = 0, $extcount = 0; $extensions[$extloop][3] != 0; + $extloop++) { + #In TLSv1.3 we can have two ClientHellos if there has been a + #HelloRetryRequest, and they may have different extensions. Skip +@@ -211,12 +214,13 @@ sub checkhandshake($$$$) + next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO + && $extshnum != $shnum; + next if ($message->mt() != $extensions[$extloop][0]); +- ok (($extensions[$extloop][2] & $exttype) == 0 ++ next if ($message->server() != $extensions[$extloop][2]); ++ ok (($extensions[$extloop][3] & $exttype) == 0 + || defined ($msgexts->{$extensions[$extloop][1]}), + "Extension presence check (Message: ".$message->mt() +- ." Extension: ".($extensions[$extloop][2] & $exttype).", " ++ ." Extension: ".($extensions[$extloop][3] & $exttype).", " + .$extloop.")"); +- $extcount++ if (($extensions[$extloop][2] & $exttype) != 0); ++ $extcount++ if (($extensions[$extloop][3] & $exttype) != 0); + } + ok($extcount == keys %$msgexts, "Extensions count mismatch (" + .$extcount.", ".(keys %$msgexts) diff -Nru openssl-1.1.1/debian/patches/series openssl-1.1.1/debian/patches/series --- openssl-1.1.1/debian/patches/series 2021-07-23 06:32:42.000000000 -0600 +++ openssl-1.1.1/debian/patches/series 2021-08-16 08:35:07.000000000 -0600 @@ -31,3 +31,5 @@ CVE-2021-3449-3.patch CVE-2021-3449-4.patch lp1931994-s390x-evp-init-fix.patch +0001-Don-t-send-a-status_request-extension-in-a-Certifica.patch +0002-Teach-TLSProxy-how-to-parse-CertificateRequest-messa.patch