From: David Woodhouse <dwmw2@infradead.org>
Date: Tue, 4 May 2021 14:43:08 +0000 (+0100)
Subject: DTLS: Don't require secure renegotiation from Cisco
X-Git-Tag: v8.20~234
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=9457f409e5fd7fdc790be4bf27e589885c9cc559;p=users%2Fdwmw2%2Fopenconnect.git

DTLS: Don't require secure renegotiation from Cisco

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
---

diff --git a/openssl-dtls.c b/openssl-dtls.c
index 7bd38f3d..61cac6ee 100644
--- a/openssl-dtls.c
+++ b/openssl-dtls.c
@@ -435,6 +435,15 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
 			 */
 			SSL_CTX_set_options(vpninfo->dtls_ctx, SSL_OP_NO_ENCRYPT_THEN_MAC);
 #endif
+#ifdef SSL_OP_LEGACY_SERVER_CONNECT
+			/*
+			 * Since https://github.com/openssl/openssl/pull/15127, OpenSSL
+			 * *requires* secure renegotiation support by default. For interop
+			 * with Cisco's resumed DTLS sessions, we have to turn that off.
+			 */
+			if (dtlsver)
+				SSL_CTX_set_options(vpninfo->dtls_ctx, SSL_OP_LEGACY_SERVER_CONNECT);
+#endif
 #ifdef SSL_OP_NO_EXTENDED_MASTER_SECRET
 			/* RFC7627 says:
 			 *
diff --git a/tests/bad_dtls_test.c b/tests/bad_dtls_test.c
index c123c8f8..85f023a7 100644
--- a/tests/bad_dtls_test.c
+++ b/tests/bad_dtls_test.c
@@ -788,7 +788,8 @@ int main(int argc, char *argv[])
     ctx = SSL_CTX_new(DTLS_client_method());
     if (ctx == NULL ||
 	!SSL_CTX_set_min_proto_version(ctx, DTLS1_BAD_VER) ||
-	!SSL_CTX_set_max_proto_version(ctx, DTLS1_BAD_VER)) {
+	!SSL_CTX_set_max_proto_version(ctx, DTLS1_BAD_VER) ||
+	!SSL_CTX_set_options(ctx, SSL_OP_LEGACY_SERVER_CONNECT)) {
         printf("Failed to allocate SSL_CTX\n");
         goto end_md;
     }