tlshd: use gnutls_psk_allocate_{client,server}_credentials2

hreinecke · hreinecke · commit 7af8cc7d0bc4 · 2025-03-18T10:12:29.000+01:00
There is a merge request to gnutls (#11939) to implement
gnutls_psk_allocate_client_credentials2() and
gnutls_psk_allocate_server_credentials2(). These new functions
allow to specify the binder algorithm, to overcome the defect
in gnutls to always use SHA256 when calculating the binder value.
So update the code to use these functions if available.

Signed-off-by: Hannes Reinecke &lt;hare@suse.de&gt;
diff --git a/configure.ac b/configure.ac
@@ -76,6 +76,9 @@ AC_CHECK_LIB([gnutls], [gnutls_protocol_set_enabled],
 AC_CHECK_LIB([gnutls], [gnutls_get_system_config_file],
              [AC_DEFINE([HAVE_GNUTLS_GET_SYSTEM_CONFIG_FILE], [1],
                         [Define to 1 if you have the gnutls_get_system_config_file function.])])
+AC_CHECK_LIB([gnutls], [gnutls_psk_allocate_client_credentials2],
+             [AC_DEFINE([HAVE_GNUTLS_PSK_ALLOCATE_CREDENTIALS2], [1],
+                        [Define to 1 if you have the gnutls_psk_allocate_client_credentials2 function.])])
 AC_SUBST([AM_CPPFLAGS])
 
 AC_CONFIG_FILES([Makefile src/Makefile src/tlshd/Makefile systemd/Makefile])
diff --git a/src/tlshd/client.c b/src/tlshd/client.c
@@ -341,8 +341,14 @@ static void tlshd_tls13_client_x509_handshake(struct tlshd_handshake_parms *parm
 static void tlshd_tls13_client_psk_handshake_one(struct tlshd_handshake_parms *parms,
 						 key_serial_t peerid)
 {
+#ifdef HAVE_GNUTLS_PSK_ALLOCATE_CREDENTIALS2
+	gnutls_mac_algorithm_t mac = GNUTLS_MAC_SHA256;
+#endif
 	gnutls_psk_client_credentials_t psk_cred;
 	gnutls_session_t session;
+#ifdef HAVE_GNUTLS_PSK_ALLOCATE_CREDENTIALS2
+	int version, type, hash;
+#endif
 	gnutls_datum_t key;
 	unsigned int flags;
 	char *identity;
@@ -359,7 +365,27 @@ static void tlshd_tls13_client_psk_handshake_one(struct tlshd_handshake_parms *p
 		return;
 	}
 
+#ifdef HAVE_GNUTLS_PSK_ALLOCATE_CREDENTIALS2
+	if (sscanf(identity, "NVMe%01d%c%02d %*s",
+		   &version, &type, &hash) == 3) {
+		switch (hash) {
+		case 1:
+			mac = GNUTLS_MAC_SHA256;
+			break;
+		case 2:
+			mac = GNUTLS_MAC_SHA384;
+			break;
+		default:
+			tlshd_log_error("invalid key identity");
+			free(identity);
+			return;
+		}
+	}
+
+	ret = gnutls_psk_allocate_client_credentials2(&psk_cred, mac);
+#else
 	ret = gnutls_psk_allocate_client_credentials(&psk_cred);
+#endif
 	if (ret != GNUTLS_E_SUCCESS) {
 		tlshd_log_gnutls_error(ret);
 		free(identity);
diff --git a/src/tlshd/server.c b/src/tlshd/server.c
@@ -327,7 +327,12 @@ static void tlshd_tls13_server_psk_handshake(struct tlshd_handshake_parms *parms
 	gnutls_session_t session;
 	int ret;
 
+#ifdef HAVE_GNUTLS_PSK_ALLOCATE_CREDENTIALS2
+	ret = gnutls_psk_allocate_server_credentials2(&psk_cred,
+						      GNUTLS_MAC_NONE);
+#else
 	ret = gnutls_psk_allocate_server_credentials(&psk_cred);
+#endif
 	if (ret != GNUTLS_E_SUCCESS) {
 		tlshd_log_gnutls_error(ret);
 		return;
