OpenSSL: Simplify EAP-FAST peer workaround

Commit d4913c585ec9b62a667473878a7fd7d8600d3388 ('OpenSSL: Fix EAP-FAST
peer regression') introduced a workaround to use a new SSL_CTX instance
set for TLSv1_method() when using EAP-FAST. While that works, it is
unnecessarily complex since there is not really a need to use a separate
SSL_CTX to be able to do that. Instead, simply use SSL_set_ssl_method()
to update the ssl_method for the SSL instance. In practice, this commit
reverts most of the tls_openssl.c changes from that earlier commit and
adds that single call into tls_connection_set_params() based on EAP-FAST
flag.

Signed-off-by: Jouni Malinen <j@w1.fi>

src/crypto/tls_openssl.c

@@ -118,8 +118,6 @@ struct tls_connection {
 	X509 *peer_cert;
 	X509 *peer_issuer;
 	X509 *peer_issuer_issuer;
-
-	SSL_CTX *ssl_ctx; /* separate context for EAP-FAST workaround */
 };
 
 
@@ -1027,77 +1025,60 @@ static void tls_msg_cb(int write_p, int version, int content_type,
 }
 
 
-static int openssl_new_ssl(SSL_CTX *ssl_ctx, struct tls_connection *conn)
+struct tls_connection * tls_connection_init(void *ssl_ctx)
 {
+	SSL_CTX *ssl = ssl_ctx;
+	struct tls_connection *conn;
 	long options;
 #ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
-	struct tls_context *context = SSL_CTX_get_app_data(ssl_ctx);
+	struct tls_context *context = SSL_CTX_get_app_data(ssl);
 #else /* OPENSSL_SUPPORTS_CTX_APP_DATA */
 	struct tls_context *context = tls_global;
 #endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
-	SSL *ssl;
-	BIO *ssl_in, *ssl_out;
 
-	ssl = SSL_new(ssl_ctx);
-	if (ssl == NULL) {
+	conn = os_zalloc(sizeof(*conn));
+	if (conn == NULL)
+		return NULL;
+	conn->ssl = SSL_new(ssl);
+	if (conn->ssl == NULL) {
 		tls_show_errors(MSG_INFO, __func__,
 				"Failed to initialize new SSL connection");
-		return -1;
+		os_free(conn);
+		return NULL;
 	}
 
-	SSL_set_app_data(ssl, conn);
-	SSL_set_msg_callback(ssl, tls_msg_cb);
-	SSL_set_msg_callback_arg(ssl, conn);
+	conn->context = context;
+	SSL_set_app_data(conn->ssl, conn);
+	SSL_set_msg_callback(conn->ssl, tls_msg_cb);
+	SSL_set_msg_callback_arg(conn->ssl, conn);
 	options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
 		SSL_OP_SINGLE_DH_USE;
 #ifdef SSL_OP_NO_COMPRESSION
 	options |= SSL_OP_NO_COMPRESSION;
 #endif /* SSL_OP_NO_COMPRESSION */
-	SSL_set_options(ssl, options);
+	SSL_set_options(conn->ssl, options);
 
-	ssl_in = BIO_new(BIO_s_mem());
-	if (!ssl_in) {
+	conn->ssl_in = BIO_new(BIO_s_mem());
+	if (!conn->ssl_in) {
 		tls_show_errors(MSG_INFO, __func__,
 				"Failed to create a new BIO for ssl_in");
-		SSL_free(ssl);
-		return -1;
+		SSL_free(conn->ssl);
+		os_free(conn);
+		return NULL;
 	}
 
-	ssl_out = BIO_new(BIO_s_mem());
-	if (!ssl_out) {
+	conn->ssl_out = BIO_new(BIO_s_mem());
+	if (!conn->ssl_out) {
 		tls_show_errors(MSG_INFO, __func__,
 				"Failed to create a new BIO for ssl_out");
-		SSL_free(ssl);
-		BIO_free(ssl_in);
-		return -1;
-	}
-
-	SSL_set_bio(ssl, ssl_in, ssl_out);
-
-	if (conn->ssl)
 		SSL_free(conn->ssl);
-	conn->ssl = ssl;
-	conn->ssl_in = ssl_in;
-	conn->ssl_out = ssl_out;
-	conn->context = context;
-
-	return 0;
-}
-
-
-struct tls_connection * tls_connection_init(void *ssl_ctx)
-{
-	SSL_CTX *ssl = ssl_ctx;
-	struct tls_connection *conn;
-
-	conn = os_zalloc(sizeof(*conn));
-	if (conn == NULL)
-		return NULL;
-	if (openssl_new_ssl(ssl, conn) < 0) {
+		BIO_free(conn->ssl_in);
 		os_free(conn);
 		return NULL;
 	}
 
+	SSL_set_bio(conn->ssl, conn->ssl_in, conn->ssl_out);
+
 	return conn;
 }
 
@@ -1112,8 +1093,6 @@ void tls_connection_deinit(void *ssl_ctx, struct tls_connection *conn)
 	os_free(conn->altsubject_match);
 	os_free(conn->suffix_match);
 	os_free(conn->session_ticket);
-	if (conn->ssl_ctx)
-		SSL_CTX_free(conn->ssl_ctx);
 	os_free(conn);
 }
 
@@ -3219,44 +3198,6 @@ static int ocsp_status_cb(SSL *s, void *arg)
 #endif /* HAVE_OCSP */
 
 
-static int openssl_eap_fast_workaround(
-	struct tls_connection *conn,
-	const struct tls_connection_params *params)
-{
-#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC)
-	if (!(params->flags & TLS_CONN_EAP_FAST))
-		return 0;
-	if (conn->ssl_ctx)
-		return 0; /* already initialized */
-
-	/*
-	 * The default SSL_CTX with SSLv23_method() does not allow session
-	 * ticket from EAP-FAST to be added into ClientHello, so we have to
-	 * create a separate SSL_CTX instance for EAP-FAST uses.
-	 */
-	wpa_printf(MSG_DEBUG, "OpenSSL: Create new SSL_CTX for EAP-FAST");
-
-	conn->ssl_ctx = SSL_CTX_new(TLSv1_method());
-	if (conn->ssl_ctx == NULL)
-		return -1;
-
-	SSL_CTX_set_info_callback(conn->ssl_ctx, ssl_info_cb);
-#ifdef OPENSSL_SUPPORTS_CTX_APP_DATA
-	SSL_CTX_set_app_data(conn->ssl_ctx, tls_global);
-#endif /* OPENSSL_SUPPORTS_CTX_APP_DATA */
-
-	if (openssl_new_ssl(conn->ssl_ctx, conn) < 0) {
-		SSL_CTX_free(conn->ssl_ctx);
-		conn->ssl_ctx = NULL;
-		return -1;
-	}
-#endif /* EAP_FAST || EAP_FAST_DYNAMIC */
-
-	return 0;
-}
-
-
-
 int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
 			      const struct tls_connection_params *params)
 {
@@ -3266,10 +3207,15 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
 	if (conn == NULL)
 		return -1;
 
-	if (openssl_eap_fast_workaround(conn, params) < 0)
-		return -1;
-	if (conn->ssl_ctx)
-		tls_ctx = conn->ssl_ctx;
+	if (params->flags & TLS_CONN_EAP_FAST) {
+		wpa_printf(MSG_DEBUG,
+			   "OpenSSL: Use TLSv1_method() for EAP-FAST");
+		if (SSL_set_ssl_method(conn->ssl, TLSv1_method()) != 1) {
+			tls_show_errors(MSG_INFO, __func__,
+					"Failed to set TLSv1_method() for EAP-FAST");
+			return -1;
+		}
+	}
 
 	while ((err = ERR_get_error())) {
 		wpa_printf(MSG_INFO, "%s: Clearing pending SSL error: %s",