diff options
| author |   tb <tb@openbsd.org> | 2019-04-05 20:23:38 +0000 |
|---|---|---|
| committer | tb <tb@openbsd.org> | 2019-04-05 20:23:38 +0000 |
| commit | b2516e1f98d4a5f7757a9aa22a2169b0874f7587 (patch) | |
| tree | efd8efab511e480084bd2b8ae9095b22a39c1398 /lib/libssl/tls13_handshake.c | |
| parent | Import SSL_CTX_add1_chain_cert(3) from OpenSSL branch 1.1.1, which is still (diff) | |
| download | wireguard-openbsd-b2516e1f98d4a5f7757a9aa22a2169b0874f7587.tar.xz wireguard-openbsd-b2516e1f98d4a5f7757a9aa22a2169b0874f7587.zip | |
By design, our state machine is a DAG contrary to the state machine in
the spec. To avoid the obvious loop in the RFC's state machine, we added
a CLIENT_HELLO_RETRY state which is a second ClientHello with special
rules. There is, however, no state to react to this second client hello.
This adds a matching SERVER_HELLO_RETRY state to the handshakes table.
This means in particular that the WITH_HRR state cannot be set in
tls13_server_hello_recv(), so remove this now dead check.
ok jsing
Diffstat (limited to 'lib/libssl/tls13_handshake.c')
| -rw-r--r-- | lib/libssl/tls13_handshake.c | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/lib/libssl/tls13_handshake.c b/lib/libssl/tls13_handshake.c index fd49e03adc5..542410bd395 100644 --- a/lib/libssl/tls13_handshake.c +++ b/lib/libssl/tls13_handshake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_handshake.c,v 1.34 2019/04/05 05:13:12 tb Exp $ */ +/* $OpenBSD: tls13_handshake.c,v 1.35 2019/04/05 20:23:38 tb Exp $ */ /* * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> @@ -98,6 +98,12 @@ struct tls13_handshake_action state_machine[] = { .send = tls13_server_hello_send, .recv = tls13_server_hello_recv, }, + [SERVER_HELLO_RETRY] = { + .handshake_type = TLS13_MT_SERVER_HELLO, + .sender = TLS13_HS_SERVER, + .send = tls13_server_hello_retry_send, + .recv = tls13_server_hello_retry_recv, + }, [SERVER_ENCRYPTED_EXTENSIONS] = { .handshake_type = TLS13_MT_ENCRYPTED_EXTENSIONS, .sender = TLS13_HS_SERVER, @@ -156,6 +162,7 @@ enum tls13_message_type handshakes[][TLS13_NUM_MESSAGE_TYPES] = { CLIENT_HELLO, SERVER_HELLO, CLIENT_HELLO_RETRY, + SERVER_HELLO_RETRY, SERVER_ENCRYPTED_EXTENSIONS, SERVER_CERTIFICATE_REQUEST, SERVER_CERTIFICATE, @@ -179,6 +186,7 @@ enum tls13_message_type handshakes[][TLS13_NUM_MESSAGE_TYPES] = { CLIENT_HELLO, SERVER_HELLO, CLIENT_HELLO_RETRY, + SERVER_HELLO_RETRY, SERVER_ENCRYPTED_EXTENSIONS, SERVER_CERTIFICATE, SERVER_CERTIFICATE_VERIFY, @@ -198,6 +206,7 @@ enum tls13_message_type handshakes[][TLS13_NUM_MESSAGE_TYPES] = { CLIENT_HELLO, SERVER_HELLO, CLIENT_HELLO_RETRY, + SERVER_HELLO_RETRY, SERVER_ENCRYPTED_EXTENSIONS, SERVER_FINISHED, CLIENT_FINISHED, @@ -220,6 +229,7 @@ enum tls13_message_type handshakes[][TLS13_NUM_MESSAGE_TYPES] = { CLIENT_HELLO, SERVER_HELLO, CLIENT_HELLO_RETRY, + SERVER_HELLO_RETRY, SERVER_ENCRYPTED_EXTENSIONS, SERVER_CERTIFICATE_REQUEST, SERVER_CERTIFICATE, @@ -404,6 +414,12 @@ tls13_client_hello_retry_send(struct tls13_ctx *ctx) } int +tls13_server_hello_retry_recv(struct tls13_ctx *ctx) +{ + return 0; +} + +int tls13_client_hello_retry_recv(struct tls13_ctx *ctx) { return 0; @@ -473,6 +489,12 @@ tls13_server_hello_send(struct tls13_ctx *ctx) } int +tls13_server_hello_retry_send(struct tls13_ctx *ctx) +{ + return 0; +} + +int tls13_server_encrypted_extensions_send(struct tls13_ctx *ctx) { return 0; |