diff options
| author |   jsing <jsing@openbsd.org> | 2020-05-09 08:26:16 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2020-05-09 08:26:16 +0000 |
| commit | 7752f9fda66205f947a2171e176537a136444c36 (patch) | |
| tree | 327c45661bf4e0794dc925c0b4c437fe2b15576a /lib/libssl/tls13_server.c | |
| parent | No need to look at _STA here, all we care about is _PSR. (diff) | |
| download | wireguard-openbsd-7752f9fda66205f947a2171e176537a136444c36.tar.xz wireguard-openbsd-7752f9fda66205f947a2171e176537a136444c36.zip | |
Refactor tls13_server_hello_sent().
Split the record protection engagement code into a separate
tls13_server_engage_record_protection() function and call this from
tls13_server_hello_sent(). Also move some functions around to keep the
logical ordering/grouping.
ok inoguchi@ tb@ (as part of a larger diff)
Diffstat (limited to 'lib/libssl/tls13_server.c')
| -rw-r--r-- | lib/libssl/tls13_server.c | 66 |
1 files changed, 36 insertions, 30 deletions
diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c index 4fa1aba31de..19ee2e9eaa8 100644 --- a/lib/libssl/tls13_server.c +++ b/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.34 2020/04/28 20:37:22 jsing Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.35 2020/05/09 08:26:16 jsing Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> * Copyright (c) 2020 Bob Beck <beck@openbsd.org> @@ -242,35 +242,8 @@ err: return 0; } -int -tls13_server_hello_retry_request_send(struct tls13_ctx *ctx, CBB *cbb) -{ - return 0; -} - -int -tls13_client_hello_retry_recv(struct tls13_ctx *ctx, CBS *cbs) -{ - return 0; -} - -int -tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb) -{ - if (ctx->hs->key_share == NULL) - return 0; - - if (!tls13_key_share_generate(ctx->hs->key_share)) - return 0; - - if (!tls13_server_hello_build(ctx, cbb)) - return 0; - - return 1; -} - -int -tls13_server_hello_sent(struct tls13_ctx *ctx) +static int +tls13_server_engage_record_protection(struct tls13_ctx *ctx) { struct tls13_secrets *secrets; struct tls13_secret context; @@ -338,6 +311,39 @@ tls13_server_hello_sent(struct tls13_ctx *ctx) } int +tls13_server_hello_retry_request_send(struct tls13_ctx *ctx, CBB *cbb) +{ + return 0; +} + +int +tls13_client_hello_retry_recv(struct tls13_ctx *ctx, CBS *cbs) +{ + return 0; +} + +int +tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb) +{ + if (ctx->hs->key_share == NULL) + return 0; + + if (!tls13_key_share_generate(ctx->hs->key_share)) + return 0; + + if (!tls13_server_hello_build(ctx, cbb)) + return 0; + + return 1; +} + +int +tls13_server_hello_sent(struct tls13_ctx *ctx) +{ + return tls13_server_engage_record_protection(ctx); +} + +int tls13_server_encrypted_extensions_send(struct tls13_ctx *ctx, CBB *cbb) { if (!tlsext_server_build(ctx->ssl, cbb, SSL_TLSEXT_MSG_EE)) |