diff options
| author |   jsing <jsing@openbsd.org> | 2020-04-28 20:37:22 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2020-04-28 20:37:22 +0000 |
| commit | 8a834dad02e3fc498e495fb2961d634d982f929d (patch) | |
| tree | 3359f883224184ec84ac4b0a0f9ea288a40720ca /lib/libssl/tls13_server.c | |
| parent | Rename tls13_client_synthetic_handshake_message() and move to tls13_lib.c. (diff) | |
| download | wireguard-openbsd-8a834dad02e3fc498e495fb2961d634d982f929d.tar.xz wireguard-openbsd-8a834dad02e3fc498e495fb2961d634d982f929d.zip | |
Move legacy stack interfacing functions into tls13_legacy.c.
No functional change.
ok inoguchi@ tb@
Diffstat (limited to 'lib/libssl/tls13_server.c')
| -rw-r--r-- | lib/libssl/tls13_server.c | 99 |
1 files changed, 4 insertions, 95 deletions
diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c index 864e434fda0..4fa1aba31de 100644 --- a/lib/libssl/tls13_server.c +++ b/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.33 2020/04/27 20:15:17 jsing Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.34 2020/04/28 20:37:22 jsing Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> * Copyright (c) 2020 Bob Beck <beck@openbsd.org> @@ -22,7 +22,7 @@ #include "tls13_handshake.h" #include "tls13_internal.h" -static int +int tls13_server_init(struct tls13_ctx *ctx) { SSL *s = ctx->ssl; @@ -45,8 +45,8 @@ tls13_server_init(struct tls13_ctx *ctx) return 1; } -static int -tls13_accept(struct tls13_ctx *ctx) +int +tls13_server_accept(struct tls13_ctx *ctx) { if (ctx->mode != TLS13_HS_SERVER) return TLS13_IO_FAILURE; @@ -54,97 +54,6 @@ tls13_accept(struct tls13_ctx *ctx) return tls13_handshake_perform(ctx); } -int -tls13_legacy_accept(SSL *ssl) -{ - struct tls13_ctx *ctx = ssl->internal->tls13; - int ret; - - if (ctx == NULL) { - if ((ctx = tls13_ctx_new(TLS13_HS_SERVER)) == NULL) { - SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */ - return -1; - } - ssl->internal->tls13 = ctx; - ctx->ssl = ssl; - ctx->hs = &S3I(ssl)->hs_tls13; - - if (!tls13_server_init(ctx)) { - if (ERR_peek_error() == 0) - SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */ - return -1; - } - } - - ERR_clear_error(); - S3I(ssl)->hs.state = SSL_ST_ACCEPT; - - ret = tls13_accept(ctx); - if (ret == TLS13_IO_USE_LEGACY) - return ssl->method->internal->ssl_accept(ssl); - if (ret == TLS13_IO_SUCCESS) - S3I(ssl)->hs.state = SSL_ST_OK; - - return tls13_legacy_return_code(ssl, ret); -} - -int -tls13_use_legacy_server(struct tls13_ctx *ctx) -{ - SSL *s = ctx->ssl; - CBS cbs; - - s->method = tls_legacy_server_method(); - s->internal->handshake_func = s->method->internal->ssl_accept; - s->client_version = s->version = s->method->internal->max_version; - s->server = 1; - - if (!ssl3_setup_init_buffer(s)) - goto err; - if (!ssl3_setup_buffers(s)) - goto err; - if (!ssl_init_wbio_buffer(s, 0)) - goto err; - - if (s->bbio != s->wbio) - s->wbio = BIO_push(s->bbio, s->wbio); - - /* Stash any unprocessed data from the last record. */ - tls13_record_layer_rbuf(ctx->rl, &cbs); - if (CBS_len(&cbs) > 0) { - if (!CBS_write_bytes(&cbs, - S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH, - S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL)) - goto err; - - S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH; - S3I(s)->rbuf.left = CBS_len(&cbs); - S3I(s)->rrec.type = SSL3_RT_HANDSHAKE; - S3I(s)->rrec.length = CBS_len(&cbs); - s->internal->rstate = SSL_ST_READ_BODY; - s->internal->packet = S3I(s)->rbuf.buf; - s->internal->packet_length = SSL3_RT_HEADER_LENGTH; - s->internal->mac_packet = 1; - } - - /* Stash the current handshake message. */ - tls13_handshake_msg_data(ctx->hs_msg, &cbs); - if (!CBS_write_bytes(&cbs, s->internal->init_buf->data, - s->internal->init_buf->length, NULL)) - goto err; - - S3I(s)->tmp.reuse_message = 1; - S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg); - S3I(s)->tmp.message_size = CBS_len(&cbs); - - S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A; - - return 1; - - err: - return 0; -} - static int tls13_client_hello_is_legacy(CBS *cbs) { |