diff options
| author | jsing <> | 2020-04-28 20:37:22 +0000 |
|---|---|---|
| committer | jsing <> | 2020-04-28 20:37:22 +0000 |
| commit | 5f2791387a6d20d8b8294b1c9ca4e982c7ae6f7e (patch) | |
| tree | 3340d02c12df4a9485d2eaf80db0ce8efbfa3418 /src/lib/libssl/tls13_server.c | |
| parent | d1fef479fc505086d5703546f04121c5c2c8c507 (diff) | |
| download | openbsd-5f2791387a6d20d8b8294b1c9ca4e982c7ae6f7e.tar.gz openbsd-5f2791387a6d20d8b8294b1c9ca4e982c7ae6f7e.tar.bz2 openbsd-5f2791387a6d20d8b8294b1c9ca4e982c7ae6f7e.zip | |
Move legacy stack interfacing functions into tls13_legacy.c.
No functional change.
ok inoguchi@ tb@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 99 |
1 files changed, 4 insertions, 95 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index 864e434fda..4fa1aba31d 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.33 2020/04/27 20:15:17 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.34 2020/04/28 20:37:22 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -22,7 +22,7 @@ | |||
| 22 | #include "tls13_handshake.h" | 22 | #include "tls13_handshake.h" |
| 23 | #include "tls13_internal.h" | 23 | #include "tls13_internal.h" |
| 24 | 24 | ||
| 25 | static int | 25 | int |
| 26 | tls13_server_init(struct tls13_ctx *ctx) | 26 | tls13_server_init(struct tls13_ctx *ctx) |
| 27 | { | 27 | { |
| 28 | SSL *s = ctx->ssl; | 28 | SSL *s = ctx->ssl; |
| @@ -45,8 +45,8 @@ tls13_server_init(struct tls13_ctx *ctx) | |||
| 45 | return 1; | 45 | return 1; |
| 46 | } | 46 | } |
| 47 | 47 | ||
| 48 | static int | 48 | int |
| 49 | tls13_accept(struct tls13_ctx *ctx) | 49 | tls13_server_accept(struct tls13_ctx *ctx) |
| 50 | { | 50 | { |
| 51 | if (ctx->mode != TLS13_HS_SERVER) | 51 | if (ctx->mode != TLS13_HS_SERVER) |
| 52 | return TLS13_IO_FAILURE; | 52 | return TLS13_IO_FAILURE; |
| @@ -54,97 +54,6 @@ tls13_accept(struct tls13_ctx *ctx) | |||
| 54 | return tls13_handshake_perform(ctx); | 54 | return tls13_handshake_perform(ctx); |
| 55 | } | 55 | } |
| 56 | 56 | ||
| 57 | int | ||
| 58 | tls13_legacy_accept(SSL *ssl) | ||
| 59 | { | ||
| 60 | struct tls13_ctx *ctx = ssl->internal->tls13; | ||
| 61 | int ret; | ||
| 62 | |||
| 63 | if (ctx == NULL) { | ||
| 64 | if ((ctx = tls13_ctx_new(TLS13_HS_SERVER)) == NULL) { | ||
| 65 | SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */ | ||
| 66 | return -1; | ||
| 67 | } | ||
| 68 | ssl->internal->tls13 = ctx; | ||
| 69 | ctx->ssl = ssl; | ||
| 70 | ctx->hs = &S3I(ssl)->hs_tls13; | ||
| 71 | |||
| 72 | if (!tls13_server_init(ctx)) { | ||
| 73 | if (ERR_peek_error() == 0) | ||
| 74 | SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */ | ||
| 75 | return -1; | ||
| 76 | } | ||
| 77 | } | ||
| 78 | |||
| 79 | ERR_clear_error(); | ||
| 80 | S3I(ssl)->hs.state = SSL_ST_ACCEPT; | ||
| 81 | |||
| 82 | ret = tls13_accept(ctx); | ||
| 83 | if (ret == TLS13_IO_USE_LEGACY) | ||
| 84 | return ssl->method->internal->ssl_accept(ssl); | ||
| 85 | if (ret == TLS13_IO_SUCCESS) | ||
| 86 | S3I(ssl)->hs.state = SSL_ST_OK; | ||
| 87 | |||
| 88 | return tls13_legacy_return_code(ssl, ret); | ||
| 89 | } | ||
| 90 | |||
| 91 | int | ||
| 92 | tls13_use_legacy_server(struct tls13_ctx *ctx) | ||
| 93 | { | ||
| 94 | SSL *s = ctx->ssl; | ||
| 95 | CBS cbs; | ||
| 96 | |||
| 97 | s->method = tls_legacy_server_method(); | ||
| 98 | s->internal->handshake_func = s->method->internal->ssl_accept; | ||
| 99 | s->client_version = s->version = s->method->internal->max_version; | ||
| 100 | s->server = 1; | ||
| 101 | |||
| 102 | if (!ssl3_setup_init_buffer(s)) | ||
| 103 | goto err; | ||
| 104 | if (!ssl3_setup_buffers(s)) | ||
| 105 | goto err; | ||
| 106 | if (!ssl_init_wbio_buffer(s, 0)) | ||
| 107 | goto err; | ||
| 108 | |||
| 109 | if (s->bbio != s->wbio) | ||
| 110 | s->wbio = BIO_push(s->bbio, s->wbio); | ||
| 111 | |||
| 112 | /* Stash any unprocessed data from the last record. */ | ||
| 113 | tls13_record_layer_rbuf(ctx->rl, &cbs); | ||
| 114 | if (CBS_len(&cbs) > 0) { | ||
| 115 | if (!CBS_write_bytes(&cbs, | ||
| 116 | S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH, | ||
| 117 | S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL)) | ||
| 118 | goto err; | ||
| 119 | |||
| 120 | S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH; | ||
| 121 | S3I(s)->rbuf.left = CBS_len(&cbs); | ||
| 122 | S3I(s)->rrec.type = SSL3_RT_HANDSHAKE; | ||
| 123 | S3I(s)->rrec.length = CBS_len(&cbs); | ||
| 124 | s->internal->rstate = SSL_ST_READ_BODY; | ||
| 125 | s->internal->packet = S3I(s)->rbuf.buf; | ||
| 126 | s->internal->packet_length = SSL3_RT_HEADER_LENGTH; | ||
| 127 | s->internal->mac_packet = 1; | ||
| 128 | } | ||
| 129 | |||
| 130 | /* Stash the current handshake message. */ | ||
| 131 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); | ||
| 132 | if (!CBS_write_bytes(&cbs, s->internal->init_buf->data, | ||
| 133 | s->internal->init_buf->length, NULL)) | ||
| 134 | goto err; | ||
| 135 | |||
| 136 | S3I(s)->tmp.reuse_message = 1; | ||
| 137 | S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg); | ||
| 138 | S3I(s)->tmp.message_size = CBS_len(&cbs); | ||
| 139 | |||
| 140 | S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A; | ||
| 141 | |||
| 142 | return 1; | ||
| 143 | |||
| 144 | err: | ||
| 145 | return 0; | ||
| 146 | } | ||
| 147 | |||
| 148 | static int | 57 | static int |
| 149 | tls13_client_hello_is_legacy(CBS *cbs) | 58 | tls13_client_hello_is_legacy(CBS *cbs) |
| 150 | { | 59 | { |