diff options
| author | jsing <> | 2019-11-17 06:35:30 +0000 |
|---|---|---|
| committer | jsing <> | 2019-11-17 06:35:30 +0000 |
| commit | 409fa0d28febaa4ac29449f82e464e5bdb785ac6 (patch) | |
| tree | 64b268783159e5f32378776acd8d4e6c753a419b /src/lib/libssl/tls13_server.c | |
| parent | 45bbbfd098329712115368b9fab20a0605ef4bde (diff) | |
| download | openbsd-409fa0d28febaa4ac29449f82e464e5bdb785ac6.tar.gz openbsd-409fa0d28febaa4ac29449f82e464e5bdb785ac6.tar.bz2 openbsd-409fa0d28febaa4ac29449f82e464e5bdb785ac6.zip | |
Add the initial framework for the TLSv1.3 server.
ok beck@
Diffstat (limited to 'src/lib/libssl/tls13_server.c')
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c new file mode 100644 index 0000000000..8d484fcb45 --- /dev/null +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -0,0 +1,79 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.1 2019/11/17 06:35:30 jsing Exp $ */ | ||
| 2 | /* | ||
| 3 | * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> | ||
| 4 | * | ||
| 5 | * Permission to use, copy, modify, and distribute this software for any | ||
| 6 | * purpose with or without fee is hereby granted, provided that the above | ||
| 7 | * copyright notice and this permission notice appear in all copies. | ||
| 8 | * | ||
| 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
| 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
| 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
| 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
| 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
| 16 | */ | ||
| 17 | |||
| 18 | #include "ssl_locl.h" | ||
| 19 | |||
| 20 | #include "tls13_handshake.h" | ||
| 21 | #include "tls13_internal.h" | ||
| 22 | |||
| 23 | static int | ||
| 24 | tls13_accept(struct tls13_ctx *ctx) | ||
| 25 | { | ||
| 26 | if (ctx->mode != TLS13_HS_SERVER) | ||
| 27 | return TLS13_IO_FAILURE; | ||
| 28 | |||
| 29 | return tls13_handshake_perform(ctx); | ||
| 30 | } | ||
| 31 | |||
| 32 | static int | ||
| 33 | tls13_server_init(struct tls13_ctx *ctx) | ||
| 34 | { | ||
| 35 | SSL *s = ctx->ssl; | ||
| 36 | |||
| 37 | if (!ssl_supported_version_range(s, &ctx->hs->min_version, | ||
| 38 | &ctx->hs->max_version)) { | ||
| 39 | SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE); | ||
| 40 | return 0; | ||
| 41 | } | ||
| 42 | |||
| 43 | /* XXX implement. */ | ||
| 44 | |||
| 45 | return 1; | ||
| 46 | } | ||
| 47 | |||
| 48 | int | ||
| 49 | tls13_legacy_accept(SSL *ssl) | ||
| 50 | { | ||
| 51 | struct tls13_ctx *ctx = ssl->internal->tls13; | ||
| 52 | int ret; | ||
| 53 | |||
| 54 | if (ctx == NULL) { | ||
| 55 | if ((ctx = tls13_ctx_new(TLS13_HS_SERVER)) == NULL) { | ||
| 56 | SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */ | ||
| 57 | return -1; | ||
| 58 | } | ||
| 59 | ssl->internal->tls13 = ctx; | ||
| 60 | ctx->ssl = ssl; | ||
| 61 | ctx->hs = &S3I(ssl)->hs_tls13; | ||
| 62 | |||
| 63 | if (!tls13_server_init(ctx)) { | ||
| 64 | if (ERR_peek_error() == 0) | ||
| 65 | SSLerror(ssl, ERR_R_INTERNAL_ERROR); /* XXX */ | ||
| 66 | return -1; | ||
| 67 | } | ||
| 68 | } | ||
| 69 | |||
| 70 | S3I(ssl)->hs.state = SSL_ST_ACCEPT; | ||
| 71 | |||
| 72 | ret = tls13_accept(ctx); | ||
| 73 | if (ret == TLS13_IO_USE_LEGACY) | ||
| 74 | return ssl->method->internal->ssl_accept(ssl); | ||
| 75 | if (ret == TLS13_IO_SUCCESS) | ||
| 76 | S3I(ssl)->hs.state = SSL_ST_OK; | ||
| 77 | |||
| 78 | return tls13_legacy_return_code(ssl, ret); | ||
| 79 | } | ||