summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorjsing <>2019-02-07 15:54:18 +0000
committerjsing <>2019-02-07 15:54:18 +0000
commit6126567f386c34c6cff5dc95e8e5072c34ba7b00 (patch)
tree74f4d1218bdcbb7a9def216ef74472ac98f74e33 /src/lib
parentd270ebee7ae687e3965f2f26817d062472c13ec0 (diff)
downloadopenbsd-6126567f386c34c6cff5dc95e8e5072c34ba7b00.tar.gz
openbsd-6126567f386c34c6cff5dc95e8e5072c34ba7b00.tar.bz2
openbsd-6126567f386c34c6cff5dc95e8e5072c34ba7b00.zip
Implement processing of EncryptedExtensions in the TLS 1.3 client.
ok bcook@ tb@
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libssl/tls13_client.c28
-rw-r--r--src/lib/libssl/tls13_handshake.c8
2 files changed, 28 insertions, 8 deletions
diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 4d34cf9943..0f0c673f2c 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_client.c,v 1.2 2019/02/04 16:18:15 jsing Exp $ */ 1/* $OpenBSD: tls13_client.c,v 1.3 2019/02/07 15:54:18 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -230,6 +230,8 @@ tls13_server_hello_process(struct tls13_ctx *ctx, CBS *cbs)
230 return 1; 230 return 1;
231 231
232 err: 232 err:
233 /* XXX - send alert. */
234
233 return 0; 235 return 0;
234} 236}
235 237
@@ -253,6 +255,7 @@ tls13_server_hello_recv(struct tls13_ctx *ctx)
253 255
254 if (S3I(s)->hs_tls13.server_version < TLS1_3_VERSION) { 256 if (S3I(s)->hs_tls13.server_version < TLS1_3_VERSION) {
255 /* XXX - switch back to legacy client. */ 257 /* XXX - switch back to legacy client. */
258 goto err;
256 } 259 }
257 260
258 if (ctx->handshake_stage.hs_type & WITH_HRR) 261 if (ctx->handshake_stage.hs_type & WITH_HRR)
@@ -314,3 +317,26 @@ tls13_server_hello_recv(struct tls13_ctx *ctx)
314 freezero(shared_key, X25519_KEY_LENGTH); 317 freezero(shared_key, X25519_KEY_LENGTH);
315 return ret; 318 return ret;
316} 319}
320
321int
322tls13_server_encrypted_extensions_recv(struct tls13_ctx *ctx)
323{
324 int alert;
325 CBS cbs;
326
327 if (!tls13_handshake_msg_content(ctx->hs_msg, &cbs))
328 goto err;
329
330 if (!tlsext_client_parse(ctx->ssl, &cbs, &alert, SSL_TLSEXT_MSG_EE))
331 goto err;
332
333 if (CBS_len(&cbs) != 0)
334 goto err;
335
336 return 1;
337
338 err:
339 /* XXX - send alert. */
340
341 return 0;
342}
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index b3c08ef39c..68d6a9d444 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_handshake.c,v 1.23 2019/02/04 16:18:15 jsing Exp $ */ 1/* $OpenBSD: tls13_handshake.c,v 1.24 2019/02/07 15:54:18 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> 3 * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
4 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -475,12 +475,6 @@ tls13_server_hello_send(struct tls13_ctx *ctx)
475} 475}
476 476
477int 477int
478tls13_server_encrypted_extensions_recv(struct tls13_ctx *ctx)
479{
480 return 0;
481}
482
483int
484tls13_server_encrypted_extensions_send(struct tls13_ctx *ctx) 478tls13_server_encrypted_extensions_send(struct tls13_ctx *ctx)
485{ 479{
486 return 0; 480 return 0;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 18:20:38 +0000