summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorjsing <>2019-01-21 13:13:46 +0000
committerjsing <>2019-01-21 13:13:46 +0000
commitbde3ac13e78ee3960e9e0340d4af51a79ada0aa6 (patch)
tree3589e1b592f5465968101b9036eb046d8cc25049 /src/lib
parent3f8f1b4265aaef35785756a4d46e78bc80f3baea (diff)
downloadopenbsd-bde3ac13e78ee3960e9e0340d4af51a79ada0aa6.tar.gz
openbsd-bde3ac13e78ee3960e9e0340d4af51a79ada0aa6.tar.bz2
openbsd-bde3ac13e78ee3960e9e0340d4af51a79ada0aa6.zip
Wire up the handshake message send and recv actions.
This means that we actually receive and send handshake messages to and from the record layer. ok tb@
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libssl/tls13_handshake.c43
-rw-r--r--src/lib/libssl/tls13_internal.h5
2 files changed, 44 insertions, 4 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 9e17fd1351..78f5611b70 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_handshake.c,v 1.16 2019/01/21 10:44:08 jsing Exp $ */ 1/* $OpenBSD: tls13_handshake.c,v 1.17 2019/01/21 13:13:46 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> 3 * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
4 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -18,6 +18,7 @@
18 18
19#include <stddef.h> 19#include <stddef.h>
20 20
21#include "ssl_locl.h"
21#include "tls13_handshake.h" 22#include "tls13_handshake.h"
22#include "tls13_internal.h" 23#include "tls13_internal.h"
23 24
@@ -331,7 +332,30 @@ int
331tls13_handshake_send_action(struct tls13_ctx *ctx, 332tls13_handshake_send_action(struct tls13_ctx *ctx,
332 struct tls13_handshake_action *action) 333 struct tls13_handshake_action *action)
333{ 334{
334 return action->send(ctx); 335 ssize_t ret;
336 CBS cbs;
337
338 /* If we have no handshake message, we need to build one. */
339 if (ctx->hs_msg == NULL) {
340 if ((ctx->hs_msg = tls13_handshake_msg_new()) == NULL)
341 return TLS13_IO_FAILURE;
342
343 /* XXX - provide CBB. */
344 if (!action->send(ctx))
345 return TLS13_IO_FAILURE;
346 }
347
348 if ((ret = tls13_handshake_msg_send(ctx->hs_msg, ctx->rl)) <= 0)
349 return ret;
350
351 tls13_handshake_msg_data(ctx->hs_msg, &cbs);
352 if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs)))
353 return TLS13_IO_FAILURE;
354
355 tls13_handshake_msg_free(ctx->hs_msg);
356 ctx->hs_msg = NULL;
357
358 return TLS13_IO_SUCCESS;
335} 359}
336 360
337int 361int
@@ -339,14 +363,27 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx,
339 struct tls13_handshake_action *action) 363 struct tls13_handshake_action *action)
340{ 364{
341 uint8_t msg_type; 365 uint8_t msg_type;
366 ssize_t ret;
367 CBS cbs;
342 368
343 msg_type = 0; /* XXX */ 369 if (ctx->hs_msg == NULL) {
370 if ((ctx->hs_msg = tls13_handshake_msg_new()) == NULL)
371 return TLS13_IO_FAILURE;
372 }
373
374 if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) <= 0)
375 return ret;
376
377 tls13_handshake_msg_data(ctx->hs_msg, &cbs);
378 if (!tls1_transcript_record(ctx->ssl, CBS_data(&cbs), CBS_len(&cbs)))
379 return TLS13_IO_FAILURE;
344 380
345 /* 381 /*
346 * In TLSv1.3 there is no way to know if you're going to receive a 382 * In TLSv1.3 there is no way to know if you're going to receive a
347 * certificate request message or not, hence we have to special case it 383 * certificate request message or not, hence we have to special case it
348 * here. The receive handler also knows how to deal with this situation. 384 * here. The receive handler also knows how to deal with this situation.
349 */ 385 */
386 msg_type = tls13_handshake_msg_type(ctx->hs_msg);
350 if (msg_type != action->handshake_type && 387 if (msg_type != action->handshake_type &&
351 (msg_type != TLS13_MT_CERTIFICATE || 388 (msg_type != TLS13_MT_CERTIFICATE ||
352 action->handshake_type != TLS13_MT_CERTIFICATE_REQUEST)) { 389 action->handshake_type != TLS13_MT_CERTIFICATE_REQUEST)) {
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 03de0fc40e..6ddce37ca3 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,7 +1,8 @@
1/* $OpenBSD: tls13_internal.h,v 1.13 2019/01/21 10:44:08 jsing Exp $ */ 1/* $OpenBSD: tls13_internal.h,v 1.14 2019/01/21 13:13:46 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
4 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> 4 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
5 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
5 * 6 *
6 * Permission to use, copy, modify, and/or distribute this software for any 7 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above 8 * purpose with or without fee is hereby granted, provided that the above
@@ -146,7 +147,9 @@ struct tls13_ctx {
146 SSL *ssl; 147 SSL *ssl;
147 uint8_t mode; 148 uint8_t mode;
148 struct tls13_handshake_stage handshake_stage; 149 struct tls13_handshake_stage handshake_stage;
150
149 struct tls13_record_layer *rl; 151 struct tls13_record_layer *rl;
152 struct tls13_handshake_msg *hs_msg;
150}; 153};
151 154
152/* 155/*
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-26 10:52:54 +0000