summaryrefslogtreecommitdiff
path: root/src/lib/libssl/tls13_handshake.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/tls13_handshake.c70
1 files changed, 46 insertions, 24 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index c2ec287f73..d75204f2b0 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_handshake.c,v 1.5 2018/11/10 00:38:31 tb Exp $ */ 1/* $OpenBSD: tls13_handshake.c,v 1.6 2018/11/10 08:10:43 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> 3 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
4 * 4 *
@@ -55,17 +55,19 @@ struct tls13_handshake_action {
55}; 55};
56 56
57enum tls13_message_type tls13_handshake_active_state(struct tls13_ctx *ctx); 57enum tls13_message_type tls13_handshake_active_state(struct tls13_ctx *ctx);
58int tls13_handshake_get_sender(struct tls13_ctx *ctx);
59 58
60int tls13_connect(struct tls13_ctx *ctx); 59int tls13_connect(struct tls13_ctx *ctx);
61int tls13_accept(struct tls13_ctx *ctx); 60int tls13_accept(struct tls13_ctx *ctx);
62 61
63int tls13_handshake_advance_state_machine(struct tls13_ctx *ctx); 62int tls13_handshake_advance_state_machine(struct tls13_ctx *ctx);
64 63
65int tls13_handshake_send_action(struct tls13_ctx *ctx); 64int tls13_handshake_send_action(struct tls13_ctx *ctx,
66int tls13_handshake_recv_action(struct tls13_ctx *ctx); 65 struct tls13_handshake_action *action);
66int tls13_handshake_recv_action(struct tls13_ctx *ctx,
67 struct tls13_handshake_action *action);
67 68
68enum tls13_message_type { 69enum tls13_message_type {
70 INVALID,
69 CLIENT_HELLO, 71 CLIENT_HELLO,
70 CLIENT_HELLO_RETRY, 72 CLIENT_HELLO_RETRY,
71 CLIENT_END_OF_EARLY_DATA, 73 CLIENT_END_OF_EARLY_DATA,
@@ -282,46 +284,62 @@ tls13_handshake_active_state(struct tls13_ctx *ctx)
282 return handshakes[hs.hs_type][hs.message_number]; 284 return handshakes[hs.hs_type][hs.message_number];
283} 285}
284 286
285int 287struct tls13_handshake_action *
286tls13_handshake_get_sender(struct tls13_ctx *ctx) 288tls13_handshake_active_action(struct tls13_ctx *ctx)
287{ 289{
288 enum tls13_message_type mt = tls13_handshake_active_state(ctx); 290 enum tls13_message_type mt = tls13_handshake_active_state(ctx);
289 return state_machine[mt].sender; 291 return &state_machine[mt];
290} 292}
291 293
292int 294int
293tls13_connect(struct tls13_ctx *ctx) 295tls13_connect(struct tls13_ctx *ctx)
294{ 296{
297 struct tls13_handshake_action *action;
298
295 ctx->mode = TLS13_HS_CLIENT; 299 ctx->mode = TLS13_HS_CLIENT;
296 300
297 while (tls13_handshake_get_sender(ctx) != TLS13_HS_BOTH) { 301 for (;;) {
298 if (tls13_handshake_get_sender(ctx) == TLS13_HS_CLIENT) { 302 if ((action = tls13_handshake_active_action(ctx)) == NULL)
299 if (!tls13_handshake_send_action(ctx)) 303 return -1;
304
305 if (action->sender == TLS13_HS_BOTH)
306 return 1;
307
308 if (action->sender == TLS13_HS_CLIENT) {
309 if (!tls13_handshake_send_action(ctx, action))
300 return 0; 310 return 0;
301 } else { 311 } else {
302 if (!tls13_handshake_recv_action(ctx)) 312 if (!tls13_handshake_recv_action(ctx, action))
303 return 0; 313 return 0;
304 } 314 }
315
305 if (!tls13_handshake_advance_state_machine(ctx)) 316 if (!tls13_handshake_advance_state_machine(ctx))
306 return 0; 317 return 0;
307 } 318 }
308
309 return 1;
310} 319}
311 320
312int 321int
313tls13_accept(struct tls13_ctx *ctx) 322tls13_accept(struct tls13_ctx *ctx)
314{ 323{
324 struct tls13_handshake_action *action;
325
315 ctx->mode = TLS13_HS_SERVER; 326 ctx->mode = TLS13_HS_SERVER;
316 327
317 while (tls13_handshake_get_sender(ctx) != TLS13_HS_BOTH) { 328 for (;;) {
318 if (tls13_handshake_get_sender(ctx) == TLS13_HS_SERVER) { 329 if ((action = tls13_handshake_active_action(ctx)) == NULL)
319 if (!tls13_handshake_send_action(ctx)) 330 return -1;
331
332 if (action->sender == TLS13_HS_BOTH)
333 return 1;
334
335 if (action->sender == TLS13_HS_SERVER) {
336 if (!tls13_handshake_send_action(ctx, action))
320 return 0; 337 return 0;
321 } else { 338 } else {
322 if (!tls13_handshake_recv_action(ctx)) 339 if (!tls13_handshake_recv_action(ctx, action))
323 return 0; 340 return 0;
324 } 341 }
342
325 if (!tls13_handshake_advance_state_machine(ctx)) 343 if (!tls13_handshake_advance_state_machine(ctx))
326 return 0; 344 return 0;
327 } 345 }
@@ -332,22 +350,22 @@ tls13_accept(struct tls13_ctx *ctx)
332int 350int
333tls13_handshake_advance_state_machine(struct tls13_ctx *ctx) 351tls13_handshake_advance_state_machine(struct tls13_ctx *ctx)
334{ 352{
335 if (tls13_handshake_get_sender(ctx) == TLS13_HS_BOTH)
336 return 0;
337 ctx->handshake.message_number++; 353 ctx->handshake.message_number++;
338 return 1; 354 return 1;
339} 355}
340 356
341int 357int
342tls13_handshake_send_action(struct tls13_ctx *ctx) 358tls13_handshake_send_action(struct tls13_ctx *ctx,
359 struct tls13_handshake_action *action)
343{ 360{
344 return 1; 361 return action->send(ctx);
345} 362}
346 363
347int 364int
348tls13_handshake_recv_action(struct tls13_ctx *ctx) 365tls13_handshake_recv_action(struct tls13_ctx *ctx,
366 struct tls13_handshake_action *action)
349{ 367{
350 return 1; 368 return action->recv(ctx);
351} 369}
352 370
353int 371int
@@ -438,12 +456,16 @@ tls13_client_key_update_recv(struct tls13_ctx *ctx)
438int 456int
439tls13_server_hello_recv(struct tls13_ctx *ctx) 457tls13_server_hello_recv(struct tls13_ctx *ctx)
440{ 458{
459 ctx->handshake.hs_type |= NEGOTIATED;
460
441 return 1; 461 return 1;
442} 462}
443 463
444int 464int
445tls13_server_hello_send(struct tls13_ctx *ctx) 465tls13_server_hello_send(struct tls13_ctx *ctx)
446{ 466{
467 ctx->handshake.hs_type |= NEGOTIATED;
468
447 return 1; 469 return 1;
448} 470}
449 471
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-11 04:19:59 +0000