1 files changed, 108 insertions, 98 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 084a977297..df832e0569 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_handshake.c,v 1.3 2018/11/09 04:54:42 jsing Exp $       */
+/*      $OpenBSD: tls13_handshake.c,v 1.4 2018/11/09 23:54:57 tb Exp $  */
 /*
 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
 *
@@ -47,24 +47,25 @@ struct tls13_handshake_action {
        uint8_t                 record_type;
        uint8_t                 handshake_type;
-        uint8_t                 writer;
+        uint8_t                 sender;
-#define TLS13_HS_CLIENT_WRITES  1
+#define TLS13_HS_CLIENT_SENDS   1
-#define TLS13_HS_SERVER_WRITES  2
+#define TLS13_HS_SERVER_SENDS   2
-#define TLS13_HS_BOTH_WRITE     (TLS13_HS_CLIENT_WRITES|TLS13_HS_SERVER_WRITES)
+#define TLS13_HS_BOTH_SEND      (TLS13_HS_CLIENT_SENDS | TLS13_HS_SERVER_SENDS)
-        int                     (*handler[2])(struct tls13_ctx *ctx);
+        int (*send)(struct tls13_ctx *ctx);
+        int (*recv)(struct tls13_ctx *ctx);
 };
 enum tls13_message_type tls13_handshake_active_state(struct tls13_ctx *ctx);
-int tls13_handshake_get_writer(struct tls13_ctx *ctx);
+int tls13_handshake_get_sender(struct tls13_ctx *ctx);
 int tls13_connect(struct tls13_ctx *ctx);
 int tls13_accept(struct tls13_ctx *ctx);
 int tls13_handshake_advance_state_machine(struct tls13_ctx *ctx);
-int tls13_handshake_write_action(struct tls13_ctx *ctx);
+int tls13_handshake_send_action(struct tls13_ctx *ctx);
-int tls13_handshake_read_action(struct tls13_ctx *ctx);
+int tls13_handshake_recv_action(struct tls13_ctx *ctx);
 enum tls13_message_type {
        CLIENT_HELLO,
@@ -88,114 +89,123 @@ enum tls13_message_type {
 struct tls13_handshake_action state_machine[] = {
        [CLIENT_HELLO] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_CLIENT_HELLO,
+                .handshake_type = TLS13_MT_CLIENT_HELLO,
-                TLS13_HS_CLIENT_WRITES,
+                .sender = TLS13_HS_CLIENT_SENDS,
-                {tls13_client_hello_send, tls13_client_hello_recv},
+                .send = tls13_client_hello_send,
+                .recv = tls13_client_hello_recv,
        },
        [CLIENT_HELLO_RETRY] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_CLIENT_HELLO,
+                .handshake_type = TLS13_MT_CLIENT_HELLO,
-                TLS13_HS_CLIENT_WRITES,
+                .sender = TLS13_HS_CLIENT_SENDS,
-                {tls13_client_hello_retry_send, tls13_client_hello_retry_recv},
+                .send = tls13_client_hello_retry_send,
+                .recv = tls13_client_hello_retry_recv,
        },
        [CLIENT_END_OF_EARLY_DATA] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_END_OF_EARLY_DATA,
+                .handshake_type = TLS13_MT_END_OF_EARLY_DATA,
-                TLS13_HS_CLIENT_WRITES,
+                .sender = TLS13_HS_CLIENT_SENDS,
-                {tls13_client_end_of_early_data_send,
+                .send = tls13_client_end_of_early_data_send,
-                    tls13_client_end_of_early_data_recv},
+                .recv = tls13_client_end_of_early_data_recv,
        },
        [CLIENT_CERTIFICATE] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_CERTIFICATE,
+                .handshake_type = TLS13_MT_CERTIFICATE,
-                TLS13_HS_CLIENT_WRITES,
+                .sender = TLS13_HS_CLIENT_SENDS,
-                {tls13_client_certificate_send,
+                .send = tls13_client_certificate_send,
-                    tls13_client_certificate_recv},
+                .recv = tls13_client_certificate_recv,
        },
        [CLIENT_CERTIFICATE_VERIFY] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_CERTIFICATE_VERIFY,
+                .handshake_type = TLS13_MT_CERTIFICATE_VERIFY,
-                TLS13_HS_CLIENT_WRITES,
+                .sender = TLS13_HS_CLIENT_SENDS,
-                {tls13_client_certificate_verify_send,
+                .send = tls13_client_certificate_verify_send,
-                    tls13_client_certificate_verify_recv},
+                .recv = tls13_client_certificate_verify_recv,
        },
        [CLIENT_FINISHED] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_FINISHED,
+                .handshake_type = TLS13_MT_FINISHED,
-                TLS13_HS_CLIENT_WRITES,
+                .sender = TLS13_HS_CLIENT_SENDS,
-                {tls13_client_finished_recv, tls13_client_finished_send}
+                .send = tls13_client_finished_send,
+                .recv = tls13_client_finished_recv,
        },
        [CLIENT_KEY_UPDATE] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_KEY_UPDATE,
+                .handshake_type = TLS13_MT_KEY_UPDATE,
-                TLS13_HS_CLIENT_WRITES,
+                .sender = TLS13_HS_CLIENT_SENDS,
-                {tls13_client_key_update_send, tls13_client_key_update_recv},
+                .send = tls13_client_key_update_send,
+                .recv = tls13_client_key_update_recv,
        },
        [SERVER_HELLO] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_SERVER_HELLO,
+                .handshake_type = TLS13_MT_SERVER_HELLO,
-                TLS13_HS_SERVER_WRITES,
+                .sender = TLS13_HS_SERVER_SENDS,
-                {tls13_server_hello_recv, tls13_server_hello_send},
+                .send = tls13_server_hello_send,
+                .recv = tls13_server_hello_recv,
        },
        [SERVER_NEW_SESSION_TICKET] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_NEW_SESSION_TICKET,
+                .handshake_type = TLS13_MT_NEW_SESSION_TICKET,
-                TLS13_HS_SERVER_WRITES,
+                .sender = TLS13_HS_SERVER_SENDS,
-                {tls13_server_new_session_ticket_recv,
+                .send = tls13_server_new_session_ticket_send,
-                    tls13_server_new_session_ticket_send},
+                .recv = tls13_server_new_session_ticket_recv,
        },
        [SERVER_ENCRYPTED_EXTENSIONS] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_ENCRYPTED_EXTENSIONS,
+                .handshake_type = TLS13_MT_ENCRYPTED_EXTENSIONS,
-                TLS13_HS_SERVER_WRITES,
+                .sender = TLS13_HS_SERVER_SENDS,
-                {tls13_server_encrypted_extensions_recv,
+                .send = tls13_server_encrypted_extensions_send,
-                    tls13_server_encrypted_extensions_send},
+                .recv = tls13_server_encrypted_extensions_recv,
        },
        [SERVER_CERTIFICATE] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_CERTIFICATE,
+                .handshake_type = TLS13_MT_CERTIFICATE,
-                TLS13_HS_SERVER_WRITES,
+                .sender = TLS13_HS_SERVER_SENDS,
-                {tls13_server_certificate_recv, tls13_server_certificate_send},
+                .send = tls13_server_certificate_send,
+                .recv = tls13_server_certificate_recv,
        },
        [SERVER_CERTIFICATE_REQUEST] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_CERTIFICATE,
+                .handshake_type = TLS13_MT_CERTIFICATE,
-                TLS13_HS_SERVER_WRITES,
+                .sender = TLS13_HS_SERVER_SENDS,
-                {tls13_server_certificate_request_recv,
+                .send = tls13_server_certificate_request_send,
-                    tls13_server_certificate_request_send},
+                .recv = tls13_server_certificate_request_recv,
        },
        [SERVER_CERTIFICATE_VERIFY] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_CERTIFICATE_VERIFY,
+                .handshake_type = TLS13_MT_CERTIFICATE_VERIFY,
-                TLS13_HS_SERVER_WRITES,
+                .sender = TLS13_HS_SERVER_SENDS,
-                {tls13_server_certificate_verify_send,
+                .send = tls13_server_certificate_verify_send,
-                    tls13_server_certificate_verify_recv},
+                .recv = tls13_server_certificate_verify_recv,
        },
        [SERVER_FINISHED] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_FINISHED,
+                .handshake_type = TLS13_MT_FINISHED,
-                TLS13_HS_SERVER_WRITES,
+                .sender = TLS13_HS_SERVER_SENDS,
-                {tls13_server_finished_recv, tls13_server_finished_send}
+                .send = tls13_server_finished_send,
+                .recv = tls13_server_finished_recv,
        },
        [SERVER_KEY_UPDATE] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_KEY_UPDATE,
+                .handshake_type = TLS13_MT_KEY_UPDATE,
-                TLS13_HS_SERVER_WRITES,
+                .sender = TLS13_HS_SERVER_SENDS,
-                {tls13_server_key_update_recv, tls13_server_key_update_send},
+                .send = tls13_server_key_update_send,
+                .recv = tls13_server_key_update_recv,
        },
        [SERVER_MESSAGE_HASH] = {
-                TLS13_HANDSHAKE,
+                .record_type = TLS13_HANDSHAKE,
-                TLS13_MT_MESSAGE_HASH,
+                .handshake_type = TLS13_MT_MESSAGE_HASH,
-                TLS13_HS_SERVER_WRITES,
+                .sender = TLS13_HS_SERVER_SENDS,
-                {tls13_server_message_hash_recv,
+                .send = tls13_server_message_hash_send,
-                    tls13_server_message_hash_send},
+                .recv = tls13_server_message_hash_recv,
        },
        [APPLICATION_DATA] = {
-                TLS13_APPLICATION_DATA,
+                .record_type = TLS13_APPLICATION_DATA,
-                0,
+                .handshake_type = 0,
-                TLS13_HS_BOTH_WRITE,
+                .sender = TLS13_HS_BOTH_SEND,
-                {NULL, NULL},
+                .send = NULL,
+                .recv = NULL,
        },
 };
@@ -275,10 +285,10 @@ tls13_handshake_active_state(struct tls13_ctx *ctx)
 }
 int
-tls13_handshake_get_writer(struct tls13_ctx *ctx)
+tls13_handshake_get_sender(struct tls13_ctx *ctx)
 {
        enum tls13_message_type mt = tls13_handshake_active_state(ctx);
-        return state_machine[mt].writer;
+        return state_machine[mt].sender;
 }
 int
@@ -286,12 +296,12 @@ tls13_connect(struct tls13_ctx *ctx)
 {
        ctx->mode = TLS13_HS_MODE_CLIENT;
        
-        while (tls13_handshake_get_writer(ctx) != TLS13_HS_BOTH_WRITE) {
+        while (tls13_handshake_get_sender(ctx) != TLS13_HS_BOTH_SEND) {
-                if (tls13_handshake_get_writer(ctx) == TLS13_HS_CLIENT_WRITES) {
+                if (tls13_handshake_get_sender(ctx) == TLS13_HS_CLIENT_SENDS) {
-                        if (!tls13_handshake_write_action(ctx))
+                        if (!tls13_handshake_send_action(ctx))
                                return 0;
                } else {
-                        if (!tls13_handshake_read_action(ctx))
+                        if (!tls13_handshake_recv_action(ctx))
                                return 0;
                }
                if (!tls13_handshake_advance_state_machine(ctx))
@@ -306,12 +316,12 @@ tls13_accept(struct tls13_ctx *ctx)
 {
        ctx->mode = TLS13_HS_MODE_SERVER;
-        while (tls13_handshake_get_writer(ctx) != TLS13_HS_BOTH_WRITE) {
+        while (tls13_handshake_get_sender(ctx) != TLS13_HS_BOTH_SEND) {
-                if (tls13_handshake_get_writer(ctx) == TLS13_HS_SERVER_WRITES) {
+                if (tls13_handshake_get_sender(ctx) == TLS13_HS_SERVER_SENDS) {
-                        if (!tls13_handshake_write_action(ctx))
+                        if (!tls13_handshake_send_action(ctx))
                                return 0;
                } else {
-                        if (!tls13_handshake_read_action(ctx))
+                        if (!tls13_handshake_recv_action(ctx))
                                return 0;
                }
                if (!tls13_handshake_advance_state_machine(ctx))
@@ -324,20 +334,20 @@ tls13_accept(struct tls13_ctx *ctx)
 int
 tls13_handshake_advance_state_machine(struct tls13_ctx *ctx)
 {
-        if (tls13_handshake_get_writer(ctx) == TLS13_HS_BOTH_WRITE)
+        if (tls13_handshake_get_sender(ctx) == TLS13_HS_BOTH_SEND)
                return 0;
        ctx->handshake.message_number++;
        return 1;
 }
 int
-tls13_handshake_write_action(struct tls13_ctx *ctx)
+tls13_handshake_send_action(struct tls13_ctx *ctx)
 {
        return 1;
 }
 int
-tls13_handshake_read_action(struct tls13_ctx *ctx)
+tls13_handshake_recv_action(struct tls13_ctx *ctx)
 {
        return 1;
 }

diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c index 084a977297..df832e0569 100644 --- a/src/lib/libssl/tls13_handshake.c +++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_handshake.c,v 1.3 2018/11/09 04:54:42 jsing Exp $ */	1	/* $OpenBSD: tls13_handshake.c,v 1.4 2018/11/09 23:54:57 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>	3	* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
4	*	4	*
@@ -47,24 +47,25 @@ struct tls13_handshake_action {
47	uint8_t record_type;	47	uint8_t record_type;
48	uint8_t handshake_type;	48	uint8_t handshake_type;
49		49
50	uint8_t writer;	50	uint8_t sender;
51	#define TLS13_HS_CLIENT_WRITES 1	51	#define TLS13_HS_CLIENT_SENDS 1
52	#define TLS13_HS_SERVER_WRITES 2	52	#define TLS13_HS_SERVER_SENDS 2
53	#define TLS13_HS_BOTH_WRITE (TLS13_HS_CLIENT_WRITES\|TLS13_HS_SERVER_WRITES)	53	#define TLS13_HS_BOTH_SEND (TLS13_HS_CLIENT_SENDS \| TLS13_HS_SERVER_SENDS)
54		54
55	int (handler[2])(struct tls13_ctx ctx);	55	int (send)(struct tls13_ctx ctx);
		56	int (recv)(struct tls13_ctx ctx);
56	};	57	};
57		58
58	enum tls13_message_type tls13_handshake_active_state(struct tls13_ctx *ctx);	59	enum tls13_message_type tls13_handshake_active_state(struct tls13_ctx *ctx);
59	int tls13_handshake_get_writer(struct tls13_ctx *ctx);	60	int tls13_handshake_get_sender(struct tls13_ctx *ctx);
60		61
61	int tls13_connect(struct tls13_ctx *ctx);	62	int tls13_connect(struct tls13_ctx *ctx);
62	int tls13_accept(struct tls13_ctx *ctx);	63	int tls13_accept(struct tls13_ctx *ctx);
63		64
64	int tls13_handshake_advance_state_machine(struct tls13_ctx *ctx);	65	int tls13_handshake_advance_state_machine(struct tls13_ctx *ctx);
65		66
66	int tls13_handshake_write_action(struct tls13_ctx *ctx);	67	int tls13_handshake_send_action(struct tls13_ctx *ctx);
67	int tls13_handshake_read_action(struct tls13_ctx *ctx);	68	int tls13_handshake_recv_action(struct tls13_ctx *ctx);
68		69
69	enum tls13_message_type {	70	enum tls13_message_type {
70	CLIENT_HELLO,	71	CLIENT_HELLO,
@@ -88,114 +89,123 @@ enum tls13_message_type {
88		89
89	struct tls13_handshake_action state_machine[] = {	90	struct tls13_handshake_action state_machine[] = {
90	[CLIENT_HELLO] = {	91	[CLIENT_HELLO] = {
91	TLS13_HANDSHAKE,	92	.record_type = TLS13_HANDSHAKE,
92	TLS13_MT_CLIENT_HELLO,	93	.handshake_type = TLS13_MT_CLIENT_HELLO,
93	TLS13_HS_CLIENT_WRITES,	94	.sender = TLS13_HS_CLIENT_SENDS,
94	{tls13_client_hello_send, tls13_client_hello_recv},	95	.send = tls13_client_hello_send,
		96	.recv = tls13_client_hello_recv,
95	},	97	},
96	[CLIENT_HELLO_RETRY] = {	98	[CLIENT_HELLO_RETRY] = {
97	TLS13_HANDSHAKE,	99	.record_type = TLS13_HANDSHAKE,
98	TLS13_MT_CLIENT_HELLO,	100	.handshake_type = TLS13_MT_CLIENT_HELLO,
99	TLS13_HS_CLIENT_WRITES,	101	.sender = TLS13_HS_CLIENT_SENDS,
100	{tls13_client_hello_retry_send, tls13_client_hello_retry_recv},	102	.send = tls13_client_hello_retry_send,
		103	.recv = tls13_client_hello_retry_recv,
101	},	104	},
102	[CLIENT_END_OF_EARLY_DATA] = {	105	[CLIENT_END_OF_EARLY_DATA] = {
103	TLS13_HANDSHAKE,	106	.record_type = TLS13_HANDSHAKE,
104	TLS13_MT_END_OF_EARLY_DATA,	107	.handshake_type = TLS13_MT_END_OF_EARLY_DATA,
105	TLS13_HS_CLIENT_WRITES,	108	.sender = TLS13_HS_CLIENT_SENDS,
106	{tls13_client_end_of_early_data_send,	109	.send = tls13_client_end_of_early_data_send,
107	tls13_client_end_of_early_data_recv},	110	.recv = tls13_client_end_of_early_data_recv,
108	},	111	},
109	[CLIENT_CERTIFICATE] = {	112	[CLIENT_CERTIFICATE] = {
110	TLS13_HANDSHAKE,	113	.record_type = TLS13_HANDSHAKE,
111	TLS13_MT_CERTIFICATE,	114	.handshake_type = TLS13_MT_CERTIFICATE,
112	TLS13_HS_CLIENT_WRITES,	115	.sender = TLS13_HS_CLIENT_SENDS,
113	{tls13_client_certificate_send,	116	.send = tls13_client_certificate_send,
114	tls13_client_certificate_recv},	117	.recv = tls13_client_certificate_recv,
115	},	118	},
116	[CLIENT_CERTIFICATE_VERIFY] = {	119	[CLIENT_CERTIFICATE_VERIFY] = {
117	TLS13_HANDSHAKE,	120	.record_type = TLS13_HANDSHAKE,
118	TLS13_MT_CERTIFICATE_VERIFY,	121	.handshake_type = TLS13_MT_CERTIFICATE_VERIFY,
119	TLS13_HS_CLIENT_WRITES,	122	.sender = TLS13_HS_CLIENT_SENDS,
120	{tls13_client_certificate_verify_send,	123	.send = tls13_client_certificate_verify_send,
121	tls13_client_certificate_verify_recv},	124	.recv = tls13_client_certificate_verify_recv,
122	},	125	},
123	[CLIENT_FINISHED] = {	126	[CLIENT_FINISHED] = {
124	TLS13_HANDSHAKE,	127	.record_type = TLS13_HANDSHAKE,
125	TLS13_MT_FINISHED,	128	.handshake_type = TLS13_MT_FINISHED,
126	TLS13_HS_CLIENT_WRITES,	129	.sender = TLS13_HS_CLIENT_SENDS,
127	{tls13_client_finished_recv, tls13_client_finished_send}	130	.send = tls13_client_finished_send,
		131	.recv = tls13_client_finished_recv,
128	},	132	},
129	[CLIENT_KEY_UPDATE] = {	133	[CLIENT_KEY_UPDATE] = {
130	TLS13_HANDSHAKE,	134	.record_type = TLS13_HANDSHAKE,
131	TLS13_MT_KEY_UPDATE,	135	.handshake_type = TLS13_MT_KEY_UPDATE,
132	TLS13_HS_CLIENT_WRITES,	136	.sender = TLS13_HS_CLIENT_SENDS,
133	{tls13_client_key_update_send, tls13_client_key_update_recv},	137	.send = tls13_client_key_update_send,
		138	.recv = tls13_client_key_update_recv,
134	},	139	},
135	[SERVER_HELLO] = {	140	[SERVER_HELLO] = {
136	TLS13_HANDSHAKE,	141	.record_type = TLS13_HANDSHAKE,
137	TLS13_MT_SERVER_HELLO,	142	.handshake_type = TLS13_MT_SERVER_HELLO,
138	TLS13_HS_SERVER_WRITES,	143	.sender = TLS13_HS_SERVER_SENDS,
139	{tls13_server_hello_recv, tls13_server_hello_send},	144	.send = tls13_server_hello_send,
		145	.recv = tls13_server_hello_recv,
140	},	146	},
141	[SERVER_NEW_SESSION_TICKET] = {	147	[SERVER_NEW_SESSION_TICKET] = {
142	TLS13_HANDSHAKE,	148	.record_type = TLS13_HANDSHAKE,
143	TLS13_MT_NEW_SESSION_TICKET,	149	.handshake_type = TLS13_MT_NEW_SESSION_TICKET,
144	TLS13_HS_SERVER_WRITES,	150	.sender = TLS13_HS_SERVER_SENDS,
145	{tls13_server_new_session_ticket_recv,	151	.send = tls13_server_new_session_ticket_send,
146	tls13_server_new_session_ticket_send},	152	.recv = tls13_server_new_session_ticket_recv,
147	},	153	},
148	[SERVER_ENCRYPTED_EXTENSIONS] = {	154	[SERVER_ENCRYPTED_EXTENSIONS] = {
149	TLS13_HANDSHAKE,	155	.record_type = TLS13_HANDSHAKE,
150	TLS13_MT_ENCRYPTED_EXTENSIONS,	156	.handshake_type = TLS13_MT_ENCRYPTED_EXTENSIONS,
151	TLS13_HS_SERVER_WRITES,	157	.sender = TLS13_HS_SERVER_SENDS,
152	{tls13_server_encrypted_extensions_recv,	158	.send = tls13_server_encrypted_extensions_send,
153	tls13_server_encrypted_extensions_send},	159	.recv = tls13_server_encrypted_extensions_recv,
154	},	160	},
155	[SERVER_CERTIFICATE] = {	161	[SERVER_CERTIFICATE] = {
156	TLS13_HANDSHAKE,	162	.record_type = TLS13_HANDSHAKE,
157	TLS13_MT_CERTIFICATE,	163	.handshake_type = TLS13_MT_CERTIFICATE,
158	TLS13_HS_SERVER_WRITES,	164	.sender = TLS13_HS_SERVER_SENDS,
159	{tls13_server_certificate_recv, tls13_server_certificate_send},	165	.send = tls13_server_certificate_send,
		166	.recv = tls13_server_certificate_recv,
160	},	167	},
161	[SERVER_CERTIFICATE_REQUEST] = {	168	[SERVER_CERTIFICATE_REQUEST] = {
162	TLS13_HANDSHAKE,	169	.record_type = TLS13_HANDSHAKE,
163	TLS13_MT_CERTIFICATE,	170	.handshake_type = TLS13_MT_CERTIFICATE,
164	TLS13_HS_SERVER_WRITES,	171	.sender = TLS13_HS_SERVER_SENDS,
165	{tls13_server_certificate_request_recv,	172	.send = tls13_server_certificate_request_send,
166	tls13_server_certificate_request_send},	173	.recv = tls13_server_certificate_request_recv,
167	},	174	},
168	[SERVER_CERTIFICATE_VERIFY] = {	175	[SERVER_CERTIFICATE_VERIFY] = {
169	TLS13_HANDSHAKE,	176	.record_type = TLS13_HANDSHAKE,
170	TLS13_MT_CERTIFICATE_VERIFY,	177	.handshake_type = TLS13_MT_CERTIFICATE_VERIFY,
171	TLS13_HS_SERVER_WRITES,	178	.sender = TLS13_HS_SERVER_SENDS,
172	{tls13_server_certificate_verify_send,	179	.send = tls13_server_certificate_verify_send,
173	tls13_server_certificate_verify_recv},	180	.recv = tls13_server_certificate_verify_recv,
174	},	181	},
175	[SERVER_FINISHED] = {	182	[SERVER_FINISHED] = {
176	TLS13_HANDSHAKE,	183	.record_type = TLS13_HANDSHAKE,
177	TLS13_MT_FINISHED,	184	.handshake_type = TLS13_MT_FINISHED,
178	TLS13_HS_SERVER_WRITES,	185	.sender = TLS13_HS_SERVER_SENDS,
179	{tls13_server_finished_recv, tls13_server_finished_send}	186	.send = tls13_server_finished_send,
		187	.recv = tls13_server_finished_recv,
180	},	188	},
181	[SERVER_KEY_UPDATE] = {	189	[SERVER_KEY_UPDATE] = {
182	TLS13_HANDSHAKE,	190	.record_type = TLS13_HANDSHAKE,
183	TLS13_MT_KEY_UPDATE,	191	.handshake_type = TLS13_MT_KEY_UPDATE,
184	TLS13_HS_SERVER_WRITES,	192	.sender = TLS13_HS_SERVER_SENDS,
185	{tls13_server_key_update_recv, tls13_server_key_update_send},	193	.send = tls13_server_key_update_send,
		194	.recv = tls13_server_key_update_recv,
186	},	195	},
187	[SERVER_MESSAGE_HASH] = {	196	[SERVER_MESSAGE_HASH] = {
188	TLS13_HANDSHAKE,	197	.record_type = TLS13_HANDSHAKE,
189	TLS13_MT_MESSAGE_HASH,	198	.handshake_type = TLS13_MT_MESSAGE_HASH,
190	TLS13_HS_SERVER_WRITES,	199	.sender = TLS13_HS_SERVER_SENDS,
191	{tls13_server_message_hash_recv,	200	.send = tls13_server_message_hash_send,
192	tls13_server_message_hash_send},	201	.recv = tls13_server_message_hash_recv,
193	},	202	},
194	[APPLICATION_DATA] = {	203	[APPLICATION_DATA] = {
195	TLS13_APPLICATION_DATA,	204	.record_type = TLS13_APPLICATION_DATA,
196	0,	205	.handshake_type = 0,
197	TLS13_HS_BOTH_WRITE,	206	.sender = TLS13_HS_BOTH_SEND,
198	{NULL, NULL},	207	.send = NULL,
		208	.recv = NULL,
199	},	209	},
200	};	210	};
201		211
@@ -275,10 +285,10 @@ tls13_handshake_active_state(struct tls13_ctx *ctx)
275	}	285	}
276		286
277	int	287	int
278	tls13_handshake_get_writer(struct tls13_ctx *ctx)	288	tls13_handshake_get_sender(struct tls13_ctx *ctx)
279	{	289	{
280	enum tls13_message_type mt = tls13_handshake_active_state(ctx);	290	enum tls13_message_type mt = tls13_handshake_active_state(ctx);
281	return state_machine[mt].writer;	291	return state_machine[mt].sender;
282	}	292	}
283		293
284	int	294	int
@@ -286,12 +296,12 @@ tls13_connect(struct tls13_ctx *ctx)
286	{	296	{
287	ctx->mode = TLS13_HS_MODE_CLIENT;	297	ctx->mode = TLS13_HS_MODE_CLIENT;
288		298
289	while (tls13_handshake_get_writer(ctx) != TLS13_HS_BOTH_WRITE) {	299	while (tls13_handshake_get_sender(ctx) != TLS13_HS_BOTH_SEND) {
290	if (tls13_handshake_get_writer(ctx) == TLS13_HS_CLIENT_WRITES) {	300	if (tls13_handshake_get_sender(ctx) == TLS13_HS_CLIENT_SENDS) {
291	if (!tls13_handshake_write_action(ctx))	301	if (!tls13_handshake_send_action(ctx))
292	return 0;	302	return 0;
293	} else {	303	} else {
294	if (!tls13_handshake_read_action(ctx))	304	if (!tls13_handshake_recv_action(ctx))
295	return 0;	305	return 0;
296	}	306	}
297	if (!tls13_handshake_advance_state_machine(ctx))	307	if (!tls13_handshake_advance_state_machine(ctx))
@@ -306,12 +316,12 @@ tls13_accept(struct tls13_ctx *ctx)
306	{	316	{
307	ctx->mode = TLS13_HS_MODE_SERVER;	317	ctx->mode = TLS13_HS_MODE_SERVER;
308		318
309	while (tls13_handshake_get_writer(ctx) != TLS13_HS_BOTH_WRITE) {	319	while (tls13_handshake_get_sender(ctx) != TLS13_HS_BOTH_SEND) {
310	if (tls13_handshake_get_writer(ctx) == TLS13_HS_SERVER_WRITES) {	320	if (tls13_handshake_get_sender(ctx) == TLS13_HS_SERVER_SENDS) {
311	if (!tls13_handshake_write_action(ctx))	321	if (!tls13_handshake_send_action(ctx))
312	return 0;	322	return 0;
313	} else {	323	} else {
314	if (!tls13_handshake_read_action(ctx))	324	if (!tls13_handshake_recv_action(ctx))
315	return 0;	325	return 0;
316	}	326	}
317	if (!tls13_handshake_advance_state_machine(ctx))	327	if (!tls13_handshake_advance_state_machine(ctx))
@@ -324,20 +334,20 @@ tls13_accept(struct tls13_ctx *ctx)
324	int	334	int
325	tls13_handshake_advance_state_machine(struct tls13_ctx *ctx)	335	tls13_handshake_advance_state_machine(struct tls13_ctx *ctx)
326	{	336	{
327	if (tls13_handshake_get_writer(ctx) == TLS13_HS_BOTH_WRITE)	337	if (tls13_handshake_get_sender(ctx) == TLS13_HS_BOTH_SEND)
328	return 0;	338	return 0;
329	ctx->handshake.message_number++;	339	ctx->handshake.message_number++;
330	return 1;	340	return 1;
331	}	341	}
332		342
333	int	343	int
334	tls13_handshake_write_action(struct tls13_ctx *ctx)	344	tls13_handshake_send_action(struct tls13_ctx *ctx)
335	{	345	{
336	return 1;	346	return 1;
337	}	347	}
338		348
339	int	349	int
340	tls13_handshake_read_action(struct tls13_ctx *ctx)	350	tls13_handshake_recv_action(struct tls13_ctx *ctx)
341	{	351	{
342	return 1;	352	return 1;
343	}	353	}