summaryrefslogtreecommitdiff
path: root/src/lib/libssl/tls13_handshake.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/tls13_handshake.c')
-rw-r--r--src/lib/libssl/tls13_handshake.c32
1 files changed, 29 insertions, 3 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 310a2116b8..cca8560fc2 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_handshake.c,v 1.69 2021/07/01 17:53:39 jsing Exp $ */ 1/* $OpenBSD: tls13_handshake.c,v 1.70 2021/09/16 19:25:30 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018-2021 Theo Buehler <tb@openbsd.org> 3 * Copyright (c) 2018-2021 Theo Buehler <tb@openbsd.org>
4 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -331,6 +331,18 @@ tls13_handshake_advance_state_machine(struct tls13_ctx *ctx)
331 return 1; 331 return 1;
332} 332}
333 333
334static int
335tls13_handshake_end_of_flight(struct tls13_ctx *ctx,
336 const struct tls13_handshake_action *previous)
337{
338 const struct tls13_handshake_action *current;
339
340 if ((current = tls13_handshake_active_action(ctx)) == NULL)
341 return 1;
342
343 return current->sender != previous->sender;
344}
345
334int 346int
335tls13_handshake_msg_record(struct tls13_ctx *ctx) 347tls13_handshake_msg_record(struct tls13_ctx *ctx)
336{ 348{
@@ -344,6 +356,7 @@ int
344tls13_handshake_perform(struct tls13_ctx *ctx) 356tls13_handshake_perform(struct tls13_ctx *ctx)
345{ 357{
346 const struct tls13_handshake_action *action; 358 const struct tls13_handshake_action *action;
359 int sending;
347 int ret; 360 int ret;
348 361
349 if (!ctx->handshake_started) { 362 if (!ctx->handshake_started) {
@@ -367,6 +380,13 @@ tls13_handshake_perform(struct tls13_ctx *ctx)
367 if ((action = tls13_handshake_active_action(ctx)) == NULL) 380 if ((action = tls13_handshake_active_action(ctx)) == NULL)
368 return TLS13_IO_FAILURE; 381 return TLS13_IO_FAILURE;
369 382
383 if (ctx->need_flush) {
384 if ((ret = tls13_record_layer_flush(ctx->rl)) !=
385 TLS13_IO_SUCCESS)
386 return ret;
387 ctx->need_flush = 0;
388 }
389
370 if (action->handshake_complete) { 390 if (action->handshake_complete) {
371 ctx->handshake_completed = 1; 391 ctx->handshake_completed = 1;
372 tls13_record_layer_handshake_completed(ctx->rl); 392 tls13_record_layer_handshake_completed(ctx->rl);
@@ -379,14 +399,16 @@ tls13_handshake_perform(struct tls13_ctx *ctx)
379 return TLS13_IO_SUCCESS; 399 return TLS13_IO_SUCCESS;
380 } 400 }
381 401
402 sending = action->sender == ctx->mode;
403
382 DEBUGF("%s %s %s\n", tls13_handshake_mode_name(ctx->mode), 404 DEBUGF("%s %s %s\n", tls13_handshake_mode_name(ctx->mode),
383 (action->sender == ctx->mode) ? "sending" : "receiving", 405 sending ? "sending" : "receiving",
384 tls13_handshake_message_name(action->handshake_type)); 406 tls13_handshake_message_name(action->handshake_type));
385 407
386 if (ctx->alert != 0) 408 if (ctx->alert != 0)
387 return tls13_send_alert(ctx->rl, ctx->alert); 409 return tls13_send_alert(ctx->rl, ctx->alert);
388 410
389 if (action->sender == ctx->mode) 411 if (sending)
390 ret = tls13_handshake_send_action(ctx, action); 412 ret = tls13_handshake_send_action(ctx, action);
391 else 413 else
392 ret = tls13_handshake_recv_action(ctx, action); 414 ret = tls13_handshake_recv_action(ctx, action);
@@ -408,6 +430,10 @@ tls13_handshake_perform(struct tls13_ctx *ctx)
408 if (!tls13_handshake_advance_state_machine(ctx)) 430 if (!tls13_handshake_advance_state_machine(ctx))
409 return TLS13_IO_FAILURE; 431 return TLS13_IO_FAILURE;
410 432
433 if (sending)
434 ctx->need_flush = tls13_handshake_end_of_flight(ctx,
435 action);
436
411 if (!tls13_handshake_set_legacy_state(ctx)) 437 if (!tls13_handshake_set_legacy_state(ctx))
412 return TLS13_IO_FAILURE; 438 return TLS13_IO_FAILURE;
413 } 439 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-02 04:29:25 +0000