diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/tls13_handshake.c | 86 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_internal.h | 5 |
2 files changed, 47 insertions, 44 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c index 77e59f1930..b566ed2298 100644 --- a/src/lib/libssl/tls13_handshake.c +++ b/src/lib/libssl/tls13_handshake.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_handshake.c,v 1.8 2019/01/18 06:51:29 tb Exp $ */ | 1 | /* $OpenBSD: tls13_handshake.c,v 1.9 2019/01/19 03:32:03 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> | 3 | * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> |
| 4 | * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> | 4 | * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> |
| @@ -279,26 +279,27 @@ int | |||
| 279 | tls13_connect(struct tls13_ctx *ctx) | 279 | tls13_connect(struct tls13_ctx *ctx) |
| 280 | { | 280 | { |
| 281 | struct tls13_handshake_action *action; | 281 | struct tls13_handshake_action *action; |
| 282 | int ret; | ||
| 282 | 283 | ||
| 283 | ctx->mode = TLS13_HS_CLIENT; | 284 | ctx->mode = TLS13_HS_CLIENT; |
| 284 | 285 | ||
| 285 | for (;;) { | 286 | for (;;) { |
| 286 | if ((action = tls13_handshake_active_action(ctx)) == NULL) | 287 | if ((action = tls13_handshake_active_action(ctx)) == NULL) |
| 287 | return -1; | 288 | return TLS13_IO_FAILURE; |
| 288 | 289 | ||
| 289 | if (action->sender == TLS13_HS_BOTH) | 290 | if (action->sender == TLS13_HS_BOTH) |
| 290 | return 1; | 291 | return TLS13_IO_SUCCESS; |
| 291 | 292 | ||
| 292 | if (action->sender == TLS13_HS_CLIENT) { | 293 | if (action->sender == TLS13_HS_CLIENT) { |
| 293 | if (!tls13_handshake_send_action(ctx, action)) | 294 | if ((ret = tls13_handshake_send_action(ctx, action)) <= 0) |
| 294 | return 0; | 295 | return ret; |
| 295 | } else { | 296 | } else { |
| 296 | if (!tls13_handshake_recv_action(ctx, action)) | 297 | if ((ret = tls13_handshake_recv_action(ctx, action)) <= 0) |
| 297 | return 0; | 298 | return ret; |
| 298 | } | 299 | } |
| 299 | 300 | ||
| 300 | if (!tls13_handshake_advance_state_machine(ctx)) | 301 | if (!tls13_handshake_advance_state_machine(ctx)) |
| 301 | return 0; | 302 | return TLS13_IO_FAILURE; |
| 302 | } | 303 | } |
| 303 | } | 304 | } |
| 304 | 305 | ||
| @@ -306,26 +307,27 @@ int | |||
| 306 | tls13_accept(struct tls13_ctx *ctx) | 307 | tls13_accept(struct tls13_ctx *ctx) |
| 307 | { | 308 | { |
| 308 | struct tls13_handshake_action *action; | 309 | struct tls13_handshake_action *action; |
| 310 | int ret; | ||
| 309 | 311 | ||
| 310 | ctx->mode = TLS13_HS_SERVER; | 312 | ctx->mode = TLS13_HS_SERVER; |
| 311 | 313 | ||
| 312 | for (;;) { | 314 | for (;;) { |
| 313 | if ((action = tls13_handshake_active_action(ctx)) == NULL) | 315 | if ((action = tls13_handshake_active_action(ctx)) == NULL) |
| 314 | return -1; | 316 | return TLS13_IO_FAILURE; |
| 315 | 317 | ||
| 316 | if (action->sender == TLS13_HS_BOTH) | 318 | if (action->sender == TLS13_HS_BOTH) |
| 317 | return 1; | 319 | return TLS13_IO_SUCCESS; |
| 318 | 320 | ||
| 319 | if (action->sender == TLS13_HS_SERVER) { | 321 | if (action->sender == TLS13_HS_SERVER) { |
| 320 | if (!tls13_handshake_send_action(ctx, action)) | 322 | if ((ret = tls13_handshake_send_action(ctx, action)) <= 0) |
| 321 | return 0; | 323 | return ret; |
| 322 | } else { | 324 | } else { |
| 323 | if (!tls13_handshake_recv_action(ctx, action)) | 325 | if ((ret = tls13_handshake_recv_action(ctx, action)) <= 0) |
| 324 | return 0; | 326 | return ret; |
| 325 | } | 327 | } |
| 326 | 328 | ||
| 327 | if (!tls13_handshake_advance_state_machine(ctx)) | 329 | if (!tls13_handshake_advance_state_machine(ctx)) |
| 328 | return 0; | 330 | return TLS13_IO_FAILURE; |
| 329 | } | 331 | } |
| 330 | 332 | ||
| 331 | return 1; | 333 | return 1; |
| @@ -335,7 +337,7 @@ int | |||
| 335 | tls13_handshake_advance_state_machine(struct tls13_ctx *ctx) | 337 | tls13_handshake_advance_state_machine(struct tls13_ctx *ctx) |
| 336 | { | 338 | { |
| 337 | ctx->handshake.message_number++; | 339 | ctx->handshake.message_number++; |
| 338 | return 1; | 340 | return 0; |
| 339 | } | 341 | } |
| 340 | 342 | ||
| 341 | int | 343 | int |
| @@ -355,86 +357,86 @@ tls13_handshake_recv_action(struct tls13_ctx *ctx, | |||
| 355 | int | 357 | int |
| 356 | tls13_client_hello_send(struct tls13_ctx *ctx) | 358 | tls13_client_hello_send(struct tls13_ctx *ctx) |
| 357 | { | 359 | { |
| 358 | return 1; | 360 | return 0; |
| 359 | } | 361 | } |
| 360 | 362 | ||
| 361 | int | 363 | int |
| 362 | tls13_client_hello_recv(struct tls13_ctx *ctx) | 364 | tls13_client_hello_recv(struct tls13_ctx *ctx) |
| 363 | { | 365 | { |
| 364 | return 1; | 366 | return 0; |
| 365 | } | 367 | } |
| 366 | 368 | ||
| 367 | int | 369 | int |
| 368 | tls13_client_hello_retry_send(struct tls13_ctx *ctx) | 370 | tls13_client_hello_retry_send(struct tls13_ctx *ctx) |
| 369 | { | 371 | { |
| 370 | return 1; | 372 | return 0; |
| 371 | } | 373 | } |
| 372 | 374 | ||
| 373 | int | 375 | int |
| 374 | tls13_client_hello_retry_recv(struct tls13_ctx *ctx) | 376 | tls13_client_hello_retry_recv(struct tls13_ctx *ctx) |
| 375 | { | 377 | { |
| 376 | return 1; | 378 | return 0; |
| 377 | } | 379 | } |
| 378 | 380 | ||
| 379 | 381 | ||
| 380 | int | 382 | int |
| 381 | tls13_client_end_of_early_data_send(struct tls13_ctx *ctx) | 383 | tls13_client_end_of_early_data_send(struct tls13_ctx *ctx) |
| 382 | { | 384 | { |
| 383 | return 1; | 385 | return 0; |
| 384 | } | 386 | } |
| 385 | 387 | ||
| 386 | int | 388 | int |
| 387 | tls13_client_end_of_early_data_recv(struct tls13_ctx *ctx) | 389 | tls13_client_end_of_early_data_recv(struct tls13_ctx *ctx) |
| 388 | { | 390 | { |
| 389 | return 1; | 391 | return 0; |
| 390 | } | 392 | } |
| 391 | 393 | ||
| 392 | int | 394 | int |
| 393 | tls13_client_certificate_send(struct tls13_ctx *ctx) | 395 | tls13_client_certificate_send(struct tls13_ctx *ctx) |
| 394 | { | 396 | { |
| 395 | return 1; | 397 | return 0; |
| 396 | } | 398 | } |
| 397 | 399 | ||
| 398 | int | 400 | int |
| 399 | tls13_client_certificate_recv(struct tls13_ctx *ctx) | 401 | tls13_client_certificate_recv(struct tls13_ctx *ctx) |
| 400 | { | 402 | { |
| 401 | return 1; | 403 | return 0; |
| 402 | } | 404 | } |
| 403 | 405 | ||
| 404 | int | 406 | int |
| 405 | tls13_client_certificate_verify_send(struct tls13_ctx *ctx) | 407 | tls13_client_certificate_verify_send(struct tls13_ctx *ctx) |
| 406 | { | 408 | { |
| 407 | return 1; | 409 | return 0; |
| 408 | } | 410 | } |
| 409 | 411 | ||
| 410 | int | 412 | int |
| 411 | tls13_client_certificate_verify_recv(struct tls13_ctx *ctx) | 413 | tls13_client_certificate_verify_recv(struct tls13_ctx *ctx) |
| 412 | { | 414 | { |
| 413 | return 1; | 415 | return 0; |
| 414 | } | 416 | } |
| 415 | 417 | ||
| 416 | int | 418 | int |
| 417 | tls13_client_finished_recv(struct tls13_ctx *ctx) | 419 | tls13_client_finished_recv(struct tls13_ctx *ctx) |
| 418 | { | 420 | { |
| 419 | return 1; | 421 | return 0; |
| 420 | } | 422 | } |
| 421 | 423 | ||
| 422 | int | 424 | int |
| 423 | tls13_client_finished_send(struct tls13_ctx *ctx) | 425 | tls13_client_finished_send(struct tls13_ctx *ctx) |
| 424 | { | 426 | { |
| 425 | return 1; | 427 | return 0; |
| 426 | } | 428 | } |
| 427 | 429 | ||
| 428 | int | 430 | int |
| 429 | tls13_client_key_update_send(struct tls13_ctx *ctx) | 431 | tls13_client_key_update_send(struct tls13_ctx *ctx) |
| 430 | { | 432 | { |
| 431 | return 1; | 433 | return 0; |
| 432 | } | 434 | } |
| 433 | 435 | ||
| 434 | int | 436 | int |
| 435 | tls13_client_key_update_recv(struct tls13_ctx *ctx) | 437 | tls13_client_key_update_recv(struct tls13_ctx *ctx) |
| 436 | { | 438 | { |
| 437 | return 1; | 439 | return 0; |
| 438 | } | 440 | } |
| 439 | 441 | ||
| 440 | int | 442 | int |
| @@ -442,7 +444,7 @@ tls13_server_hello_recv(struct tls13_ctx *ctx) | |||
| 442 | { | 444 | { |
| 443 | ctx->handshake.hs_type |= NEGOTIATED; | 445 | ctx->handshake.hs_type |= NEGOTIATED; |
| 444 | 446 | ||
| 445 | return 1; | 447 | return 0; |
| 446 | } | 448 | } |
| 447 | 449 | ||
| 448 | int | 450 | int |
| @@ -450,65 +452,65 @@ tls13_server_hello_send(struct tls13_ctx *ctx) | |||
| 450 | { | 452 | { |
| 451 | ctx->handshake.hs_type |= NEGOTIATED; | 453 | ctx->handshake.hs_type |= NEGOTIATED; |
| 452 | 454 | ||
| 453 | return 1; | 455 | return 0; |
| 454 | } | 456 | } |
| 455 | 457 | ||
| 456 | int | 458 | int |
| 457 | tls13_server_encrypted_extensions_recv(struct tls13_ctx *ctx) | 459 | tls13_server_encrypted_extensions_recv(struct tls13_ctx *ctx) |
| 458 | { | 460 | { |
| 459 | return 1; | 461 | return 0; |
| 460 | } | 462 | } |
| 461 | 463 | ||
| 462 | int | 464 | int |
| 463 | tls13_server_encrypted_extensions_send(struct tls13_ctx *ctx) | 465 | tls13_server_encrypted_extensions_send(struct tls13_ctx *ctx) |
| 464 | { | 466 | { |
| 465 | return 1; | 467 | return 0; |
| 466 | } | 468 | } |
| 467 | 469 | ||
| 468 | int | 470 | int |
| 469 | tls13_server_certificate_recv(struct tls13_ctx *ctx) | 471 | tls13_server_certificate_recv(struct tls13_ctx *ctx) |
| 470 | { | 472 | { |
| 471 | return 1; | 473 | return 0; |
| 472 | } | 474 | } |
| 473 | 475 | ||
| 474 | int | 476 | int |
| 475 | tls13_server_certificate_send(struct tls13_ctx *ctx) | 477 | tls13_server_certificate_send(struct tls13_ctx *ctx) |
| 476 | { | 478 | { |
| 477 | return 1; | 479 | return 0; |
| 478 | } | 480 | } |
| 479 | 481 | ||
| 480 | int | 482 | int |
| 481 | tls13_server_certificate_request_recv(struct tls13_ctx *ctx) | 483 | tls13_server_certificate_request_recv(struct tls13_ctx *ctx) |
| 482 | { | 484 | { |
| 483 | return 1; | 485 | return 0; |
| 484 | } | 486 | } |
| 485 | 487 | ||
| 486 | int | 488 | int |
| 487 | tls13_server_certificate_request_send(struct tls13_ctx *ctx) | 489 | tls13_server_certificate_request_send(struct tls13_ctx *ctx) |
| 488 | { | 490 | { |
| 489 | return 1; | 491 | return 0; |
| 490 | } | 492 | } |
| 491 | 493 | ||
| 492 | int | 494 | int |
| 493 | tls13_server_certificate_verify_send(struct tls13_ctx *ctx) | 495 | tls13_server_certificate_verify_send(struct tls13_ctx *ctx) |
| 494 | { | 496 | { |
| 495 | return 1; | 497 | return 0; |
| 496 | } | 498 | } |
| 497 | 499 | ||
| 498 | int | 500 | int |
| 499 | tls13_server_certificate_verify_recv(struct tls13_ctx *ctx) | 501 | tls13_server_certificate_verify_recv(struct tls13_ctx *ctx) |
| 500 | { | 502 | { |
| 501 | return 1; | 503 | return 0; |
| 502 | } | 504 | } |
| 503 | 505 | ||
| 504 | int | 506 | int |
| 505 | tls13_server_finished_recv(struct tls13_ctx *ctx) | 507 | tls13_server_finished_recv(struct tls13_ctx *ctx) |
| 506 | { | 508 | { |
| 507 | return 1; | 509 | return 0; |
| 508 | } | 510 | } |
| 509 | 511 | ||
| 510 | int | 512 | int |
| 511 | tls13_server_finished_send(struct tls13_ctx *ctx) | 513 | tls13_server_finished_send(struct tls13_ctx *ctx) |
| 512 | { | 514 | { |
| 513 | return 1; | 515 | return 0; |
| 514 | } | 516 | } |
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h index e672df37e3..876f339c80 100644 --- a/src/lib/libssl/tls13_internal.h +++ b/src/lib/libssl/tls13_internal.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_internal.h,v 1.7 2019/01/18 06:51:29 tb Exp $ */ | 1 | /* $OpenBSD: tls13_internal.h,v 1.8 2019/01/19 03:32:03 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018 Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2018 Bob Beck <beck@openbsd.org> |
| 4 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> | 4 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> |
| @@ -25,7 +25,8 @@ | |||
| 25 | 25 | ||
| 26 | __BEGIN_HIDDEN_DECLS | 26 | __BEGIN_HIDDEN_DECLS |
| 27 | 27 | ||
| 28 | #define TLS13_IO_EOF 0 | 28 | #define TLS13_IO_SUCCESS 1 |
| 29 | #define TLS13_IO_EOF 0 | ||
| 29 | #define TLS13_IO_FAILURE -1 | 30 | #define TLS13_IO_FAILURE -1 |
| 30 | #define TLS13_IO_WANT_POLLIN -2 | 31 | #define TLS13_IO_WANT_POLLIN -2 |
| 31 | #define TLS13_IO_WANT_POLLOUT -3 | 32 | #define TLS13_IO_WANT_POLLOUT -3 |