| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
so it can be used from regress. Update regress accordingly.
Make sure the print target generates the entire table as it
currently is in tls13_handshake.c
discussed with beck and jsing
ok jsing
|
| |
|
|
|
|
|
| |
This sorts the valid handshakes with respect to ascending flags
value instead of the ad-hoc order produced by the algorithm.
ok jsing
|
| |
|
|
| |
ok bcook
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Move tls13_connect() to a new tls13_client.c file and provide a legacy
wrapper to it, which allocates a struct tls_ctx if necessary. Also move
tls13_client_hello_send() to tls13_client.c and actual implement the
building of a client hello.
ok tb@
|
| |
|
|
|
|
|
| |
This means that we actually receive and send handshake messages to and from
the record layer.
ok tb@
|
| |
|
|
|
|
|
| |
Pull the shared code up into a function and call it from tls13_connect()
and tls13_accept() instead of duplicating it.
"Yes, please!" tb@
|
| |
|
|
|
|
|
|
| |
While here, rename struct handshake to struct handshake_stage to avoid
potential ambiguity/conflict with the handshake data struct. Also add
forward and back pointers between SSL and struct tls13_ctx.
ok tb@
|
| | |
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
| |
Fix the tls13_handshake_advance_state_machine() return value, which
inadvertantly got flipped in an earlier commit. Also move this function
to a more suitable location.
ok tb@
|
| |
|
|
|
|
| |
of overloading/abusing action->sender.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check that the handshake message type received matches that required by the
state machine.
However, thanks to poor state design in the TLSv1.3 RFC, there is no way to
know if you're going to receive a certificate request message or not, hence
we have to special case it and teach the receive handler how to handle this
situation.
Discussed at length with beck@ and tb@ during the hackathon.
ok tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The I/O paths are from the tls13_handshake_send_action() and
tls13_handshake_recv_action() functions - both of these need to propagate
I/O conditions (EOF, failure, want poll in, want poll out) up the stack,
so we need to capture and return values <= 0. Use an I/O condition to
indicate successful handshake completion.
Also, the various send/recv functions are currently unimplemented, so
return 0 (failure) rather than 1 (success).
ok tb@
|
| |
|
|
|
|
|
|
| |
Update the handshake state tables and flag names according to the
design decisions and naming conventions in the hackroom. Garbage collect
some things that turn out not to belong here.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Provide a tls13_handshake_active_action() function to reduce code
duplication and replace tls13_handshake_get_sender().
- Add an INVALID message_type, so we can explicitly detect invalid
conditions.
- Implement skeletons for the tls13_handshake_send_action() and
tls13_handshake_recv_action() functions.
- OR in the NEGOTIATED value at the end of recving or sending a server
hello so that we switch to the next chain in the state table.
ok tb@
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
and "write". Use self-documenting C99 initializers.
ok bcook, jsing
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
|
|
inspired by s2n's state machine. Lots of help and input from jsing.
ok beck, jsing
|
