diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2019-01-20 02:57:17 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2019-01-20 02:57:17 +0000 |
| commit | 08c269766f4558c1b72513dc67686d4f04cf6e68 (patch) | |
| tree | 4c6d1f272781a72e9ba924cc77feee463c79b422 | |
| parent | 1e94cdf52efe6bf96e0ee3a430a60234e626a917 (diff) | |
Add some internal consistency checks to the handshake state handling.
Fix the tls13_handshake_advance_state_machine() return value, which
inadvertantly got flipped in an earlier commit. Also move this function
to a more suitable location.
ok tb@
| -rw-r--r-- | lib/libssl/tls13_handshake.c | 32 |
1 files changed, 23 insertions, 9 deletions
diff --git a/lib/libssl/tls13_handshake.c b/lib/libssl/tls13_handshake.c index 7798093defa..9110c601c60 100644 --- a/lib/libssl/tls13_handshake.c +++ b/lib/libssl/tls13_handshake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_handshake.c,v 1.11 2019/01/20 02:08:05 tb Exp $ */ +/* $OpenBSD: tls13_handshake.c,v 1.12 2019/01/20 02:57:16 jsing Exp $ */ /* * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> @@ -30,7 +30,7 @@ /* Indexing into the state machine */ struct tls13_handshake { uint8_t hs_type; - int message_number; + uint8_t message_number; }; struct tls13_ctx { @@ -259,10 +259,18 @@ static enum tls13_message_type handshakes[][TLS13_NUM_MESSAGE_TYPES] = { }, }; +#define NUM_HANDSHAKES (sizeof(handshakes) / sizeof(handshakes[0])) + enum tls13_message_type tls13_handshake_active_state(struct tls13_ctx *ctx) { struct tls13_handshake hs = ctx->handshake; + + if (hs.hs_type >= NUM_HANDSHAKES) + return INVALID; + if (hs.message_number >= TLS13_NUM_MESSAGE_TYPES) + return INVALID; + return handshakes[hs.hs_type][hs.message_number]; } @@ -270,10 +278,23 @@ struct tls13_handshake_action * tls13_handshake_active_action(struct tls13_ctx *ctx) { enum tls13_message_type mt = tls13_handshake_active_state(ctx); + + if (mt == INVALID) + return NULL; + return &state_machine[mt]; } int +tls13_handshake_advance_state_machine(struct tls13_ctx *ctx) +{ + if (++ctx->handshake.message_number >= TLS13_NUM_MESSAGE_TYPES) + return 0; + + return 1; +} + +int tls13_connect(struct tls13_ctx *ctx) { struct tls13_handshake_action *action; @@ -332,13 +353,6 @@ tls13_accept(struct tls13_ctx *ctx) } int -tls13_handshake_advance_state_machine(struct tls13_ctx *ctx) -{ - ctx->handshake.message_number++; - return 0; -} - -int tls13_handshake_send_action(struct tls13_ctx *ctx, struct tls13_handshake_action *action) { |