diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2019-02-07 15:54:19 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2019-02-07 15:54:19 +0000 |
| commit | d4741bc0eb4800bd2f7a92d063bebfcb1222463d (patch) | |
| tree | c15d676ce7b4d750ab965fa8a854b6a5581a4097 /lib | |
| parent | 291a9356797311fc6e115e3cd2077d7fbde8cec5 (diff) | |
Implement processing of EncryptedExtensions in the TLS 1.3 client.
ok bcook@ tb@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/tls13_client.c | 28 | ||||
| -rw-r--r-- | lib/libssl/tls13_handshake.c | 8 |
2 files changed, 28 insertions, 8 deletions
diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c index 4d34cf99437..0f0c673f2cc 100644 --- a/lib/libssl/tls13_client.c +++ b/lib/libssl/tls13_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_client.c,v 1.2 2019/02/04 16:18:15 jsing Exp $ */ +/* $OpenBSD: tls13_client.c,v 1.3 2019/02/07 15:54:18 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * @@ -230,6 +230,8 @@ tls13_server_hello_process(struct tls13_ctx *ctx, CBS *cbs) return 1; err: + /* XXX - send alert. */ + return 0; } @@ -253,6 +255,7 @@ tls13_server_hello_recv(struct tls13_ctx *ctx) if (S3I(s)->hs_tls13.server_version < TLS1_3_VERSION) { /* XXX - switch back to legacy client. */ + goto err; } if (ctx->handshake_stage.hs_type & WITH_HRR) @@ -314,3 +317,26 @@ tls13_server_hello_recv(struct tls13_ctx *ctx) freezero(shared_key, X25519_KEY_LENGTH); return ret; } + +int +tls13_server_encrypted_extensions_recv(struct tls13_ctx *ctx) +{ + int alert; + CBS cbs; + + if (!tls13_handshake_msg_content(ctx->hs_msg, &cbs)) + goto err; + + if (!tlsext_client_parse(ctx->ssl, &cbs, &alert, SSL_TLSEXT_MSG_EE)) + goto err; + + if (CBS_len(&cbs) != 0) + goto err; + + return 1; + + err: + /* XXX - send alert. */ + + return 0; +} diff --git a/lib/libssl/tls13_handshake.c b/lib/libssl/tls13_handshake.c index b3c08ef39c1..68d6a9d4444 100644 --- a/lib/libssl/tls13_handshake.c +++ b/lib/libssl/tls13_handshake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_handshake.c,v 1.23 2019/02/04 16:18:15 jsing Exp $ */ +/* $OpenBSD: tls13_handshake.c,v 1.24 2019/02/07 15:54:18 jsing Exp $ */ /* * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> @@ -475,12 +475,6 @@ tls13_server_hello_send(struct tls13_ctx *ctx) } int -tls13_server_encrypted_extensions_recv(struct tls13_ctx *ctx) -{ - return 0; -} - -int tls13_server_encrypted_extensions_send(struct tls13_ctx *ctx) { return 0; |