From 209ebe23b1e7e66e668c0b697cfc176613369955 Mon Sep 17 00:00:00 2001 From: Joel Sing Date: Sat, 25 Apr 2020 18:06:29 +0000 Subject: Switch to NEGOTIATED when using WITHOUT_HRR. This ensures that we remain in a valid handshake state in the TLSv1.3 server. Ideally we would not switch to NEGOTIATED until after record protection has been enabled, but we'll revisit this later. Issue noted by inoguchi@ ok tb@ --- lib/libssl/tls13_server.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c index 9bc4cb6170f..16c2e32dbab 100644 --- a/lib/libssl/tls13_server.c +++ b/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.31 2020/04/22 17:05:07 jsing Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.32 2020/04/25 18:06:28 jsing Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing * Copyright (c) 2020 Bob Beck @@ -280,11 +280,16 @@ tls13_client_hello_recv(struct tls13_ctx *ctx, CBS *cbs) return 1; /* - * If a matching key share was provided, we do not need to - * send a HelloRetryRequest. + * If a matching key share was provided, we do not need to send a + * HelloRetryRequest. + */ + /* + * XXX - ideally NEGOTIATED would only be added after record protection + * has been enabled. This would probably mean using either an + * INITIAL | WITHOUT_HRR state, or another intermediate state. */ if (ctx->hs->key_share != NULL) - ctx->handshake_stage.hs_type |= WITHOUT_HRR; + ctx->handshake_stage.hs_type |= NEGOTIATED | WITHOUT_HRR; /* XXX - check this is the correct point */ tls13_record_layer_allow_ccs(ctx->rl, 1); -- cgit v1.2.3