diff options
| author | Matt Caswell <matt@openssl.org> | 2017-11-13 11:24:51 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2017-12-14 15:06:37 +0000 |
| commit | fc7129dc37f38022382338cf37cee795d975450f (patch) | |
| tree | 5421f62439bbae70443f8a352508413a039bb00f /ssl/statem/statem_clnt.c | |
| parent | 6f40214f68d06820304e6f9a4c60099a1fbce10c (diff) | |
Update state machine to send CCS based on whether we did an HRR
The CCS may be sent at different times based on whether or not we
sent an HRR earlier. In order to make that decision this commit
also updates things to make sure we remember whether an HRR was
used or not.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
Diffstat (limited to 'ssl/statem/statem_clnt.c')
| -rw-r--r-- | ssl/statem/statem_clnt.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index af9e1dcd7d..80148fa531 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -387,7 +387,7 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s) || s->early_data_state == SSL_EARLY_DATA_FINISHED_WRITING) st->hand_state = TLS_ST_PENDING_EARLY_DATA_END; else if ((s->options & SSL_OP_ENABLE_MIDDLEBOX_COMPAT) != 0 - && !s->hello_retry_request) + && s->hello_retry_request == SSL_HRR_NONE) st->hand_state = TLS_ST_CW_CHANGE; else st->hand_state = (s->s3->tmp.cert_req != 0) ? TLS_ST_CW_CERT @@ -1055,7 +1055,8 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt) if (sess == NULL || !ssl_version_supported(s, sess->ssl_version) || !SSL_SESSION_is_resumable(sess)) { - if (!s->hello_retry_request && !ssl_get_new_session(s, 0)) { + if (s->hello_retry_request == SSL_HRR_NONE + && !ssl_get_new_session(s, 0)) { /* SSLfatal() already called */ return 0; } @@ -1078,7 +1079,7 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt) } } } else { - i = s->hello_retry_request == 0; + i = (s->hello_retry_request == SSL_HRR_NONE); } if (i && ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random), @@ -1136,7 +1137,7 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt) sess_id_len = sizeof(s->tmp_session_id); s->tmp_session_id_len = sess_id_len; session_id = s->tmp_session_id; - if (!s->hello_retry_request + if (s->hello_retry_request == SSL_HRR_NONE && ssl_randbytes(s, s->tmp_session_id, sess_id_len) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, @@ -1360,7 +1361,8 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) && sversion == TLS1_2_VERSION && PACKET_remaining(pkt) >= SSL3_RANDOM_SIZE && memcmp(hrrrandom, PACKET_data(pkt), SSL3_RANDOM_SIZE) == 0) { - s->hello_retry_request = hrr = 1; + s->hello_retry_request = SSL_HRR_PENDING; + hrr = 1; if (!PACKET_forward(pkt, SSL3_RANDOM_SIZE)) { SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_LENGTH_MISMATCH); |