diff options
author | Matt Caswell <matt@openssl.org> | 2016-11-11 16:22:19 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-11-23 15:31:21 +0000 |
commit | 9970290e1d984bf8cc1dce7093bca915062cfdd7 (patch) | |
tree | a904625ae6a0fa9fdbfc87aa3d02bc1fde32f203 /util/TLSProxy | |
parent | 6484776f177b38dd668618a75bee58674ca42578 (diff) |
Fix the tests following the state machine changes for TLSv1.3
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'util/TLSProxy')
-rw-r--r-- | util/TLSProxy/Message.pm | 4 | ||||
-rw-r--r-- | util/TLSProxy/Record.pm | 25 | ||||
-rw-r--r-- | util/TLSProxy/ServerHello.pm | 6 |
3 files changed, 21 insertions, 14 deletions
diff --git a/util/TLSProxy/Message.pm b/util/TLSProxy/Message.pm index 6bf5a72949..3259edc5dd 100644 --- a/util/TLSProxy/Message.pm +++ b/util/TLSProxy/Message.pm @@ -115,9 +115,9 @@ sub get_messages die "CCS received before message data complete\n"; } if ($server) { - TLSProxy::Record->server_ccs_seen(1); + TLSProxy::Record->server_encrypting(1); } else { - TLSProxy::Record->client_ccs_seen(1); + TLSProxy::Record->client_encrypting(1); } } elsif ($record->content_type == TLSProxy::Record::RT_HANDSHAKE) { if ($record->len == 0 || $record->len_real == 0) { diff --git a/util/TLSProxy/Record.pm b/util/TLSProxy/Record.pm index bf6de439ad..6d35f08bed 100644 --- a/util/TLSProxy/Record.pm +++ b/util/TLSProxy/Record.pm @@ -11,8 +11,8 @@ use TLSProxy::Proxy; package TLSProxy::Record; -my $server_ccs_seen = 0; -my $client_ccs_seen = 0; +my $server_encrypting = 0; +my $client_encrypting = 0; my $etm = 0; use constant TLS_RECORD_HEADER_LENGTH => 5; @@ -36,6 +36,7 @@ my %record_type = ( use constant { VERS_TLS_1_4 => 773, + VERS_TLS_1_3_DRAFT => 32530, VERS_TLS_1_3 => 772, VERS_TLS_1_2 => 771, VERS_TLS_1_1 => 770, @@ -108,8 +109,8 @@ sub get_records substr($packet, TLS_RECORD_HEADER_LENGTH, $len_real) ); - if (($server && $server_ccs_seen) - || (!$server && $client_ccs_seen)) { + if (($server && $server_encrypting) + || (!$server && $client_encrypting)) { if ($version != VERS_TLS_1_3() && $etm) { $record->decryptETM(); } else { @@ -133,26 +134,26 @@ sub get_records sub clear { - $server_ccs_seen = 0; - $client_ccs_seen = 0; + $server_encrypting = 0; + $client_encrypting = 0; } #Class level accessors -sub server_ccs_seen +sub server_encrypting { my $class = shift; if (@_) { - $server_ccs_seen = shift; + $server_encrypting = shift; } - return $server_ccs_seen; + return $server_encrypting; } -sub client_ccs_seen +sub client_encrypting { my $class = shift; if (@_) { - $client_ccs_seen = shift; + $client_encrypting= shift; } - return $client_ccs_seen; + return $client_encrypting; } #Enable/Disable Encrypt-then-MAC sub etm diff --git a/util/TLSProxy/ServerHello.pm b/util/TLSProxy/ServerHello.pm index 79a8be9a89..9d6ad385bb 100644 --- a/util/TLSProxy/ServerHello.pm +++ b/util/TLSProxy/ServerHello.pm @@ -94,6 +94,12 @@ sub parse $self->process_data(); + # TODO(TLS1.3): Replace this reference to draft version before release + if ($server_version == TLSProxy::Record::VERS_TLS_1_3_DRAFT) { + TLSProxy::Record->server_encrypting(1); + TLSProxy::Record->client_encrypting(1); + } + print " Server Version:".$server_version."\n"; print " Session ID Len:".$session_id_len."\n"; print " Ciphersuite:".$ciphersuite."\n"; |