projects
/
BearSSL
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Added stricter rule on input for RSA private key operation (mathematically correct...
[BearSSL]
/
src
/
ssl
/
ssl_hs_server.t0
diff --git
a/src/ssl/ssl_hs_server.t0
b/src/ssl/ssl_hs_server.t0
index
cb0579c
..
58d5c94
100644
(file)
--- a/
src/ssl/ssl_hs_server.t0
+++ b/
src/ssl/ssl_hs_server.t0
@@
-611,6
+611,13
@@
cc: save-session ( -- ) {
}
}
}
}
+\ Read and drop ClientHello. This is used when a client-triggered
+\ renegotiation attempt is rejected.
+: skip-ClientHello ( -- )
+ read-handshake-header-core
+ 1 = ifnot ERR_UNEXPECTED fail then
+ dup skip-blob drop ;
+
\ Read ClientHello. If the session is resumed, then -1 is returned.
: read-ClientHello ( -- resume )
\ Get header, and check message type.
\ Read ClientHello. If the session is resumed, then -1 is returned.
: read-ClientHello ( -- resume )
\ Get header, and check message type.
@@
-814,6
+821,11
@@
cc: save-session ( -- ) {
\ we should mark the client as "supporting secure renegotiation".
reneg-scsv if 2 addr-reneg set8 then
\ we should mark the client as "supporting secure renegotiation".
reneg-scsv if 2 addr-reneg set8 then
+ \ If, at that point, the 'reneg' value is still 0, then the client
+ \ did not send the extension or the SCSV, so we have to assume
+ \ that secure renegotiation is not supported by that client.
+ addr-reneg get8 ifnot 1 addr-reneg set8 then
+
\ Check compression.
ok-compression ifnot 40 fail-alert then
\ Check compression.
ok-compression ifnot 40 fail-alert then
@@
-1468,6
+1480,7
@@
cc: verify-CV-sig ( sig-len -- err ) {
\ The best we can do is ask for a
\ renegotiation, then wait for it
\ to happen.
\ The best we can do is ask for a
\ renegotiation, then wait for it
\ to happen.
+ 0 addr-application_data set8
send-HelloRequest
then
endof
send-HelloRequest
then
endof
@@
-1477,11
+1490,16
@@
cc: verify-CV-sig ( sig-len -- err ) {
\ "no renegotiation" flag is set.
drop
addr-reneg get8 1 = 1 flag? or if
\ "no renegotiation" flag is set.
drop
addr-reneg get8 1 = 1 flag? or if
+ skip-ClientHello
flush-record
begin can-output? not while
wait-co drop
repeat
100 send-warning
flush-record
begin can-output? not while
wait-co drop
repeat
100 send-warning
+ \ Put back connection in "application
+ \ data" state: it's not dead yet.
+ 1 addr-application_data set8
+ 23 addr-record_type_out set8
else
0 do-handshake
then
else
0 do-handshake
then
projects / BearSSL / blobdiff