STACK_OF(SSL_CIPHER) *ciphers = NULL;
STACK_OF(SSL_CIPHER) *scsvs = NULL;
CLIENTHELLO_MSG *clienthello = s->clienthello;
+ DOWNGRADE dgrd = DOWNGRADE_NONE;
*al = SSL_AD_INTERNAL_ERROR;
/* Finished parsing the ClientHello, now we can start processing it */
* versions are potentially compatible. Version negotiation comes later.
*/
if (!SSL_IS_DTLS(s)) {
- protverr = ssl_choose_server_version(s, clienthello);
+ protverr = ssl_choose_server_version(s, clienthello, &dgrd);
} else if (s->method->version != DTLS_ANY_VERSION &&
DTLS_VERSION_LT((int)clienthello->legacy_version, s->version)) {
protverr = SSL_R_VERSION_TOO_LOW;
goto err;
}
- /* TLSv1.3 defines that a ClientHello must end on a record boundary */
+ /* TLSv1.3 specifies that a ClientHello must end on a record boundary */
if (SSL_IS_TLS13(s) && RECORD_LAYER_processed_read_pending(&s->rlayer)) {
*al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO,
s->d1->cookie_verified = 1;
}
if (s->method->version == DTLS_ANY_VERSION) {
- protverr = ssl_choose_server_version(s, clienthello);
+ protverr = ssl_choose_server_version(s, clienthello, &dgrd);
if (protverr != 0) {
SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, protverr);
s->version = s->client_version;
{
unsigned char *pos;
pos = s->s3->server_random;
- if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0) {
+ if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE, dgrd) <= 0) {
goto err;
}
}
int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
{
- int i;
- STACK_OF(X509_NAME) *sk = NULL;
+ int al = SSL_AD_INTERNAL_ERROR;
if (SSL_IS_TLS13(s)) {
/* TODO(TLS1.3) for now send empty request context */
ERR_R_INTERNAL_ERROR);
goto err;
}
- } else {
- /* get the list of acceptable cert types */
- if (!WPACKET_start_sub_packet_u8(pkt)
- || !ssl3_get_req_cert_type(s, pkt) || !WPACKET_close(pkt)) {
+
+ if (!tls_construct_extensions(s, pkt, EXT_TLS1_3_CERTIFICATE_REQUEST,
+ NULL, 0, &al)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
ERR_R_INTERNAL_ERROR);
goto err;
}
+ goto done;
+ }
+
+ /* get the list of acceptable cert types */
+ if (!WPACKET_start_sub_packet_u8(pkt)
+ || !ssl3_get_req_cert_type(s, pkt) || !WPACKET_close(pkt)) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR);
+ goto err;
}
if (SSL_USE_SIGALGS(s)) {
}
}
- /* Start sub-packet for client CA list */
- if (!WPACKET_start_sub_packet_u16(pkt)) {
- SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- sk = SSL_get_client_CA_list(s);
- if (sk != NULL) {
- for (i = 0; i < sk_X509_NAME_num(sk); i++) {
- unsigned char *namebytes;
- X509_NAME *name = sk_X509_NAME_value(sk, i);
- int namelen;
-
- if (name == NULL
- || (namelen = i2d_X509_NAME(name, NULL)) < 0
- || !WPACKET_sub_allocate_bytes_u16(pkt, namelen,
- &namebytes)
- || i2d_X509_NAME(name, &namebytes) != namelen) {
- SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
- }
- /* else no CA names */
- if (!WPACKET_close(pkt)) {
- SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- /*
- * TODO(TLS1.3) implement configurable certificate_extensions
- * For now just send zero length extensions.
- */
- if (SSL_IS_TLS13(s) && !WPACKET_put_bytes_u16(pkt, 0)) {
+ if (!construct_ca_names(s, pkt)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR);
goto err;
}
+ done:
s->s3->tmp.cert_request = 1;
-
return 1;
err:
- ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
return 0;
}