From cc2455bfa8cb4d62792dee533e9262f470e78e72 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 11 Jan 2017 17:18:19 +0000 Subject: [PATCH] Move TLSv1.3 Session Ticket processing into the state machine We still ignore it for now, but at least its in the right place. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2259) --- ssl/record/rec_layer_s3.c | 10 ---------- ssl/statem/statem_clnt.c | 20 ++++++++++++++++++++ ssl/statem/statem_locl.h | 1 + 3 files changed, 21 insertions(+), 10 deletions(-) diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 59aa8d4cae..58a4716ffe 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1372,16 +1372,6 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, } } - /* - * TODO(TLS1.3): Temporarily we will just ignore NewSessionTicket messages. - * Later we will want to process them. - */ - if (!s->server && SSL_IS_TLS13(s) && s->rlayer.handshake_fragment_len >= 4 - && s->rlayer.handshake_fragment[0] == SSL3_MT_NEWSESSION_TICKET) { - SSL3_RECORD_set_read(rr); - goto start; - } - /*- * s->rlayer.handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE; * s->rlayer.alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT. diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 8a308f82bc..35082ae572 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -181,6 +181,13 @@ static int ossl_statem_client13_read_transition(SSL *s, int mt) return 1; } break; + + case TLS_ST_OK: + if (mt == SSL3_MT_NEWSESSION_TICKET) { + st->hand_state = TLS_ST_CR_SESSION_TICKET; + return 1; + } + break; } /* No valid transition found */ @@ -406,10 +413,15 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s) st->hand_state = TLS_ST_CW_FINISHED; return WRITE_TRAN_CONTINUE; + case TLS_ST_CR_SESSION_TICKET: case TLS_ST_CW_FINISHED: st->hand_state = TLS_ST_OK; ossl_statem_set_in_init(s, 0); return WRITE_TRAN_CONTINUE; + + case TLS_ST_OK: + /* Just go straight to trying to read from the server */ + return WRITE_TRAN_FINISHED; } } @@ -845,6 +857,8 @@ MSG_PROCESS_RETURN ossl_statem_client_process_message(SSL *s, PACKET *pkt) return tls_process_change_cipher_spec(s, pkt); case TLS_ST_CR_SESSION_TICKET: + if (SSL_IS_TLS13(s)) + return tls13_process_new_session_ticket(s, pkt); return tls_process_new_session_ticket(s, pkt); case TLS_ST_CR_FINISHED: @@ -2269,6 +2283,12 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt) return MSG_PROCESS_ERROR; } +MSG_PROCESS_RETURN tls13_process_new_session_ticket(SSL *s, PACKET *pkt) +{ + /* TODO(TLS1.3): For now we just ignore these. This needs implementing */ + return MSG_PROCESS_FINISHED_READING; +} + /* * In TLSv1.3 this is called from the extensions code, otherwise it is used to * parse a separate message. Returns 1 on success or 0 on failure. On failure diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h index 5e9f72dd69..51adfc6dce 100644 --- a/ssl/statem/statem_locl.h +++ b/ssl/statem/statem_locl.h @@ -115,6 +115,7 @@ __owur int tls_construct_client_hello(SSL *s, WPACKET *pkt); __owur MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt); __owur MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt); __owur MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt); +__owur MSG_PROCESS_RETURN tls13_process_new_session_ticket(SSL *s, PACKET *pkt); __owur int tls_process_cert_status_body(SSL *s, PACKET *pkt, int *al); __owur MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt); __owur MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt); -- 2.34.1