/*
- * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/rand.h>
#include "../ssl_locl.h"
#include "statem_locl.h"
+#include <assert.h>
/*
* This file implements the SSL/TLS/DTLS state machines.
void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file,
int line)
{
+ /* We shouldn't call SSLfatal() twice. Once is enough */
+ assert(s->statem.state != MSG_FLOW_ERROR);
s->statem.in_init = 1;
s->statem.state = MSG_FLOW_ERROR;
ERR_put_error(ERR_LIB_SSL, func, reason, file, line);
#define check_fatal(s, f) \
do { \
if (!ossl_assert((s)->statem.in_init \
- || (s)->statem.state != MSG_FLOW_ERROR)) \
+ && (s)->statem.state == MSG_FLOW_ERROR)) \
SSLfatal(s, SSL_AD_INTERNAL_ERROR, (f), \
SSL_R_MISSING_FATAL); \
} while (0)
st->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) {
- if (!SSL_clear(s))
+ /*
+ * If we are stateless then we already called SSL_clear() - don't do
+ * it again and clear the STATELESS flag itself.
+ */
+ if ((s->s3->flags & TLS1_FLAGS_STATELESS) == 0 && !SSL_clear(s))
return -1;
}
#ifndef OPENSSL_NO_SCTP
} else {
/* Error */
check_fatal(s, SSL_F_STATE_MACHINE);
- SSLerr(SSL_F_STATE_MACHINE, ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_STATE_MACHINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
goto end;
}
}
return 0;
}
+
+/*
+ * This function returns 1 if TLS exporter is ready to export keying
+ * material, or 0 if otherwise.
+ */
+int ossl_statem_export_allowed(SSL *s)
+{
+ return s->s3->previous_server_finished_len != 0
+ && s->statem.hand_state != TLS_ST_SW_FINISHED;
+}
+
+/*
+ * Return 1 if early TLS exporter is ready to export keying material,
+ * or 0 if otherwise.
+ */
+int ossl_statem_export_early_allowed(SSL *s)
+{
+ /*
+ * The early exporter secret is only present on the server if we
+ * have accepted early_data. It is present on the client as long
+ * as we have sent early_data.
+ */
+ return s->ext.early_data == SSL_EARLY_DATA_ACCEPTED
+ || (!s->server && s->ext.early_data != SSL_EARLY_DATA_NOT_SENT);
+}