aboutsummaryrefslogtreecommitdiffstats
path: root/contrib/libs/openssl/ssl/statem
diff options
context:
space:
mode:
authortpashkin <tpashkin@yandex-team.ru>2022-02-10 16:46:41 +0300
committerDaniil Cherednik <dcherednik@yandex-team.ru>2022-02-10 16:46:41 +0300
commit5475379a04e37df30085bd1724f1c57e3f40996f (patch)
tree95d77e29785a3bd5be6260b1c9d226a551376ecf /contrib/libs/openssl/ssl/statem
parentc3d34b9b40eb534dfd2c549342274f3d61844688 (diff)
downloadydb-5475379a04e37df30085bd1724f1c57e3f40996f.tar.gz
Restoring authorship annotation for <tpashkin@yandex-team.ru>. Commit 1 of 2.
Diffstat (limited to 'contrib/libs/openssl/ssl/statem')
-rw-r--r--contrib/libs/openssl/ssl/statem/extensions.c12
-rw-r--r--contrib/libs/openssl/ssl/statem/extensions_clnt.c4
-rw-r--r--contrib/libs/openssl/ssl/statem/extensions_cust.c4
-rw-r--r--contrib/libs/openssl/ssl/statem/extensions_srvr.c40
-rw-r--r--contrib/libs/openssl/ssl/statem/statem.c4
-rw-r--r--contrib/libs/openssl/ssl/statem/statem_clnt.c4
-rw-r--r--contrib/libs/openssl/ssl/statem/statem_dtls.c4
-rw-r--r--contrib/libs/openssl/ssl/statem/statem_lib.c46
-rw-r--r--contrib/libs/openssl/ssl/statem/statem_local.h838
-rw-r--r--contrib/libs/openssl/ssl/statem/statem_srvr.c106
10 files changed, 531 insertions, 531 deletions
diff --git a/contrib/libs/openssl/ssl/statem/extensions.c b/contrib/libs/openssl/ssl/statem/extensions.c
index 0f39275baa..41fe990aa5 100644
--- a/contrib/libs/openssl/ssl/statem/extensions.c
+++ b/contrib/libs/openssl/ssl/statem/extensions.c
@@ -10,8 +10,8 @@
#include <string.h>
#include "internal/nelem.h"
#include "internal/cryptlib.h"
-#include "../ssl_local.h"
-#include "statem_local.h"
+#include "../ssl_local.h"
+#include "statem_local.h"
#include "internal/cryptlib.h"
static int final_renegotiate(SSL *s, unsigned int context, int sent);
@@ -96,7 +96,7 @@ typedef struct extensions_definition_st {
/*
* Definitions of all built-in extensions. NOTE: Changes in the number or order
* of these extensions should be mirrored with equivalent changes to the
- * indexes ( TLSEXT_IDX_* ) defined in ssl_local.h.
+ * indexes ( TLSEXT_IDX_* ) defined in ssl_local.h.
* Each extension has an initialiser, a client and
* server side parser and a finaliser. The initialiser is called (if the
* extension is relevant to the given context) even if we did not see the
@@ -953,7 +953,7 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
* was successful.
*/
if (s->server) {
- if (sent && ret == SSL_TLSEXT_ERR_OK && !s->hit) {
+ if (sent && ret == SSL_TLSEXT_ERR_OK && !s->hit) {
/* Only store the hostname in the session if we accepted it. */
OPENSSL_free(s->session->ext.hostname);
s->session->ext.hostname = OPENSSL_strdup(s->ext.hostname);
@@ -1015,7 +1015,7 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
/* TLSv1.3 doesn't have warning alerts so we suppress this */
if (!SSL_IS_TLS13(s))
ssl3_send_alert(s, SSL3_AL_WARNING, altmp);
- s->servername_done = 0;
+ s->servername_done = 0;
return 1;
case SSL_TLSEXT_ERR_NOACK:
@@ -1477,7 +1477,7 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
unsigned char finishedkey[EVP_MAX_MD_SIZE], tmpbinder[EVP_MAX_MD_SIZE];
unsigned char *early_secret;
#ifdef CHARSET_EBCDIC
- static const unsigned char resumption_label[] = { 0x72, 0x65, 0x73, 0x20, 0x62, 0x69, 0x6E, 0x64, 0x65, 0x72, 0x00 };
+ static const unsigned char resumption_label[] = { 0x72, 0x65, 0x73, 0x20, 0x62, 0x69, 0x6E, 0x64, 0x65, 0x72, 0x00 };
static const unsigned char external_label[] = { 0x65, 0x78, 0x74, 0x20, 0x62, 0x69, 0x6E, 0x64, 0x65, 0x72, 0x00 };
#else
static const unsigned char resumption_label[] = "res binder";
diff --git a/contrib/libs/openssl/ssl/statem/extensions_clnt.c b/contrib/libs/openssl/ssl/statem/extensions_clnt.c
index ce8a75794c..3b02351294 100644
--- a/contrib/libs/openssl/ssl/statem/extensions_clnt.c
+++ b/contrib/libs/openssl/ssl/statem/extensions_clnt.c
@@ -8,9 +8,9 @@
*/
#include <openssl/ocsp.h>
-#include "../ssl_local.h"
+#include "../ssl_local.h"
#include "internal/cryptlib.h"
-#include "statem_local.h"
+#include "statem_local.h"
EXT_RETURN tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
diff --git a/contrib/libs/openssl/ssl/statem/extensions_cust.c b/contrib/libs/openssl/ssl/statem/extensions_cust.c
index a0ba18efa7..9bdc486e7b 100644
--- a/contrib/libs/openssl/ssl/statem/extensions_cust.c
+++ b/contrib/libs/openssl/ssl/statem/extensions_cust.c
@@ -10,9 +10,9 @@
/* Custom extension utility functions */
#include <openssl/ct.h>
-#include "../ssl_local.h"
+#include "../ssl_local.h"
#include "internal/cryptlib.h"
-#include "statem_local.h"
+#include "statem_local.h"
typedef struct {
void *add_arg;
diff --git a/contrib/libs/openssl/ssl/statem/extensions_srvr.c b/contrib/libs/openssl/ssl/statem/extensions_srvr.c
index 04f64f8106..702ad7e45f 100644
--- a/contrib/libs/openssl/ssl/statem/extensions_srvr.c
+++ b/contrib/libs/openssl/ssl/statem/extensions_srvr.c
@@ -8,8 +8,8 @@
*/
#include <openssl/ocsp.h>
-#include "../ssl_local.h"
-#include "statem_local.h"
+#include "../ssl_local.h"
+#include "statem_local.h"
#include "internal/cryptlib.h"
#define COOKIE_STATE_FORMAT_VERSION 0
@@ -127,10 +127,10 @@ int tls_parse_ctos_server_name(SSL *s, PACKET *pkt, unsigned int context,
return 0;
}
- /*
- * In TLSv1.2 and below the SNI is associated with the session. In TLSv1.3
- * we always use the SNI value from the handshake.
- */
+ /*
+ * In TLSv1.2 and below the SNI is associated with the session. In TLSv1.3
+ * we always use the SNI value from the handshake.
+ */
if (!s->hit || SSL_IS_TLS13(s)) {
if (PACKET_remaining(&hostname) > TLSEXT_MAXLEN_host_name) {
SSLfatal(s, SSL_AD_UNRECOGNIZED_NAME,
@@ -159,13 +159,13 @@ int tls_parse_ctos_server_name(SSL *s, PACKET *pkt, unsigned int context,
}
s->servername_done = 1;
- } else {
- /*
- * In TLSv1.2 and below we should check if the SNI is consistent between
- * the initial handshake and the resumption. In TLSv1.3 SNI is not
- * associated with the session.
- */
+ } else {
/*
+ * In TLSv1.2 and below we should check if the SNI is consistent between
+ * the initial handshake and the resumption. In TLSv1.3 SNI is not
+ * associated with the session.
+ */
+ /*
* TODO(openssl-team): if the SNI doesn't match, we MUST
* fall back to a full handshake.
*/
@@ -1335,16 +1335,16 @@ EXT_RETURN tls_construct_stoc_server_name(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
size_t chainidx)
{
- if (s->servername_done != 1)
- return EXT_RETURN_NOT_SENT;
-
- /*
- * Prior to TLSv1.3 we ignore any SNI in the current handshake if resuming.
- * We just use the servername from the initial handshake.
- */
- if (s->hit && !SSL_IS_TLS13(s))
+ if (s->servername_done != 1)
return EXT_RETURN_NOT_SENT;
+ /*
+ * Prior to TLSv1.3 we ignore any SNI in the current handshake if resuming.
+ * We just use the servername from the initial handshake.
+ */
+ if (s->hit && !SSL_IS_TLS13(s))
+ return EXT_RETURN_NOT_SENT;
+
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_server_name)
|| !WPACKET_put_bytes_u16(pkt, 0)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME,
diff --git a/contrib/libs/openssl/ssl/statem/statem.c b/contrib/libs/openssl/ssl/statem/statem.c
index 20f5bd584e..e9c93e11e3 100644
--- a/contrib/libs/openssl/ssl/statem/statem.c
+++ b/contrib/libs/openssl/ssl/statem/statem.c
@@ -9,8 +9,8 @@
#include "internal/cryptlib.h"
#include <openssl/rand.h>
-#include "../ssl_local.h"
-#include "statem_local.h"
+#include "../ssl_local.h"
+#include "statem_local.h"
#include <assert.h>
/*
diff --git a/contrib/libs/openssl/ssl/statem/statem_clnt.c b/contrib/libs/openssl/ssl/statem/statem_clnt.c
index d1a3969812..22c3acb1a4 100644
--- a/contrib/libs/openssl/ssl/statem/statem_clnt.c
+++ b/contrib/libs/openssl/ssl/statem/statem_clnt.c
@@ -12,8 +12,8 @@
#include <stdio.h>
#include <time.h>
#include <assert.h>
-#include "../ssl_local.h"
-#include "statem_local.h"
+#include "../ssl_local.h"
+#include "statem_local.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
diff --git a/contrib/libs/openssl/ssl/statem/statem_dtls.c b/contrib/libs/openssl/ssl/statem/statem_dtls.c
index 8e3fb686ee..e9177996bb 100644
--- a/contrib/libs/openssl/ssl/statem/statem_dtls.c
+++ b/contrib/libs/openssl/ssl/statem/statem_dtls.c
@@ -10,8 +10,8 @@
#include <limits.h>
#include <string.h>
#include <stdio.h>
-#include "../ssl_local.h"
-#include "statem_local.h"
+#include "../ssl_local.h"
+#include "statem_local.h"
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/objects.h>
diff --git a/contrib/libs/openssl/ssl/statem/statem_lib.c b/contrib/libs/openssl/ssl/statem/statem_lib.c
index c3b6f8f456..4f542ccfd9 100644
--- a/contrib/libs/openssl/ssl/statem/statem_lib.c
+++ b/contrib/libs/openssl/ssl/statem/statem_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -11,8 +11,8 @@
#include <limits.h>
#include <string.h>
#include <stdio.h>
-#include "../ssl_local.h"
-#include "statem_local.h"
+#include "../ssl_local.h"
+#include "statem_local.h"
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/objects.h>
@@ -169,17 +169,17 @@ static int get_cert_verify_tbs_data(SSL *s, unsigned char *tls13tbs,
void **hdata, size_t *hdatalen)
{
#ifdef CHARSET_EBCDIC
- static const char servercontext[] = { 0x54, 0x4c, 0x53, 0x20, 0x31, 0x2e,
+ static const char servercontext[] = { 0x54, 0x4c, 0x53, 0x20, 0x31, 0x2e,
0x33, 0x2c, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x43, 0x65,
0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x65, 0x72,
0x69, 0x66, 0x79, 0x00 };
- static const char clientcontext[] = { 0x54, 0x4c, 0x53, 0x20, 0x31, 0x2e,
+ static const char clientcontext[] = { 0x54, 0x4c, 0x53, 0x20, 0x31, 0x2e,
0x33, 0x2c, 0x20, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, 0x43, 0x65,
0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x65, 0x72,
0x69, 0x66, 0x79, 0x00 };
#else
- static const char servercontext[] = "TLS 1.3, server CertificateVerify";
- static const char clientcontext[] = "TLS 1.3, client CertificateVerify";
+ static const char servercontext[] = "TLS 1.3, server CertificateVerify";
+ static const char clientcontext[] = "TLS 1.3, client CertificateVerify";
#endif
if (SSL_IS_TLS13(s)) {
size_t hashlen;
@@ -844,11 +844,11 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
return MSG_PROCESS_ERROR;
}
} else {
- /* TLS 1.3 gets the secret size from the handshake md */
- size_t dummy;
+ /* TLS 1.3 gets the secret size from the handshake md */
+ size_t dummy;
if (!s->method->ssl3_enc->generate_master_secret(s,
s->master_secret, s->handshake_secret, 0,
- &dummy)) {
+ &dummy)) {
/* SSLfatal() already called */
return MSG_PROCESS_ERROR;
}
@@ -1035,25 +1035,25 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop)
int cleanuphand = s->statem.cleanuphand;
if (clearbufs) {
- if (!SSL_IS_DTLS(s)
-#ifndef OPENSSL_NO_SCTP
+ if (!SSL_IS_DTLS(s)
+#ifndef OPENSSL_NO_SCTP
/*
- * RFC6083: SCTP provides a reliable and in-sequence transport service for DTLS
- * messages that require it. Therefore, DTLS procedures for retransmissions
- * MUST NOT be used.
- * Hence the init_buf can be cleared when DTLS over SCTP as transport is used.
- */
- || BIO_dgram_is_sctp(SSL_get_wbio(s))
-#endif
- ) {
- /*
- * We don't do this in DTLS over UDP because we may still need the init_buf
+ * RFC6083: SCTP provides a reliable and in-sequence transport service for DTLS
+ * messages that require it. Therefore, DTLS procedures for retransmissions
+ * MUST NOT be used.
+ * Hence the init_buf can be cleared when DTLS over SCTP as transport is used.
+ */
+ || BIO_dgram_is_sctp(SSL_get_wbio(s))
+#endif
+ ) {
+ /*
+ * We don't do this in DTLS over UDP because we may still need the init_buf
* in case there are any unexpected retransmits
*/
BUF_MEM_free(s->init_buf);
s->init_buf = NULL;
}
-
+
if (!ssl_free_wbio_buffer(s)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_FINISH_HANDSHAKE,
ERR_R_INTERNAL_ERROR);
diff --git a/contrib/libs/openssl/ssl/statem/statem_local.h b/contrib/libs/openssl/ssl/statem/statem_local.h
index eae88053dc..aaac679b18 100644
--- a/contrib/libs/openssl/ssl/statem/statem_local.h
+++ b/contrib/libs/openssl/ssl/statem/statem_local.h
@@ -1,422 +1,422 @@
-/*
+/*
* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*****************************************************************************
- * *
- * The following definitions are PRIVATE to the state machine. They should *
- * NOT be used outside of the state machine. *
- * *
- *****************************************************************************/
-
-/* Max message length definitions */
-
-/* The spec allows for a longer length than this, but we limit it */
-#define HELLO_VERIFY_REQUEST_MAX_LENGTH 258
-#define END_OF_EARLY_DATA_MAX_LENGTH 0
-#define SERVER_HELLO_MAX_LENGTH 20000
-#define HELLO_RETRY_REQUEST_MAX_LENGTH 20000
-#define ENCRYPTED_EXTENSIONS_MAX_LENGTH 20000
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*****************************************************************************
+ * *
+ * The following definitions are PRIVATE to the state machine. They should *
+ * NOT be used outside of the state machine. *
+ * *
+ *****************************************************************************/
+
+/* Max message length definitions */
+
+/* The spec allows for a longer length than this, but we limit it */
+#define HELLO_VERIFY_REQUEST_MAX_LENGTH 258
+#define END_OF_EARLY_DATA_MAX_LENGTH 0
+#define SERVER_HELLO_MAX_LENGTH 20000
+#define HELLO_RETRY_REQUEST_MAX_LENGTH 20000
+#define ENCRYPTED_EXTENSIONS_MAX_LENGTH 20000
#define SESSION_TICKET_MAX_LENGTH_TLS13 131338
#define SESSION_TICKET_MAX_LENGTH_TLS12 65541
-#define SERVER_KEY_EXCH_MAX_LENGTH 102400
-#define SERVER_HELLO_DONE_MAX_LENGTH 0
-#define KEY_UPDATE_MAX_LENGTH 1
-#define CCS_MAX_LENGTH 1
-/* Max should actually be 36 but we are generous */
-#define FINISHED_MAX_LENGTH 64
-
-/* Dummy message type */
-#define SSL3_MT_DUMMY -1
-
-extern const unsigned char hrrrandom[];
-
-/* Message processing return codes */
-typedef enum {
- /* Something bad happened */
- MSG_PROCESS_ERROR,
- /* We've finished reading - swap to writing */
- MSG_PROCESS_FINISHED_READING,
- /*
- * We've completed the main processing of this message but there is some
- * post processing to be done.
- */
- MSG_PROCESS_CONTINUE_PROCESSING,
- /* We've finished this message - read the next message */
- MSG_PROCESS_CONTINUE_READING
-} MSG_PROCESS_RETURN;
-
-typedef int (*confunc_f) (SSL *s, WPACKET *pkt);
-
-int ssl3_take_mac(SSL *s);
-int check_in_list(SSL *s, uint16_t group_id, const uint16_t *groups,
- size_t num_groups, int checkallow);
-int create_synthetic_message_hash(SSL *s, const unsigned char *hashval,
- size_t hashlen, const unsigned char *hrr,
- size_t hrrlen);
-int parse_ca_names(SSL *s, PACKET *pkt);
-const STACK_OF(X509_NAME) *get_ca_names(SSL *s);
-int construct_ca_names(SSL *s, const STACK_OF(X509_NAME) *ca_sk, WPACKET *pkt);
-size_t construct_key_exchange_tbs(SSL *s, unsigned char **ptbs,
- const void *param, size_t paramlen);
-
-/*
- * TLS/DTLS client state machine functions
- */
-int ossl_statem_client_read_transition(SSL *s, int mt);
-WRITE_TRAN ossl_statem_client_write_transition(SSL *s);
-WORK_STATE ossl_statem_client_pre_work(SSL *s, WORK_STATE wst);
-WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst);
-int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt,
- confunc_f *confunc, int *mt);
-size_t ossl_statem_client_max_message_size(SSL *s);
-MSG_PROCESS_RETURN ossl_statem_client_process_message(SSL *s, PACKET *pkt);
-WORK_STATE ossl_statem_client_post_process_message(SSL *s, WORK_STATE wst);
-
-/*
- * TLS/DTLS server state machine functions
- */
-int ossl_statem_server_read_transition(SSL *s, int mt);
-WRITE_TRAN ossl_statem_server_write_transition(SSL *s);
-WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst);
-WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst);
-int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt,
- confunc_f *confunc,int *mt);
-size_t ossl_statem_server_max_message_size(SSL *s);
-MSG_PROCESS_RETURN ossl_statem_server_process_message(SSL *s, PACKET *pkt);
-WORK_STATE ossl_statem_server_post_process_message(SSL *s, WORK_STATE wst);
-
-/* Functions for getting new message data */
-__owur int tls_get_message_header(SSL *s, int *mt);
-__owur int tls_get_message_body(SSL *s, size_t *len);
-__owur int dtls_get_message(SSL *s, int *mt, size_t *len);
-
-/* Message construction and processing functions */
-__owur int tls_process_initial_server_flight(SSL *s);
-__owur MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt);
-__owur int tls_construct_change_cipher_spec(SSL *s, WPACKET *pkt);
-__owur int dtls_construct_change_cipher_spec(SSL *s, WPACKET *pkt);
-
-__owur int tls_construct_finished(SSL *s, WPACKET *pkt);
-__owur int tls_construct_key_update(SSL *s, WPACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt);
-__owur WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs,
- int stop);
-__owur WORK_STATE dtls_wait_for_dry(SSL *s);
-
-/* some client-only functions */
-__owur int tls_construct_client_hello(SSL *s, WPACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt);
-__owur int tls_process_cert_status_body(SSL *s, PACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt);
-__owur int tls_construct_cert_verify(SSL *s, WPACKET *pkt);
-__owur WORK_STATE tls_prepare_client_certificate(SSL *s, WORK_STATE wst);
-__owur int tls_construct_client_certificate(SSL *s, WPACKET *pkt);
-__owur int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
-__owur int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt);
-__owur int tls_client_key_exchange_post_work(SSL *s);
-__owur int tls_construct_cert_status_body(SSL *s, WPACKET *pkt);
-__owur int tls_construct_cert_status(SSL *s, WPACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt);
-__owur int ssl3_check_cert_and_algorithm(SSL *s);
-#ifndef OPENSSL_NO_NEXTPROTONEG
-__owur int tls_construct_next_proto(SSL *s, WPACKET *pkt);
-#endif
-__owur MSG_PROCESS_RETURN tls_process_hello_req(SSL *s, PACKET *pkt);
-__owur MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt);
-__owur int tls_construct_end_of_early_data(SSL *s, WPACKET *pkt);
-
-/* some server-only functions */
-__owur MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt);
-__owur WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst);
-__owur int tls_construct_server_hello(SSL *s, WPACKET *pkt);
-__owur int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt);
-__owur int tls_construct_server_certificate(SSL *s, WPACKET *pkt);
-__owur int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt);
-__owur int tls_construct_certificate_request(SSL *s, WPACKET *pkt);
-__owur int tls_construct_server_done(SSL *s, WPACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt);
-__owur MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt);
-__owur WORK_STATE tls_post_process_client_key_exchange(SSL *s, WORK_STATE wst);
-__owur MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt);
-#ifndef OPENSSL_NO_NEXTPROTONEG
-__owur MSG_PROCESS_RETURN tls_process_next_proto(SSL *s, PACKET *pkt);
-#endif
-__owur int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt);
-MSG_PROCESS_RETURN tls_process_end_of_early_data(SSL *s, PACKET *pkt);
-
-
-/* Extension processing */
-
-typedef enum ext_return_en {
- EXT_RETURN_FAIL,
- EXT_RETURN_SENT,
- EXT_RETURN_NOT_SENT
-} EXT_RETURN;
-
-__owur int tls_validate_all_contexts(SSL *s, unsigned int thisctx,
- RAW_EXTENSION *exts);
-__owur int extension_is_relevant(SSL *s, unsigned int extctx,
- unsigned int thisctx);
-__owur int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context,
- RAW_EXTENSION **res, size_t *len, int init);
-__owur int tls_parse_extension(SSL *s, TLSEXT_INDEX idx, int context,
- RAW_EXTENSION *exts, X509 *x, size_t chainidx);
-__owur int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts,
- X509 *x, size_t chainidx, int fin);
-__owur int should_add_extension(SSL *s, unsigned int extctx,
- unsigned int thisctx, int max_version);
-__owur int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-
-__owur int tls_psk_do_binder(SSL *s, const EVP_MD *md,
- const unsigned char *msgstart,
- size_t binderoffset, const unsigned char *binderin,
- unsigned char *binderout,
- SSL_SESSION *sess, int sign, int external);
-
-/* Server Extension processing */
-int tls_parse_ctos_renegotiate(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_ctos_server_name(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_ctos_maxfragmentlen(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_SRP
-int tls_parse_ctos_srp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-int tls_parse_ctos_early_data(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_EC
-int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_ctos_supported_groups(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidxl);
-#endif
-int tls_parse_ctos_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_ctos_sig_algs_cert(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_ctos_sig_algs(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#ifndef OPENSSL_NO_OCSP
-int tls_parse_ctos_status_request(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#endif
-#ifndef OPENSSL_NO_NEXTPROTONEG
-int tls_parse_ctos_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-int tls_parse_ctos_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#ifndef OPENSSL_NO_SRTP
-int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-int tls_parse_ctos_etm(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-int tls_parse_ctos_ems(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-int tls_parse_ctos_psk_kex_modes(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-int tls_parse_ctos_post_handshake_auth(SSL *, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-
-EXT_RETURN tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_stoc_server_name(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_stoc_early_data(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_stoc_maxfragmentlen(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-#ifndef OPENSSL_NO_EC
-EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-#ifndef OPENSSL_NO_OCSP
-EXT_RETURN tls_construct_stoc_status_request(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-#ifndef OPENSSL_NO_NEXTPROTONEG
-EXT_RETURN tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-EXT_RETURN tls_construct_stoc_alpn(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_SRTP
-EXT_RETURN tls_construct_stoc_use_srtp(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#endif
-EXT_RETURN tls_construct_stoc_etm(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-EXT_RETURN tls_construct_stoc_ems(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-EXT_RETURN tls_construct_stoc_supported_versions(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-/*
- * Not in public headers as this is not an official extension. Only used when
- * SSL_OP_CRYPTOPRO_TLSEXT_BUG is set.
- */
-#define TLSEXT_TYPE_cryptopro_bug 0xfde8
-EXT_RETURN tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_stoc_psk(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-
-/* Client Extension processing */
-EXT_RETURN tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-EXT_RETURN tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-EXT_RETURN tls_construct_ctos_maxfragmentlen(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_SRP
-EXT_RETURN tls_construct_ctos_srp(SSL *s, WPACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-#ifndef OPENSSL_NO_EC
-EXT_RETURN tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-#ifndef OPENSSL_NO_OCSP
-EXT_RETURN tls_construct_ctos_status_request(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-#ifndef OPENSSL_NO_NEXTPROTONEG
-EXT_RETURN tls_construct_ctos_npn(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#endif
-EXT_RETURN tls_construct_ctos_alpn(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_SRTP
-EXT_RETURN tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#endif
-EXT_RETURN tls_construct_ctos_etm(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_CT
-EXT_RETURN tls_construct_ctos_sct(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#endif
-EXT_RETURN tls_construct_ctos_ems(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-EXT_RETURN tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_ctos_psk_kex_modes(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_ctos_cookie(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-EXT_RETURN tls_construct_ctos_padding(SSL *s, WPACKET *pkt,
- unsigned int context, X509 *x,
- size_t chainidx);
-EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-EXT_RETURN tls_construct_ctos_post_handshake_auth(SSL *s, WPACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-
-int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_stoc_maxfragmentlen(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_EC
-int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#endif
-int tls_parse_stoc_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_OCSP
-int tls_parse_stoc_status_request(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-#endif
-#ifndef OPENSSL_NO_CT
-int tls_parse_stoc_sct(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-#ifndef OPENSSL_NO_NEXTPROTONEG
-int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#ifndef OPENSSL_NO_SRTP
-int tls_parse_stoc_use_srtp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-#endif
-int tls_parse_stoc_etm(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-int tls_parse_stoc_ems(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-int tls_parse_stoc_supported_versions(SSL *s, PACKET *pkt, unsigned int context,
- X509 *x, size_t chainidx);
-int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-int tls_parse_stoc_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
- size_t chainidx);
-
-int tls_handle_alpn(SSL *s);
-
-int tls13_save_handshake_digest_for_pha(SSL *s);
-int tls13_restore_handshake_digest_for_pha(SSL *s);
+#define SERVER_KEY_EXCH_MAX_LENGTH 102400
+#define SERVER_HELLO_DONE_MAX_LENGTH 0
+#define KEY_UPDATE_MAX_LENGTH 1
+#define CCS_MAX_LENGTH 1
+/* Max should actually be 36 but we are generous */
+#define FINISHED_MAX_LENGTH 64
+
+/* Dummy message type */
+#define SSL3_MT_DUMMY -1
+
+extern const unsigned char hrrrandom[];
+
+/* Message processing return codes */
+typedef enum {
+ /* Something bad happened */
+ MSG_PROCESS_ERROR,
+ /* We've finished reading - swap to writing */
+ MSG_PROCESS_FINISHED_READING,
+ /*
+ * We've completed the main processing of this message but there is some
+ * post processing to be done.
+ */
+ MSG_PROCESS_CONTINUE_PROCESSING,
+ /* We've finished this message - read the next message */
+ MSG_PROCESS_CONTINUE_READING
+} MSG_PROCESS_RETURN;
+
+typedef int (*confunc_f) (SSL *s, WPACKET *pkt);
+
+int ssl3_take_mac(SSL *s);
+int check_in_list(SSL *s, uint16_t group_id, const uint16_t *groups,
+ size_t num_groups, int checkallow);
+int create_synthetic_message_hash(SSL *s, const unsigned char *hashval,
+ size_t hashlen, const unsigned char *hrr,
+ size_t hrrlen);
+int parse_ca_names(SSL *s, PACKET *pkt);
+const STACK_OF(X509_NAME) *get_ca_names(SSL *s);
+int construct_ca_names(SSL *s, const STACK_OF(X509_NAME) *ca_sk, WPACKET *pkt);
+size_t construct_key_exchange_tbs(SSL *s, unsigned char **ptbs,
+ const void *param, size_t paramlen);
+
+/*
+ * TLS/DTLS client state machine functions
+ */
+int ossl_statem_client_read_transition(SSL *s, int mt);
+WRITE_TRAN ossl_statem_client_write_transition(SSL *s);
+WORK_STATE ossl_statem_client_pre_work(SSL *s, WORK_STATE wst);
+WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst);
+int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt,
+ confunc_f *confunc, int *mt);
+size_t ossl_statem_client_max_message_size(SSL *s);
+MSG_PROCESS_RETURN ossl_statem_client_process_message(SSL *s, PACKET *pkt);
+WORK_STATE ossl_statem_client_post_process_message(SSL *s, WORK_STATE wst);
+
+/*
+ * TLS/DTLS server state machine functions
+ */
+int ossl_statem_server_read_transition(SSL *s, int mt);
+WRITE_TRAN ossl_statem_server_write_transition(SSL *s);
+WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst);
+WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst);
+int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt,
+ confunc_f *confunc,int *mt);
+size_t ossl_statem_server_max_message_size(SSL *s);
+MSG_PROCESS_RETURN ossl_statem_server_process_message(SSL *s, PACKET *pkt);
+WORK_STATE ossl_statem_server_post_process_message(SSL *s, WORK_STATE wst);
+
+/* Functions for getting new message data */
+__owur int tls_get_message_header(SSL *s, int *mt);
+__owur int tls_get_message_body(SSL *s, size_t *len);
+__owur int dtls_get_message(SSL *s, int *mt, size_t *len);
+
+/* Message construction and processing functions */
+__owur int tls_process_initial_server_flight(SSL *s);
+__owur MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt);
+__owur int tls_construct_change_cipher_spec(SSL *s, WPACKET *pkt);
+__owur int dtls_construct_change_cipher_spec(SSL *s, WPACKET *pkt);
+
+__owur int tls_construct_finished(SSL *s, WPACKET *pkt);
+__owur int tls_construct_key_update(SSL *s, WPACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt);
+__owur WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs,
+ int stop);
+__owur WORK_STATE dtls_wait_for_dry(SSL *s);
+
+/* some client-only functions */
+__owur int tls_construct_client_hello(SSL *s, WPACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt);
+__owur int tls_process_cert_status_body(SSL *s, PACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt);
+__owur int tls_construct_cert_verify(SSL *s, WPACKET *pkt);
+__owur WORK_STATE tls_prepare_client_certificate(SSL *s, WORK_STATE wst);
+__owur int tls_construct_client_certificate(SSL *s, WPACKET *pkt);
+__owur int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
+__owur int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt);
+__owur int tls_client_key_exchange_post_work(SSL *s);
+__owur int tls_construct_cert_status_body(SSL *s, WPACKET *pkt);
+__owur int tls_construct_cert_status(SSL *s, WPACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt);
+__owur int ssl3_check_cert_and_algorithm(SSL *s);
+#ifndef OPENSSL_NO_NEXTPROTONEG
+__owur int tls_construct_next_proto(SSL *s, WPACKET *pkt);
+#endif
+__owur MSG_PROCESS_RETURN tls_process_hello_req(SSL *s, PACKET *pkt);
+__owur MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt);
+__owur int tls_construct_end_of_early_data(SSL *s, WPACKET *pkt);
+
+/* some server-only functions */
+__owur MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt);
+__owur WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst);
+__owur int tls_construct_server_hello(SSL *s, WPACKET *pkt);
+__owur int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt);
+__owur int tls_construct_server_certificate(SSL *s, WPACKET *pkt);
+__owur int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt);
+__owur int tls_construct_certificate_request(SSL *s, WPACKET *pkt);
+__owur int tls_construct_server_done(SSL *s, WPACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt);
+__owur MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt);
+__owur WORK_STATE tls_post_process_client_key_exchange(SSL *s, WORK_STATE wst);
+__owur MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt);
+#ifndef OPENSSL_NO_NEXTPROTONEG
+__owur MSG_PROCESS_RETURN tls_process_next_proto(SSL *s, PACKET *pkt);
+#endif
+__owur int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt);
+MSG_PROCESS_RETURN tls_process_end_of_early_data(SSL *s, PACKET *pkt);
+
+
+/* Extension processing */
+
+typedef enum ext_return_en {
+ EXT_RETURN_FAIL,
+ EXT_RETURN_SENT,
+ EXT_RETURN_NOT_SENT
+} EXT_RETURN;
+
+__owur int tls_validate_all_contexts(SSL *s, unsigned int thisctx,
+ RAW_EXTENSION *exts);
+__owur int extension_is_relevant(SSL *s, unsigned int extctx,
+ unsigned int thisctx);
+__owur int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context,
+ RAW_EXTENSION **res, size_t *len, int init);
+__owur int tls_parse_extension(SSL *s, TLSEXT_INDEX idx, int context,
+ RAW_EXTENSION *exts, X509 *x, size_t chainidx);
+__owur int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts,
+ X509 *x, size_t chainidx, int fin);
+__owur int should_add_extension(SSL *s, unsigned int extctx,
+ unsigned int thisctx, int max_version);
+__owur int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+
+__owur int tls_psk_do_binder(SSL *s, const EVP_MD *md,
+ const unsigned char *msgstart,
+ size_t binderoffset, const unsigned char *binderin,
+ unsigned char *binderout,
+ SSL_SESSION *sess, int sign, int external);
+
+/* Server Extension processing */
+int tls_parse_ctos_renegotiate(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_ctos_server_name(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_ctos_maxfragmentlen(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#ifndef OPENSSL_NO_SRP
+int tls_parse_ctos_srp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+int tls_parse_ctos_early_data(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#ifndef OPENSSL_NO_EC
+int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_ctos_supported_groups(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidxl);
+#endif
+int tls_parse_ctos_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_ctos_sig_algs_cert(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_ctos_sig_algs(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#ifndef OPENSSL_NO_OCSP
+int tls_parse_ctos_status_request(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#endif
+#ifndef OPENSSL_NO_NEXTPROTONEG
+int tls_parse_ctos_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+int tls_parse_ctos_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#ifndef OPENSSL_NO_SRTP
+int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+int tls_parse_ctos_etm(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+int tls_parse_ctos_ems(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+int tls_parse_ctos_psk_kex_modes(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+int tls_parse_ctos_post_handshake_auth(SSL *, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+
+EXT_RETURN tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_stoc_server_name(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_stoc_early_data(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_stoc_maxfragmentlen(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+#ifndef OPENSSL_NO_EC
+EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+#ifndef OPENSSL_NO_OCSP
+EXT_RETURN tls_construct_stoc_status_request(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+#ifndef OPENSSL_NO_NEXTPROTONEG
+EXT_RETURN tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+EXT_RETURN tls_construct_stoc_alpn(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#ifndef OPENSSL_NO_SRTP
+EXT_RETURN tls_construct_stoc_use_srtp(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#endif
+EXT_RETURN tls_construct_stoc_etm(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+EXT_RETURN tls_construct_stoc_ems(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+EXT_RETURN tls_construct_stoc_supported_versions(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+/*
+ * Not in public headers as this is not an official extension. Only used when
+ * SSL_OP_CRYPTOPRO_TLSEXT_BUG is set.
+ */
+#define TLSEXT_TYPE_cryptopro_bug 0xfde8
+EXT_RETURN tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_stoc_psk(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+
+/* Client Extension processing */
+EXT_RETURN tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+EXT_RETURN tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+EXT_RETURN tls_construct_ctos_maxfragmentlen(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#ifndef OPENSSL_NO_SRP
+EXT_RETURN tls_construct_ctos_srp(SSL *s, WPACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+#ifndef OPENSSL_NO_EC
+EXT_RETURN tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+#ifndef OPENSSL_NO_OCSP
+EXT_RETURN tls_construct_ctos_status_request(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+#ifndef OPENSSL_NO_NEXTPROTONEG
+EXT_RETURN tls_construct_ctos_npn(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#endif
+EXT_RETURN tls_construct_ctos_alpn(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#ifndef OPENSSL_NO_SRTP
+EXT_RETURN tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#endif
+EXT_RETURN tls_construct_ctos_etm(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#ifndef OPENSSL_NO_CT
+EXT_RETURN tls_construct_ctos_sct(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#endif
+EXT_RETURN tls_construct_ctos_ems(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+EXT_RETURN tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_ctos_psk_kex_modes(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_ctos_cookie(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+EXT_RETURN tls_construct_ctos_padding(SSL *s, WPACKET *pkt,
+ unsigned int context, X509 *x,
+ size_t chainidx);
+EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+EXT_RETURN tls_construct_ctos_post_handshake_auth(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+
+int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_stoc_maxfragmentlen(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#ifndef OPENSSL_NO_EC
+int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#endif
+int tls_parse_stoc_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#ifndef OPENSSL_NO_OCSP
+int tls_parse_stoc_status_request(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+#endif
+#ifndef OPENSSL_NO_CT
+int tls_parse_stoc_sct(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+#ifndef OPENSSL_NO_NEXTPROTONEG
+int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#ifndef OPENSSL_NO_SRTP
+int tls_parse_stoc_use_srtp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+#endif
+int tls_parse_stoc_etm(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+int tls_parse_stoc_ems(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+int tls_parse_stoc_supported_versions(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+int tls_parse_stoc_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+ size_t chainidx);
+
+int tls_handle_alpn(SSL *s);
+
+int tls13_save_handshake_digest_for_pha(SSL *s);
+int tls13_restore_handshake_digest_for_pha(SSL *s);
diff --git a/contrib/libs/openssl/ssl/statem/statem_srvr.c b/contrib/libs/openssl/ssl/statem/statem_srvr.c
index d701c46b43..d448962c43 100644
--- a/contrib/libs/openssl/ssl/statem/statem_srvr.c
+++ b/contrib/libs/openssl/ssl/statem/statem_srvr.c
@@ -10,9 +10,9 @@
*/
#include <stdio.h>
-#include "../ssl_local.h"
-#include "statem_local.h"
-#include "internal/constant_time.h"
+#include "../ssl_local.h"
+#include "statem_local.h"
+#include "internal/constant_time.h"
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
@@ -23,24 +23,24 @@
#include <openssl/dh.h>
#include <openssl/bn.h>
#include <openssl/md5.h>
-#include <openssl/asn1t.h>
+#include <openssl/asn1t.h>
#define TICKET_NONCE_SIZE 8
-typedef struct {
- ASN1_TYPE *kxBlob;
- ASN1_TYPE *opaqueBlob;
-} GOST_KX_MESSAGE;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KX_MESSAGE)
-
-ASN1_SEQUENCE(GOST_KX_MESSAGE) = {
- ASN1_SIMPLE(GOST_KX_MESSAGE, kxBlob, ASN1_ANY),
- ASN1_OPT(GOST_KX_MESSAGE, opaqueBlob, ASN1_ANY),
-} ASN1_SEQUENCE_END(GOST_KX_MESSAGE)
-
-IMPLEMENT_ASN1_FUNCTIONS(GOST_KX_MESSAGE)
-
+typedef struct {
+ ASN1_TYPE *kxBlob;
+ ASN1_TYPE *opaqueBlob;
+} GOST_KX_MESSAGE;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KX_MESSAGE)
+
+ASN1_SEQUENCE(GOST_KX_MESSAGE) = {
+ ASN1_SIMPLE(GOST_KX_MESSAGE, kxBlob, ASN1_ANY),
+ ASN1_OPT(GOST_KX_MESSAGE, opaqueBlob, ASN1_ANY),
+} ASN1_SEQUENCE_END(GOST_KX_MESSAGE)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_KX_MESSAGE)
+
static int tls_construct_encrypted_extensions(SSL *s, WPACKET *pkt);
/*
@@ -743,15 +743,15 @@ WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst)
case TLS_ST_SW_CHANGE:
if (SSL_IS_TLS13(s))
break;
- /* Writes to s->session are only safe for initial handshakes */
- if (s->session->cipher == NULL) {
- s->session->cipher = s->s3->tmp.new_cipher;
- } else if (s->session->cipher != s->s3->tmp.new_cipher) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
- SSL_F_OSSL_STATEM_SERVER_PRE_WORK,
- ERR_R_INTERNAL_ERROR);
- return WORK_ERROR;
- }
+ /* Writes to s->session are only safe for initial handshakes */
+ if (s->session->cipher == NULL) {
+ s->session->cipher = s->s3->tmp.new_cipher;
+ } else if (s->session->cipher != s->s3->tmp.new_cipher) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_OSSL_STATEM_SERVER_PRE_WORK,
+ ERR_R_INTERNAL_ERROR);
+ return WORK_ERROR;
+ }
if (!s->method->ssl3_enc->setup_key_block(s)) {
/* SSLfatal() already called */
return WORK_ERROR;
@@ -955,11 +955,11 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst)
}
#endif
if (SSL_IS_TLS13(s)) {
- /* TLS 1.3 gets the secret size from the handshake md */
- size_t dummy;
+ /* TLS 1.3 gets the secret size from the handshake md */
+ size_t dummy;
if (!s->method->ssl3_enc->generate_master_secret(s,
s->master_secret, s->handshake_secret, 0,
- &dummy)
+ &dummy)
|| !s->method->ssl3_enc->change_cipher_state(s,
SSL3_CC_APPLICATION | SSL3_CHANGE_CIPHER_SERVER_WRITE))
/* SSLfatal() already called */
@@ -3354,8 +3354,8 @@ static int tls_process_cke_gost(SSL *s, PACKET *pkt)
const unsigned char *start;
size_t outlen = 32, inlen;
unsigned long alg_a;
- GOST_KX_MESSAGE *pKX = NULL;
- const unsigned char *ptr;
+ GOST_KX_MESSAGE *pKX = NULL;
+ const unsigned char *ptr;
int ret = 0;
/* Get our certificate private key */
@@ -3397,34 +3397,34 @@ static int tls_process_cke_gost(SSL *s, PACKET *pkt)
if (EVP_PKEY_derive_set_peer(pkey_ctx, client_pub_pkey) <= 0)
ERR_clear_error();
}
-
- ptr = PACKET_data(pkt);
- /* Some implementations provide extra data in the opaqueBlob
- * We have nothing to do with this blob so we just skip it */
- pKX = d2i_GOST_KX_MESSAGE(NULL, &ptr, PACKET_remaining(pkt));
- if (pKX == NULL
- || pKX->kxBlob == NULL
- || ASN1_TYPE_get(pKX->kxBlob) != V_ASN1_SEQUENCE) {
- SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
- SSL_R_DECRYPTION_FAILED);
- goto err;
- }
-
- if (!PACKET_forward(pkt, ptr - PACKET_data(pkt))) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
+
+ ptr = PACKET_data(pkt);
+ /* Some implementations provide extra data in the opaqueBlob
+ * We have nothing to do with this blob so we just skip it */
+ pKX = d2i_GOST_KX_MESSAGE(NULL, &ptr, PACKET_remaining(pkt));
+ if (pKX == NULL
+ || pKX->kxBlob == NULL
+ || ASN1_TYPE_get(pKX->kxBlob) != V_ASN1_SEQUENCE) {
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
+ SSL_R_DECRYPTION_FAILED);
+ goto err;
+ }
+
+ if (!PACKET_forward(pkt, ptr - PACKET_data(pkt))) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
SSL_R_DECRYPTION_FAILED);
goto err;
}
- if (PACKET_remaining(pkt) != 0) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
+ if (PACKET_remaining(pkt) != 0) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
SSL_R_DECRYPTION_FAILED);
goto err;
}
- inlen = pKX->kxBlob->value.sequence->length;
- start = pKX->kxBlob->value.sequence->data;
-
+ inlen = pKX->kxBlob->value.sequence->length;
+ start = pKX->kxBlob->value.sequence->data;
+
if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, start,
inlen) <= 0) {
SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CKE_GOST,
@@ -3445,7 +3445,7 @@ static int tls_process_cke_gost(SSL *s, PACKET *pkt)
ret = 1;
err:
EVP_PKEY_CTX_free(pkey_ctx);
- GOST_KX_MESSAGE_free(pKX);
+ GOST_KX_MESSAGE_free(pKX);
return ret;
#else
/* Should never happen */
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-08 14:31:10 +0000