diff options
| author | robot-contrib <robot-contrib@yandex-team.com> | 2022-12-14 15:26:54 +0300 |
|---|---|---|
| committer | robot-contrib <robot-contrib@yandex-team.com> | 2022-12-14 15:26:54 +0300 |
| commit | 4925d989167591a367baa018abd3dde8b24ce47f (patch) | |
| tree | 1853212a7f126028a55f7ba871105c081089256d /contrib/restricted/aws/s2n/tls/extensions/s2n_client_psk.c | |
| parent | 6aec14798ad91ed132f3da681c3d5b9c6fb2240d (diff) | |
| download | ydb-4925d989167591a367baa018abd3dde8b24ce47f.tar.gz | |
Update contrib/restricted/aws/s2n to 1.3.29
Diffstat (limited to 'contrib/restricted/aws/s2n/tls/extensions/s2n_client_psk.c')
| -rw-r--r-- | contrib/restricted/aws/s2n/tls/extensions/s2n_client_psk.c | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/contrib/restricted/aws/s2n/tls/extensions/s2n_client_psk.c b/contrib/restricted/aws/s2n/tls/extensions/s2n_client_psk.c index 800fce4aaf..992e2ca4e9 100644 --- a/contrib/restricted/aws/s2n/tls/extensions/s2n_client_psk.c +++ b/contrib/restricted/aws/s2n/tls/extensions/s2n_client_psk.c @@ -13,19 +13,19 @@ * permissions and limitations under the License. */ -#include <sys/param.h> +#include "tls/extensions/s2n_client_psk.h" + #include <stdint.h> +#include <sys/param.h> #include "crypto/s2n_hash.h" -#include "tls/s2n_tls.h" #include "tls/s2n_psk.h" +#include "tls/s2n_tls.h" #include "tls/s2n_tls_parameters.h" -#include "tls/extensions/s2n_client_psk.h" - #include "utils/s2n_bitmap.h" #include "utils/s2n_safety.h" -#define SIZE_OF_BINDER_SIZE sizeof(uint8_t) +#define SIZE_OF_BINDER_SIZE sizeof(uint8_t) #define SIZE_OF_BINDER_LIST_SIZE sizeof(uint16_t) /* To avoid a DoS attack triggered by decrypting too many session tickets, @@ -82,7 +82,7 @@ bool s2n_client_psk_should_send(struct s2n_connection *conn) */ for (size_t i = 0; i < conn->psk_params.psk_list.len; i++) { struct s2n_psk *psk = NULL; - if (s2n_result_is_ok(s2n_array_get(&conn->psk_params.psk_list, i, (void**) &psk)) + if (s2n_result_is_ok(s2n_array_get(&conn->psk_params.psk_list, i, (void **) &psk)) && psk != NULL && conn->secure->cipher_suite->prf_alg == psk->hmac_alg) { return true; @@ -146,7 +146,7 @@ static int s2n_client_psk_send(struct s2n_connection *conn, struct s2n_stuffer * for (size_t i = 0; i < psk_list->len; i++) { struct s2n_psk *psk = NULL; - POSIX_GUARD_RESULT(s2n_array_get(psk_list, i, (void**) &psk)); + POSIX_GUARD_RESULT(s2n_array_get(psk_list, i, (void **) &psk)); POSIX_ENSURE_REF(psk); /** @@ -162,7 +162,7 @@ static int s2n_client_psk_send(struct s2n_connection *conn, struct s2n_stuffer * /* Write the identity */ POSIX_GUARD(s2n_stuffer_write_uint16(out, psk->identity.size)); POSIX_GUARD(s2n_stuffer_write(out, &psk->identity)); - + /* Write obfuscated ticket age */ uint32_t obfuscated_ticket_age = 0; uint64_t current_time = 0; @@ -210,14 +210,14 @@ static S2N_RESULT s2n_select_external_psk(struct s2n_connection *conn, struct s2 for (size_t i = 0; i < server_psks->len; i++) { struct s2n_psk *server_psk = NULL; - RESULT_GUARD(s2n_array_get(server_psks, i, (void**) &server_psk)); + RESULT_GUARD(s2n_array_get(server_psks, i, (void **) &server_psk)); RESULT_ENSURE_REF(server_psk); struct s2n_offered_psk client_psk = { 0 }; uint16_t wire_index = 0; RESULT_GUARD_POSIX(s2n_offered_psk_list_reread(client_identity_list)); - while(s2n_offered_psk_list_has_next(client_identity_list)) { + while (s2n_offered_psk_list_has_next(client_identity_list)) { RESULT_GUARD_POSIX(s2n_offered_psk_list_next(client_identity_list, &client_psk)); uint16_t compare_size = MIN(client_psk.identity.size, server_psk->identity.size); if (s2n_constant_time_equals(client_psk.identity.data, server_psk->identity.data, compare_size) @@ -233,7 +233,8 @@ static S2N_RESULT s2n_select_external_psk(struct s2n_connection *conn, struct s2 return S2N_RESULT_OK; } -static S2N_RESULT s2n_select_resumption_psk(struct s2n_connection *conn, struct s2n_offered_psk_list *client_identity_list) { +static S2N_RESULT s2n_select_resumption_psk(struct s2n_connection *conn, struct s2n_offered_psk_list *client_identity_list) +{ RESULT_ENSURE_REF(conn); RESULT_ENSURE_REF(client_identity_list); @@ -266,9 +267,9 @@ static S2N_RESULT s2n_client_psk_recv_identity_list(struct s2n_connection *conn, if (conn->config->psk_selection_cb) { RESULT_GUARD_POSIX(conn->config->psk_selection_cb(conn, conn->config->psk_selection_ctx, &identity_list)); - } else if(conn->psk_params.type == S2N_PSK_TYPE_EXTERNAL) { + } else if (conn->psk_params.type == S2N_PSK_TYPE_EXTERNAL) { RESULT_GUARD(s2n_select_external_psk(conn, &identity_list)); - } else if(conn->psk_params.type == S2N_PSK_TYPE_RESUMPTION) { + } else if (conn->psk_params.type == S2N_PSK_TYPE_RESUMPTION) { RESULT_GUARD(s2n_select_resumption_psk(conn, &identity_list)); } |