kris
/
boringssl
1
0
Форк 0
Код Проблеми 0 Запити на злиття 0 Релізи 0 Вікі Активність
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
3578 Коміти
12 Гілки
38 MiB
 
 
 
 
 
 
Дерево: 8a55ce4954
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з '8a55ce4954'
${ noResults }
boringssl/ssl/tls_method.c

253 рядки
7.3 KiB
Неформатований Звинувачення Історія 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/ssl.h>

  58. 

  59. #include <assert.h>

  60. #include <string.h>

  61. 

  62. #include <openssl/buf.h>

  63. 

  64. #include "internal.h"

  65. 

  66. 

  67. static int ssl3_version_from_wire(uint16_t *out_version,

  68.                                   uint16_t wire_version) {

  69.   switch (wire_version) {

  70.     case SSL3_VERSION:

  71.     case TLS1_VERSION:

  72.     case TLS1_1_VERSION:

  73.     case TLS1_2_VERSION:

  74.       *out_version = wire_version;

  75.       return 1;

  76.     case TLS1_3_DRAFT_VERSION:

  77.       *out_version = TLS1_3_VERSION;

  78.       return 1;

  79.   }

  80. 

  81.   return 0;

  82. }

  83. 

  84. static uint16_t ssl3_version_to_wire(uint16_t version) {

  85.   switch (version) {

  86.     case SSL3_VERSION:

  87.     case TLS1_VERSION:

  88.     case TLS1_1_VERSION:

  89.     case TLS1_2_VERSION:

  90.       return version;

  91.     case TLS1_3_VERSION:

  92.       return TLS1_3_DRAFT_VERSION;

  93.   }

  94. 

  95.   /* It is an error to use this function with an invalid version. */

  96.   assert(0);

  97.   return 0;

  98. }

  99. 

  100. static int ssl3_supports_cipher(const SSL_CIPHER *cipher) { return 1; }

  101. 

  102. static void ssl3_expect_flight(SSL *ssl) {}

  103. 

  104. static void ssl3_received_flight(SSL *ssl) {}

  105. 

  106. static int ssl3_set_read_state(SSL *ssl, SSL_AEAD_CTX *aead_ctx) {

  107.   if (ssl->s3->rrec.length != 0) {

  108.     /* There may not be unprocessed record data at a cipher change. */

  109.     OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFERED_MESSAGES_ON_CIPHER_CHANGE);

  110.     ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);

  111.     SSL_AEAD_CTX_free(aead_ctx);

  112.     return 0;

  113.   }

  114. 

  115.   memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));

  116. 

  117.   SSL_AEAD_CTX_free(ssl->s3->aead_read_ctx);

  118.   ssl->s3->aead_read_ctx = aead_ctx;

  119.   return 1;

  120. }

  121. 

  122. static int ssl3_set_write_state(SSL *ssl, SSL_AEAD_CTX *aead_ctx) {

  123.   memset(ssl->s3->write_sequence, 0, sizeof(ssl->s3->write_sequence));

  124. 

  125.   SSL_AEAD_CTX_free(ssl->s3->aead_write_ctx);

  126.   ssl->s3->aead_write_ctx = aead_ctx;

  127.   return 1;

  128. }

  129. 

  130. static const SSL_PROTOCOL_METHOD kTLSProtocolMethod = {

  131.     0 /* is_dtls */,

  132.     SSL3_VERSION,

  133.     TLS1_3_VERSION,

  134.     ssl3_version_from_wire,

  135.     ssl3_version_to_wire,

  136.     ssl3_new,

  137.     ssl3_free,

  138.     ssl3_get_message,

  139.     ssl3_get_current_message,

  140.     ssl3_release_current_message,

  141.     ssl3_read_app_data,

  142.     ssl3_read_change_cipher_spec,

  143.     ssl3_read_close_notify,

  144.     ssl3_write_app_data,

  145.     ssl3_dispatch_alert,

  146.     ssl3_supports_cipher,

  147.     ssl3_init_message,

  148.     ssl3_finish_message,

  149.     ssl3_queue_message,

  150.     ssl3_write_message,

  151.     ssl3_send_change_cipher_spec,

  152.     ssl3_expect_flight,

  153.     ssl3_received_flight,

  154.     ssl3_set_read_state,

  155.     ssl3_set_write_state,

  156. };

  157. 

  158. const SSL_METHOD *TLS_method(void) {

  159.   static const SSL_METHOD kMethod = {

  160.       0,

  161.       &kTLSProtocolMethod,

  162.   };

  163.   return &kMethod;

  164. }

  165. 

  166. const SSL_METHOD *SSLv23_method(void) {

  167.   return TLS_method();

  168. }

  169. 

  170. /* Legacy version-locked methods. */

  171. 

  172. const SSL_METHOD *TLSv1_2_method(void) {

  173.   static const SSL_METHOD kMethod = {

  174.       TLS1_2_VERSION,

  175.       &kTLSProtocolMethod,

  176.   };

  177.   return &kMethod;

  178. }

  179. 

  180. const SSL_METHOD *TLSv1_1_method(void) {

  181.   static const SSL_METHOD kMethod = {

  182.       TLS1_1_VERSION,

  183.       &kTLSProtocolMethod,

  184.   };

  185.   return &kMethod;

  186. }

  187. 

  188. const SSL_METHOD *TLSv1_method(void) {

  189.   static const SSL_METHOD kMethod = {

  190.       TLS1_VERSION,

  191.       &kTLSProtocolMethod,

  192.   };

  193.   return &kMethod;

  194. }

  195. 

  196. const SSL_METHOD *SSLv3_method(void) {

  197.   static const SSL_METHOD kMethod = {

  198.       SSL3_VERSION,

  199.       &kTLSProtocolMethod,

  200.   };

  201.   return &kMethod;

  202. }

  203. 

  204. /* Legacy side-specific methods. */

  205. 

  206. const SSL_METHOD *TLSv1_2_server_method(void) {

  207.   return TLSv1_2_method();

  208. }

  209. 

  210. const SSL_METHOD *TLSv1_1_server_method(void) {

  211.   return TLSv1_1_method();

  212. }

  213. 

  214. const SSL_METHOD *TLSv1_server_method(void) {

  215.   return TLSv1_method();

  216. }

  217. 

  218. const SSL_METHOD *SSLv3_server_method(void) {

  219.   return SSLv3_method();

  220. }

  221. 

  222. const SSL_METHOD *TLSv1_2_client_method(void) {

  223.   return TLSv1_2_method();

  224. }

  225. 

  226. const SSL_METHOD *TLSv1_1_client_method(void) {

  227.   return TLSv1_1_method();

  228. }

  229. 

  230. const SSL_METHOD *TLSv1_client_method(void) {

  231.   return TLSv1_method();

  232. }

  233. 

  234. const SSL_METHOD *SSLv3_client_method(void) {

  235.   return SSLv3_method();

  236. }

  237. 

  238. const SSL_METHOD *SSLv23_server_method(void) {

  239.   return SSLv23_method();

  240. }

  241. 

  242. const SSL_METHOD *SSLv23_client_method(void) {

  243.   return SSLv23_method();

  244. }

  245. 

  246. const SSL_METHOD *TLS_server_method(void) {

  247.   return TLS_method();

  248. }

  249. 

  250. const SSL_METHOD *TLS_client_method(void) {

  251.   return TLS_method();

  252. }