Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
9970290e
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
9970290e
编写于
11月 11, 2016
作者:
M
Matt Caswell
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix the tests following the state machine changes for TLSv1.3
Reviewed-by:
N
Rich Salz
<
rsalz@openssl.org
>
上级
6484776f
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
43 addition
and
19 deletion
+43
-19
test/asynciotest.c
test/asynciotest.c
+20
-4
test/recipes/70-test_sslrecords.t
test/recipes/70-test_sslrecords.t
+1
-0
test/ssltestlib.c
test/ssltestlib.c
+1
-1
util/TLSProxy/Message.pm
util/TLSProxy/Message.pm
+2
-2
util/TLSProxy/Record.pm
util/TLSProxy/Record.pm
+13
-12
util/TLSProxy/ServerHello.pm
util/TLSProxy/ServerHello.pm
+6
-0
未找到文件。
test/asynciotest.c
浏览文件 @
9970290e
...
...
@@ -142,8 +142,9 @@ static int async_write(BIO *bio, const char *in, int inl)
abort
();
while
(
PACKET_remaining
(
&
pkt
)
>
0
)
{
PACKET
payload
;
PACKET
payload
,
wholebody
;
unsigned
int
contenttype
,
versionhi
,
versionlo
,
data
;
unsigned
int
msgtype
=
0
,
negversion
;
if
(
!
PACKET_get_1
(
&
pkt
,
&
contenttype
)
||
!
PACKET_get_1
(
&
pkt
,
&
versionhi
)
...
...
@@ -154,6 +155,17 @@ static int async_write(BIO *bio, const char *in, int inl)
/* Pretend we wrote out the record header */
written
+=
SSL3_RT_HEADER_LENGTH
;
wholebody
=
payload
;
if
(
contenttype
==
SSL3_RT_HANDSHAKE
&&
!
PACKET_get_1
(
&
wholebody
,
&
msgtype
))
abort
();
if
(
msgtype
==
SSL3_MT_SERVER_HELLO
&&
(
!
PACKET_forward
(
&
wholebody
,
SSL3_HM_HEADER_LENGTH
-
1
)
||
!
PACKET_get_net_2
(
&
wholebody
,
&
negversion
)))
abort
();
while
(
PACKET_get_1
(
&
payload
,
&
data
))
{
/* Create a new one byte long record for each byte in the
* record in the input buffer
...
...
@@ -177,10 +189,14 @@ static int async_write(BIO *bio, const char *in, int inl)
written
++
;
}
/*
* We can't fragment anything after the CCS, otherwise we
* get a bad record MAC
* We can't fragment anything after the ServerHello (or CCS <=
* TLS1.2), otherwise we get a bad record MAC
* TODO(TLS1.3): Change TLS1_3_VERSION_DRAFT to TLS1_3_VERSION
* before release
*/
if
(
contenttype
==
SSL3_RT_CHANGE_CIPHER_SPEC
)
{
if
(
contenttype
==
SSL3_RT_CHANGE_CIPHER_SPEC
||
(
negversion
==
TLS1_3_VERSION_DRAFT
&&
msgtype
==
SSL3_MT_SERVER_HELLO
))
{
fragment
=
0
;
break
;
}
...
...
test/recipes/70-test_sslrecords.t
浏览文件 @
9970290e
...
...
@@ -128,6 +128,7 @@ ok(TLSProxy::Message->fail(), "Alert before SSLv2 ClientHello test");
#Test 10: Sending an unrecognised record type in TLS1.2 should fail
$proxy
->
clear
();
$proxy
->
serverflags
("
-tls1_2
");
$proxy
->
filter
(
\
&add_unknown_record_type
);
$proxy
->
start
();
ok
(
TLSProxy::
Message
->
fail
(),
"
Unrecognised record type in TLS1.2
");
...
...
test/ssltestlib.c
浏览文件 @
9970290e
...
...
@@ -564,7 +564,7 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
return
0
;
}
#define MAXLOOPS 100000
#define MAXLOOPS 100000
0
/*
* NOTE: Transfers control of the BIOs - this function will free them on error
...
...
util/TLSProxy/Message.pm
浏览文件 @
9970290e
...
...
@@ -115,9 +115,9 @@ sub get_messages
die
"
CCS received before message data complete
\n
";
}
if
(
$server
)
{
TLSProxy::
Record
->
server_
ccs_seen
(
1
);
TLSProxy::
Record
->
server_
encrypting
(
1
);
}
else
{
TLSProxy::
Record
->
client_
ccs_seen
(
1
);
TLSProxy::
Record
->
client_
encrypting
(
1
);
}
}
elsif
(
$record
->
content_type
==
TLSProxy::Record::
RT_HANDSHAKE
)
{
if
(
$record
->
len
==
0
||
$record
->
len_real
==
0
)
{
...
...
util/TLSProxy/Record.pm
浏览文件 @
9970290e
...
...
@@ -11,8 +11,8 @@ use TLSProxy::Proxy;
package
TLSProxy::
Record
;
my
$server_
ccs_seen
=
0
;
my
$client_
ccs_seen
=
0
;
my
$server_
encrypting
=
0
;
my
$client_
encrypting
=
0
;
my
$etm
=
0
;
use
constant
TLS_RECORD_HEADER_LENGTH
=>
5
;
...
...
@@ -36,6 +36,7 @@ my %record_type = (
use
constant
{
VERS_TLS_1_4
=>
773
,
VERS_TLS_1_3_DRAFT
=>
32530
,
VERS_TLS_1_3
=>
772
,
VERS_TLS_1_2
=>
771
,
VERS_TLS_1_1
=>
770
,
...
...
@@ -108,8 +109,8 @@ sub get_records
substr
(
$packet
,
TLS_RECORD_HEADER_LENGTH
,
$len_real
)
);
if
((
$server
&&
$server_
ccs_seen
)
||
(
!
$server
&&
$client_
ccs_seen
))
{
if
((
$server
&&
$server_
encrypting
)
||
(
!
$server
&&
$client_
encrypting
))
{
if
(
$version
!=
VERS_TLS_1_3
()
&&
$etm
)
{
$record
->
decryptETM
();
}
else
{
...
...
@@ -133,26 +134,26 @@ sub get_records
sub
clear
{
$server_
ccs_seen
=
0
;
$client_
ccs_seen
=
0
;
$server_
encrypting
=
0
;
$client_
encrypting
=
0
;
}
#Class level accessors
sub
server_
ccs_seen
sub
server_
encrypting
{
my
$class
=
shift
;
if
(
@
_
)
{
$server_
ccs_seen
=
shift
;
$server_
encrypting
=
shift
;
}
return
$server_
ccs_seen
;
return
$server_
encrypting
;
}
sub
client_
ccs_seen
sub
client_
encrypting
{
my
$class
=
shift
;
if
(
@
_
)
{
$client_
ccs_seen
=
shift
;
$client_
encrypting
=
shift
;
}
return
$client_
ccs_seen
;
return
$client_
encrypting
;
}
#Enable/Disable Encrypt-then-MAC
sub
etm
...
...
util/TLSProxy/ServerHello.pm
浏览文件 @
9970290e
...
...
@@ -94,6 +94,12 @@ sub parse
$self
->
process_data
();
# TODO(TLS1.3): Replace this reference to draft version before release
if
(
$server_version
==
TLSProxy::Record::
VERS_TLS_1_3_DRAFT
)
{
TLSProxy::
Record
->
server_encrypting
(
1
);
TLSProxy::
Record
->
client_encrypting
(
1
);
}
print
"
Server Version:
"
.
$server_version
.
"
\n
";
print
"
Session ID Len:
"
.
$session_id_len
.
"
\n
";
print
"
Ciphersuite:
"
.
$ciphersuite
.
"
\n
";
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录