Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
d7c42d71
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
d7c42d71
编写于
11月 01, 2016
作者:
M
Matt Caswell
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add processing of the key_share received in the ServerHello
Reviewed-by:
N
Rich Salz
<
rsalz@openssl.org
>
上级
bcec3358
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
56 addition
and
2 deletion
+56
-2
include/openssl/ssl.h
include/openssl/ssl.h
+1
-0
ssl/ssl_err.c
ssl/ssl_err.c
+1
-0
ssl/t1_lib.c
ssl/t1_lib.c
+54
-2
未找到文件。
include/openssl/ssl.h
浏览文件 @
d7c42d71
...
...
@@ -2313,6 +2313,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_BAD_ECPOINT 306
# define SSL_R_BAD_HANDSHAKE_LENGTH 332
# define SSL_R_BAD_HELLO_REQUEST 105
# define SSL_R_BAD_KEY_SHARE 108
# define SSL_R_BAD_LENGTH 271
# define SSL_R_BAD_PACKET_LENGTH 115
# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
...
...
ssl/ssl_err.c
浏览文件 @
d7c42d71
...
...
@@ -342,6 +342,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
{
ERR_REASON
(
SSL_R_BAD_ECPOINT
),
"bad ecpoint"
},
{
ERR_REASON
(
SSL_R_BAD_HANDSHAKE_LENGTH
),
"bad handshake length"
},
{
ERR_REASON
(
SSL_R_BAD_HELLO_REQUEST
),
"bad hello request"
},
{
ERR_REASON
(
SSL_R_BAD_KEY_SHARE
),
"bad key share"
},
{
ERR_REASON
(
SSL_R_BAD_LENGTH
),
"bad length"
},
{
ERR_REASON
(
SSL_R_BAD_PACKET_LENGTH
),
"bad packet length"
},
{
ERR_REASON
(
SSL_R_BAD_PROTOCOL_VERSION_NUMBER
),
...
...
ssl/t1_lib.c
浏览文件 @
d7c42d71
...
...
@@ -2637,12 +2637,64 @@ static int ssl_scan_serverhello_tlsext(SSL *s, PACKET *pkt, int *al)
s
->
s3
->
flags
|=
TLS1_FLAGS_RECEIVED_EXTMS
;
if
(
!
s
->
hit
)
s
->
session
->
flags
|=
SSL_SESS_FLAG_EXTMS
;
}
}
else
if
(
type
==
TLSEXT_TYPE_key_share
&&
s
->
version
==
TLS1_3_VERSION
)
{
unsigned
int
group_id
;
PACKET
encoded_pt
;
EVP_PKEY
*
ckey
=
s
->
s3
->
tmp
.
pkey
,
*
skey
=
NULL
;
/* Sanity check */
if
(
ckey
==
NULL
)
{
*
al
=
SSL_AD_INTERNAL_ERROR
;
SSLerr
(
SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT
,
ERR_R_INTERNAL_ERROR
);
return
0
;
}
if
(
!
PACKET_get_net_2
(
&
spkt
,
&
group_id
))
{
*
al
=
SSL_AD_HANDSHAKE_FAILURE
;
SSLerr
(
SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT
,
SSL_R_LENGTH_MISMATCH
);
return
0
;
}
if
(
group_id
!=
s
->
s3
->
group_id
)
{
/*
* This isn't for the group that we sent in the original
* key_share!
*/
*
al
=
SSL_AD_HANDSHAKE_FAILURE
;
SSLerr
(
SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT
,
SSL_R_BAD_KEY_SHARE
);
return
0
;
}
/* TODO(TLS1.3): Create skey from ckey */
skey
=
ssl_generate_pkey
(
ckey
);
if
(
!
PACKET_as_length_prefixed_2
(
&
spkt
,
&
encoded_pt
))
{
*
al
=
SSL_AD_DECODE_ERROR
;
SSLerr
(
SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT
,
SSL_R_LENGTH_MISMATCH
);
return
0
;
}
if
(
!
EVP_PKEY_set1_tls_encodedpoint
(
skey
,
PACKET_data
(
&
encoded_pt
),
PACKET_remaining
(
&
encoded_pt
)))
{
*
al
=
SSL_AD_DECODE_ERROR
;
SSLerr
(
SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT
,
SSL_R_BAD_ECPOINT
);
return
0
;
}
/*
* TODO(TLS1.3): Throw it all away for now, later we will use the
* two keys.
*/
EVP_PKEY_free
(
skey
);
/*
* If this extension type was not otherwise handled, but matches a
* custom_cli_ext_record, then send it to the c callback
*/
else
if
(
custom_ext_parse
(
s
,
0
,
type
,
data
,
size
,
al
)
<=
0
)
}
else
if
(
custom_ext_parse
(
s
,
0
,
type
,
data
,
size
,
al
)
<=
0
)
return
0
;
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
