projects
/
BearSSL
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Added flag to prohibit renegotiations.
[BearSSL]
/
src
/
ssl
/
ssl_hs_common.t0
diff --git
a/src/ssl/ssl_hs_common.t0
b/src/ssl/ssl_hs_common.t0
index
a842b29
..
1eb5347
100644
(file)
--- a/
src/ssl/ssl_hs_common.t0
+++ b/
src/ssl/ssl_hs_common.t0
@@
-156,6
+156,7
@@
addr-eng: ecdhe_point
addr-eng: ecdhe_point_len
addr-eng: reneg
addr-eng: saved_finished
addr-eng: ecdhe_point_len
addr-eng: reneg
addr-eng: saved_finished
+addr-eng: flags
addr-eng: pad
addr-eng: action
addr-eng: alert
addr-eng: pad
addr-eng: action
addr-eng: alert
@@
-174,6
+175,10
@@
addr-session-field: version
addr-session-field: cipher_suite
addr-session-field: master_secret
addr-session-field: cipher_suite
addr-session-field: master_secret
+\ Check a server flag by index.
+: flag? ( index -- bool )
+ addr-flags get32 swap >> 1 and neg ;
+
\ Define a word that evaluates to an error constant. This assumes that
\ all relevant error codes are in the 0..63 range.
: err:
\ Define a word that evaluates to an error constant. This assumes that
\ all relevant error codes are in the 0..63 range.
: err:
@@
-441,7
+446,7
@@
cc: read-chunk-native ( addr len -- addr len ) {
addr-alert get8 case
0 of
\ 'alert' field is 0, so this byte shall be a level.
addr-alert get8 case
0 of
\ 'alert' field is 0, so this byte shall be a level.
- \ Levels shall be 1 (
alert
) or 2 (fatal); we convert
+ \ Levels shall be 1 (
warning
) or 2 (fatal); we convert
\ all other values to "fatal".
dup 1 <> if drop 2 then
addr-alert set8 0
\ all other values to "fatal".
dup 1 <> if drop 2 then
addr-alert set8 0
@@
-449,10
+454,13
@@
cc: read-chunk-native ( addr len -- addr len ) {
1 of
0 addr-alert set8
\ close_notify has value 0.
1 of
0 addr-alert set8
\ close_notify has value 0.
+ \ no_renegotiation has value 100, and we treat it
+ \ as a fatal alert.
+ dup 100 = if 256 + fail then
0= ret
endof
\ Fatal alert implies context termination.
0= ret
endof
\ Fatal alert implies context termination.
- 256 + fail
+
drop
256 + fail
endcase ;
\ In general we only deal with handshake data here. Alerts are processed
endcase ;
\ In general we only deal with handshake data here. Alerts are processed
@@
-782,8
+790,10
@@
hexb| 0000 | \ List terminator.
2+
again ;
2+
again ;
-\ Check that a given cipher suite is supported.
+\ Check that a given cipher suite is supported. Note that this also
+\ returns true (-1) for the TLS_FALLBACK_SCSV pseudo-ciphersuite.
: suite-supported? ( suite -- bool )
: suite-supported? ( suite -- bool )
+ dup 0x5600 = if drop -1 ret then
cipher-suite-to-elements 0<> ;
\ Get expected key type for cipher suite. The key type is one of
cipher-suite-to-elements 0<> ;
\ Get expected key type for cipher suite. The key type is one of