X-Git-Url: https://bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fssl%2Fssl_hs_common.t0;h=1eb534764bc6363a89a7fda1a00f3b1dc41ef9e6;hp=a842b29156aab8116bf78dc5fe0a6fea7537b046;hb=d16eee962a72a600c370f18f2ae25b36b4f532df;hpb=3210f38e0491b39aec1ef419cb4114e9483089fb

diff --git a/src/ssl/ssl_hs_common.t0 b/src/ssl/ssl_hs_common.t0
index a842b29..1eb5347 100644
--- a/src/ssl/ssl_hs_common.t0
+++ b/src/ssl/ssl_hs_common.t0
@@ -156,6 +156,7 @@ addr-eng: ecdhe_point
 addr-eng: ecdhe_point_len
 addr-eng: reneg
 addr-eng: saved_finished
+addr-eng: flags
 addr-eng: pad
 addr-eng: action
 addr-eng: alert
@@ -174,6 +175,10 @@ addr-session-field: version
 addr-session-field: cipher_suite
 addr-session-field: master_secret
 
+\ Check a server flag by index.
+: flag? ( index -- bool )
+	addr-flags get32 swap >> 1 and neg ;
+
 \ Define a word that evaluates to an error constant. This assumes that
 \ all relevant error codes are in the 0..63 range.
 : err:
@@ -441,7 +446,7 @@ cc: read-chunk-native ( addr len -- addr len ) {
 	addr-alert get8 case
 		0 of
 			\ 'alert' field is 0, so this byte shall be a level.
-			\ Levels shall be 1 (alert) or 2 (fatal); we convert
+			\ Levels shall be 1 (warning) or 2 (fatal); we convert
 			\ all other values to "fatal".
 			dup 1 <> if drop 2 then
 			addr-alert set8 0
@@ -449,10 +454,13 @@ cc: read-chunk-native ( addr len -- addr len ) {
 		1 of
 			0 addr-alert set8
 			\ close_notify has value 0.
+			\ no_renegotiation has value 100, and we treat it
+			\ as a fatal alert.
+			dup 100 = if 256 + fail then
 			0= ret
 		endof
 		\ Fatal alert implies context termination.
-		256 + fail
+		drop 256 + fail
 	endcase ;
 
 \ In general we only deal with handshake data here. Alerts are processed
@@ -782,8 +790,10 @@ hexb| 0000 | \ List terminator.
 		2+
 	again ;
 
-\ Check that a given cipher suite is supported.
+\ Check that a given cipher suite is supported. Note that this also
+\ returns true (-1) for the TLS_FALLBACK_SCSV pseudo-ciphersuite.
 : suite-supported? ( suite -- bool )
+	dup 0x5600 = if drop -1 ret then
 	cipher-suite-to-elements 0<> ;
 
 \ Get expected key type for cipher suite. The key type is one of