return SSL_READ_EARLY_ERROR;
}
- /*
- * TODO(TLS1.3): Somehow we need to check that we're not receiving too much
- * data
- */
-
switch (s->early_data_state) {
case SSL_EARLY_DATA_NONE:
if (!SSL_in_before(s)) {
return 0;
}
- /*
- * TODO(TLS1.3): Somehow we need to check that we're not sending too much
- * data
- */
-
switch (s->early_data_state) {
case SSL_EARLY_DATA_NONE:
if (!SSL_in_before(s)) {
{
OSSL_STATEM *st = &s->statem;
- /*
- * TODO(TLS1.3): This is still based on the TLSv1.2 state machine. Over time
- * we will update this to look more like real TLSv1.3
- */
-
/*
* Note: There is no case for TLS_ST_CW_CLNT_HELLO, because we haven't
* yet negotiated TLSv1.3 at that point so that is handled by
int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
size_t len, size_t *secret_size)
{
- /*
- * TODO(TLS1.3): We haven't implemented TLS1.3 key derivation yet. For now
- * we will just force no use of EMS (which adds complications around the
- * handshake hash). This will need to be removed later
- */
- if ((s->session->flags & SSL_SESS_FLAG_EXTMS)
- && !SSL_IS_TLS13(s)) {
+ if (s->session->flags & SSL_SESS_FLAG_EXTMS) {
unsigned char hash[EVP_MAX_MD_SIZE * 2];
size_t hashlen;
/*
projects / oweals / openssl.git / commitdiff