From 9412b3ad3411a2106e87f0570e5f021af071ab8b Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 9 Feb 2017 13:12:00 +0000 Subject: [PATCH] Add the ability for a client to send a KeyUpdate message Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2609) --- ssl/statem/statem_clnt.c | 23 +++++++++++++++++------ ssl/statem/statem_lib.c | 2 ++ 2 files changed, 19 insertions(+), 6 deletions(-) diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 79bf20029c..ced331758d 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -405,11 +405,6 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s) { OSSL_STATEM *st = &s->statem; - /* - * TODO(TLS1.3): This is still based on the TLSv1.2 state machine. Over time - * we will update this to look more like real TLSv1.3 - */ - /* * Note: There are no cases for TLS_ST_BEFORE because we haven't negotiated * TLSv1.3 yet at that point. They are handled by @@ -444,6 +439,7 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s) return WRITE_TRAN_CONTINUE; case TLS_ST_CR_KEY_UPDATE: + case TLS_ST_CW_KEY_UPDATE: case TLS_ST_CR_SESSION_TICKET: case TLS_ST_CW_FINISHED: st->hand_state = TLS_ST_OK; @@ -451,7 +447,12 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s) return WRITE_TRAN_CONTINUE; case TLS_ST_OK: - /* Just go straight to trying to read from the server */ + if (s->key_update != SSL_KEY_UPDATE_NONE) { + st->hand_state = TLS_ST_CW_KEY_UPDATE; + return WRITE_TRAN_CONTINUE; + } + + /* Try to read from the server instead */ return WRITE_TRAN_FINISHED; } } @@ -724,6 +725,11 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst) return WORK_ERROR; } break; + + case TLS_ST_CW_KEY_UPDATE: + if (statem_flush(s) != 1) + return WORK_MORE_A; + break; } return WORK_FINISHED_CONTINUE; @@ -785,6 +791,11 @@ int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt, *confunc = tls_construct_finished; *mt = SSL3_MT_FINISHED; break; + + case TLS_ST_CW_KEY_UPDATE: + *confunc = tls_construct_key_update; + *mt = SSL3_MT_KEY_UPDATE; + break; } return 1; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 72cb7f2cc9..6261804129 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -502,6 +502,8 @@ int tls_construct_key_update(SSL *s, WPACKET *pkt) goto err; } + s->key_update = SSL_KEY_UPDATE_NONE; + return 1; err: ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); -- 2.25.1