diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-03-08 13:57:05 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-03-09 17:02:23 +0100 |
commit | 70db923871d9cdf17a458790e98708828f1e5b1c (patch) | |
tree | 92ae2b4091231ae3c6dc0d0bd848639cd47e1a6a /lib/gnutls_int.h | |
parent | 28e65c00ae7092c67f1fe0a86b87cd55a1d9a630 (diff) | |
download | gnutls-70db923871d9cdf17a458790e98708828f1e5b1c.tar.gz |
Hello retry request matches server hello
That also distinguishes between them by using the special random value,
and implements the version check as in draft-ietf-tls-tls13-24.
Resolves #391 #390 #392
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/gnutls_int.h')
-rw-r--r-- | lib/gnutls_int.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index c4d8524a27..1d75c4a09f 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -134,6 +134,13 @@ typedef struct { #define GNUTLS_MASTER_SIZE 48 #define GNUTLS_RANDOM_SIZE 32 +#define HRR_RANDOM \ + "\xCF\x21\xAD\x74\xE5\x9A\x61\x11\xBE\x1D\x8C\x02\x1E\x65\xB8\x91" \ + "\xC2\xA2\x11\x16\x7A\xBB\x8C\x5E\x07\x9E\x09\xE2\xC8\xA8\x33\x9C" + +/* Under TLS1.3 a hello retry request is sent as server hello */ +#define REAL_HSK_TYPE(t) ((t)==GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST?GNUTLS_HANDSHAKE_SERVER_HELLO:t) + /* Enable: Appendix D4. Middlebox Compatibility Mode */ #define TLS13_APPENDIX_D4 1 @@ -366,6 +373,10 @@ typedef enum content_type_t { typedef struct { /* Handshake layer type and sequence of message */ gnutls_handshake_description_t htype; + + /* The "real" type received; that is, it does not distinguish + * HRR from server hello, while htype does */ + gnutls_handshake_description_t rtype; uint32_t length; /* valid in DTLS */ |