diff options
author | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2023-02-27 16:45:58 +0100 |
---|---|---|
committer | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2023-02-27 16:45:58 +0100 |
commit | 4e7151f8800bd4f7b94509b1eca2d71ea5e3d15b (patch) | |
tree | 8f7166e46654ac85dde4997c869e49d823ea6603 /lib/handshake.c | |
parent | e3b2640ea82f5a59c3cfd516014922816ac8f1be (diff) | |
download | gnutls-wip/dtls13.tar.gz |
DTLS1_3: server supportwip/dtls13
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Diffstat (limited to 'lib/handshake.c')
-rw-r--r-- | lib/handshake.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/lib/handshake.c b/lib/handshake.c index 72f531da13..46df6c5e9e 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -471,12 +471,12 @@ _gnutls_negotiate_version(gnutls_session_t session, if (aversion == NULL || _gnutls_nversion_is_supported(session, major, minor) == 0) { - if (aversion && aversion->id == GNUTLS_TLS1_2) { + if (aversion && (aversion->id == GNUTLS_TLS1_2 || aversion->id == GNUTLS_DTLS1_2)) { vers = _gnutls_version_max(session); if (unlikely(vers == NULL)) return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES); - if (vers->id >= GNUTLS_TLS1_2) { + if (vers->id >= GNUTLS_TLS1_2 || vers->id >= GNUTLS_DTLS1_2) { session->security_parameters.pversion = aversion; return 0; } @@ -2481,8 +2481,13 @@ int _gnutls_send_server_hello(gnutls_session_t session, int again) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); if (vers->tls13_sem) { - vbytes[0] = 0x03; /* TLS1.2 */ - vbytes[1] = 0x03; + if (IS_DTLS(session)) { + vbytes[0] = 0xfe; /* DTLS1.2 */ + vbytes[1] = 0xfd; + } else { + vbytes[0] = 0x03; /* TLS1.2 */ + vbytes[1] = 0x03; + } extflag |= GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO; } else { vbytes[0] = vers->major; @@ -3572,7 +3577,8 @@ static int handshake_server(gnutls_session_t session) STATE = STATE1; } - if (ret == GNUTLS_E_NO_COMMON_KEY_SHARE) { + ver = _gnutls_version_max(session); + if (ret == GNUTLS_E_NO_COMMON_KEY_SHARE || (ver->tls13_sem && IS_DTLS(session))) { STATE = STATE90; session->internals.hsk_flags |= HSK_HRR_SENT; goto reset; |