aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-08-03 16:51:08 +0000
committerlloyd <[email protected]>2012-08-03 16:51:08 +0000
commit1811a8ab7fd607d69d7881055a5c74cb48e362fd (patch)
treea88bb57f0fed77c157d6a27a3bfd6bbc3226a768
parent950103dd7bbddec16330788c2ce11bcb545aaf25 (diff)
If we're negotiating a datagram protocol, allow a hello verify
message. Add client-side hello verify handling.
-rw-r--r--src/tls/tls_client.cpp22
1 files changed, 20 insertions, 2 deletions
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index 46e5296e2..e72dcbc8f 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -71,6 +71,8 @@ void Client::initiate_handshake(bool force_full_renegotiation,
if(!m_writer.record_version_set())
m_writer.set_version(m_state->handshake_io().initial_record_version());
+ if(m_state->version().is_datagram_protocol())
+ m_state->set_expected_next(HELLO_VERIFY_REQUEST);
m_state->set_expected_next(SERVER_HELLO);
m_state->client_npn_cb = next_protocol;
@@ -157,10 +159,26 @@ void Client::process_handshake_msg(Handshake_Type type,
m_state->confirm_transition_to(type);
- if(type != HANDSHAKE_CCS && type != FINISHED)
+ if(type != HANDSHAKE_CCS && type != FINISHED && type != HELLO_VERIFY_REQUEST)
m_state->hash.update(m_state->handshake_io().format(contents, type));
- if(type == SERVER_HELLO)
+ if(type == HELLO_VERIFY_REQUEST)
+ {
+ m_state->set_expected_next(SERVER_HELLO);
+ m_state->set_expected_next(HELLO_VERIFY_REQUEST); // might get it again
+
+ Hello_Verify_Request hello_verify_request(contents);
+
+ std::unique_ptr<Client_Hello> client_hello_w_cookie(
+ new Client_Hello(m_state->handshake_io(),
+ m_state->hash,
+ *m_state->client_hello,
+ hello_verify_request));
+
+ delete m_state->client_hello;
+ m_state->client_hello = client_hello_w_cookie.release();
+ }
+ else if(type == SERVER_HELLO)
{
m_state->server_hello = new Server_Hello(contents);