diff options
author | Jack Lloyd <[email protected]> | 2015-10-25 22:25:40 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2015-10-25 22:25:40 -0400 |
commit | b2da74ca508745f00bb3d6b35cbe34d5031e27e7 (patch) | |
tree | 032fafd34f178af3b66877d52897f2e14359adaf /src/lib/tls/msg_client_hello.cpp | |
parent | 2d078053b1ac7c1e2316892d8634c386288ee159 (diff) |
TLS improvements
Use constant time operations when checking CBC padding in TLS decryption
Fix a bug in decoding ClientHellos that prevented DTLS rehandshakes
from working: on decode the session id and hello cookie would be
swapped, causing confusion between client and server.
Various changes in the service of finding the above DTLS bug that
should have been done before now anyway - better control of handshake
timeouts (via TLS::Policy), better reporting of handshake state in the
case of an error, and finally expose the facility for per-message
application callbacks.
Diffstat (limited to 'src/lib/tls/msg_client_hello.cpp')
-rw-r--r-- | src/lib/tls/msg_client_hello.cpp | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp index 82ba6f4f6..77bdc5cf5 100644 --- a/src/lib/tls/msg_client_hello.cpp +++ b/src/lib/tls/msg_client_hello.cpp @@ -1,6 +1,6 @@ /* * TLS Hello Request and Client Hello Messages -* (C) 2004-2011 Jack Lloyd +* (C) 2004-2011,2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -210,11 +210,11 @@ Client_Hello::Client_Hello(const std::vector<byte>& buf) m_random = reader.get_fixed<byte>(32); + m_session_id = reader.get_range<byte>(1, 0, 32); + if(m_version.is_datagram_protocol()) m_hello_cookie = reader.get_range<byte>(1, 0, 255); - m_session_id = reader.get_range<byte>(1, 0, 32); - m_suites = reader.get_range_vector<u16bit>(2, 1, 32767); m_comp_methods = reader.get_range_vector<byte>(1, 1, 255); |