diff options
author | lloyd <[email protected]> | 2012-01-27 15:38:53 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-01-27 15:38:53 +0000 |
commit | 2d31f3fc1b1c88739e5babbd6a9e8cb3b80263de (patch) | |
tree | 59eeaeae4d678f3d251fb3bdf6b9d25aa79140b0 /src/tls/tls_client.cpp | |
parent | 3d3c7f45e64c2dab1b9558fc9da80cdd30175063 (diff) |
Add client-side support for PSK kex. Tested against OpenSSL.
Diffstat (limited to 'src/tls/tls_client.cpp')
-rw-r--r-- | src/tls/tls_client.cpp | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp index 8df0c77a1..39b0d3e59 100644 --- a/src/tls/tls_client.cpp +++ b/src/tls/tls_client.cpp @@ -221,6 +221,19 @@ void Client::process_handshake_msg(Handshake_Type type, { state->set_expected_next(CERTIFICATE); } + else if(state->suite.kex_algo() == "PSK") + { + /* PSK is anonymous so no certificate/cert req message is + ever sent. The server may or may not send a server kex, + depending on if it has an identity hint for us. + + PSK_DHE always sends a server key exchange for the DH + exchange portion. + */ + + state->set_expected_next(SERVER_KEX); + state->set_expected_next(SERVER_HELLO_DONE); + } else if(state->suite.kex_algo() != "RSA") { state->set_expected_next(SERVER_KEX); @@ -315,6 +328,7 @@ void Client::process_handshake_msg(Handshake_Type type, state->client_kex = new Client_Key_Exchange(writer, state, + creds, peer_certs, rng); |