Add SecureQueue::empty

Hide the handshake reader behind a function. Add pieces for DTLS hello verify request message
author: lloyd <[email protected]> 2012-03-07 01:24:19 +0000
committer: lloyd <[email protected]> 2012-03-07 01:24:19 +0000
commit: 7371f7c59ae722769fbc0dc810583a0cd0e38877 (patch)
tree: 6270901abc28e8f436d8f6cf119e20d74861b622 /src/tls
parent: 4e427ceb1518e3a0fb978717a4ec0c7d174b68d5 (diff)
7 files changed, 49 insertions, 27 deletions
diff --git a/src/tls/c_hello.cpp b/src/tls/c_hello.cpp
index 59e0670df..35389f37b 100644
--- a/src/tls/c_hello.cpp
+++ b/src/tls/c_hello.cpp
@@ -40,7 +40,7 @@ Hello_Request::Hello_Request(Record_Writer& writer)
 Hello_Request::Hello_Request(const MemoryRegion<byte>& buf)
    {
    if(buf.size())
-      throw Decoding_Error("Hello_Request: Must be empty, and is not");
+      throw Decoding_Error("Bad Hello_Request, has non-zero size");
    }
 
 /*
diff --git a/src/tls/info.txt b/src/tls/info.txt
index 7b6595154..822914a3d 100644
--- a/src/tls/info.txt
+++ b/src/tls/info.txt
@@ -39,6 +39,7 @@ c_kex.cpp
 cert_req.cpp
 cert_ver.cpp
 finished.cpp
+hello_verify.cpp
 next_protocol.cpp
 rec_read.cpp
 rec_wri.cpp
diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp
index 2d541fbac..f45ce4bda 100644
--- a/src/tls/tls_channel.cpp
+++ b/src/tls/tls_channel.cpp
@@ -143,7 +143,7 @@ void Channel::read_handshake(byte rec_type,
       {
       if(!state)
          state = new Handshake_State(new Stream_Handshake_Reader);
-      state->handshake_reader->add_input(&rec_buf[0], rec_buf.size());
+      state->handshake_reader()->add_input(&rec_buf[0], rec_buf.size());
       }
 
    BOTAN_ASSERT(state, "Handshake message recieved without state in place");
@@ -154,10 +154,10 @@ void Channel::read_handshake(byte rec_type,
 
       if(rec_type == HANDSHAKE)
          {
-         if(state->handshake_reader->have_full_record())
+         if(state->handshake_reader()->have_full_record())
             {
             std::pair<Handshake_Type, MemoryVector<byte> > msg =
-               state->handshake_reader->get_next_record();
+               state->handshake_reader()->get_next_record();
             process_handshake_msg(msg.first, msg.second);
             }
          else
@@ -165,7 +165,7 @@ void Channel::read_handshake(byte rec_type,
          }
       else if(rec_type == CHANGE_CIPHER_SPEC)
          {
-         if(state->handshake_reader->empty() && rec_buf.size() == 1 && rec_buf[0] == 1)
+         if(state->handshake_reader()->empty() && rec_buf.size() == 1 && rec_buf[0] == 1)
             process_handshake_msg(HANDSHAKE_CCS, MemoryVector<byte>());
          else
             throw Decoding_Error("Malformed ChangeCipherSpec message");
@@ -173,7 +173,7 @@ void Channel::read_handshake(byte rec_type,
       else
          throw Decoding_Error("Unknown message type in handshake processing");
 
-      if(type == HANDSHAKE_CCS || !state || !state->handshake_reader->have_full_record())
+      if(type == HANDSHAKE_CCS || !state || !state->handshake_reader()->have_full_record())
          break;
       }
    }
diff --git a/src/tls/tls_handshake_state.cpp b/src/tls/tls_handshake_state.cpp
index 3934c30f8..2db97db0a 100644
--- a/src/tls/tls_handshake_state.cpp
+++ b/src/tls/tls_handshake_state.cpp
@@ -92,7 +92,7 @@ Handshake_State::Handshake_State(Handshake_Reader* reader)
    client_finished = 0;
    server_finished = 0;
 
-   handshake_reader = reader;
+   m_handshake_reader = reader;
 
    server_rsa_kex_key = 0;
 
@@ -294,7 +294,7 @@ Handshake_State::~Handshake_State()
    delete client_finished;
    delete server_finished;
 
-   delete handshake_reader;
+   delete m_handshake_reader;
    }
 
 }
diff --git a/src/tls/tls_handshake_state.h b/src/tls/tls_handshake_state.h
index 0c1ff6ddb..206e19096 100644
--- a/src/tls/tls_handshake_state.h
+++ b/src/tls/tls_handshake_state.h
@@ -91,8 +91,6 @@ class Handshake_State
       Session_Keys keys;
       Handshake_Hash hash;
 
-      Handshake_Reader* handshake_reader;
-
       /*
       * Only used by clients for session resumption
       */
@@ -103,7 +101,9 @@ class Handshake_State
       */
       std::tr1::function<std::string (std::vector<std::string>)> client_npn_cb;
 
+      Handshake_Reader* handshake_reader() { return m_handshake_reader; }
    private:
+      Handshake_Reader* m_handshake_reader;
       u32bit hand_expecting_mask, hand_received_mask;
       Protocol_Version m_version;
    };
diff --git a/src/tls/tls_magic.h b/src/tls/tls_magic.h
index 72a430bf2..0e45407d3 100644
--- a/src/tls/tls_magic.h
+++ b/src/tls/tls_magic.h
@@ -36,23 +36,24 @@ enum Record_Type {
 };
 
 enum Handshake_Type {
-   HELLO_REQUEST       = 0,
-   CLIENT_HELLO        = 1,
-   CLIENT_HELLO_SSLV2  = 200, // Not a wire value
-   SERVER_HELLO        = 2,
-   NEW_SESSION_TICKET  = 4, // RFC 5077
-   CERTIFICATE         = 11,
-   SERVER_KEX          = 12,
-   CERTIFICATE_REQUEST = 13,
-   SERVER_HELLO_DONE   = 14,
-   CERTIFICATE_VERIFY  = 15,
-   CLIENT_KEX          = 16,
-   FINISHED            = 20,
-
-   NEXT_PROTOCOL       = 67,
-
-   HANDSHAKE_CCS       = 100, // Not a wire value
-   HANDSHAKE_NONE      = 255  // Null value
+   HELLO_REQUEST        = 0,
+   CLIENT_HELLO         = 1,
+   CLIENT_HELLO_SSLV2   = 253, // Not a wire value
+   SERVER_HELLO         = 2,
+   HELLO_VERIFY_REQUEST = 3,
+   NEW_SESSION_TICKET   = 4, // RFC 5077
+   CERTIFICATE          = 11,
+   SERVER_KEX           = 12,
+   CERTIFICATE_REQUEST  = 13,
+   SERVER_HELLO_DONE    = 14,
+   CERTIFICATE_VERIFY   = 15,
+   CLIENT_KEX           = 16,
+   FINISHED             = 20,
+
+   NEXT_PROTOCOL        = 67,
+
+   HANDSHAKE_CCS        = 254, // Not a wire value
+   HANDSHAKE_NONE       = 255  // Null value
 };
 
 enum Ciphersuite_Code {
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index 027ac3b49..513fdad70 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -46,6 +46,26 @@ class Handshake_Message
 MemoryVector<byte> make_hello_random(RandomNumberGenerator& rng);
 
 /**
+* DTLS Hello Verify Request
+*/
+class Hello_Verify_Request : public Handshake_Message
+   {
+   public:
+      MemoryVector<byte> serialize() const;
+      Handshake_Type type() const { return HELLO_VERIFY_REQUEST; }
+
+      MemoryVector<byte> cookie() const { return m_cookie; }
+
+      Hello_Verify_Request(const MemoryRegion<byte>& buf);
+
+      Hello_Verify_Request(const MemoryVector<byte>& client_hello_bits,
+                           const std::string& client_identity,
+                           const SymmetricKey& secret_key);
+   private:
+      MemoryVector<byte> m_cookie;
+   };
+
+/**
 * Client Hello Message
 */
 class Client_Hello : public Handshake_Message
author	lloyd <[email protected]>	2012-03-07 01:24:19 +0000
committer	lloyd <[email protected]>	2012-03-07 01:24:19 +0000
commit	7371f7c59ae722769fbc0dc810583a0cd0e38877 (patch)
tree	6270901abc28e8f436d8f6cf119e20d74861b622 /src/tls
parent	4e427ceb1518e3a0fb978717a4ec0c7d174b68d5 (diff)