diff options
Diffstat (limited to 'src/tls')
-rw-r--r-- | src/tls/tls_client.cpp | 32 | ||||
-rw-r--r-- | src/tls/tls_handshake_state.h | 12 |
2 files changed, 28 insertions, 16 deletions
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp index 57195e1f9..0a0ca0549 100644 --- a/src/tls/tls_client.cpp +++ b/src/tls/tls_client.cpp @@ -15,6 +15,24 @@ namespace Botan { namespace TLS { +namespace { + +class Client_Handshake_State : public Handshake_State + { + public: + Client_Handshake_State(Handshake_IO* io) : Handshake_State(io) {} + + secure_vector<byte> resume_master_secret; // FIXME make private + + /** + * Used by client using NPN + * FIXME make private + */ + std::function<std::string (std::vector<std::string>)> client_npn_cb; + }; + +} + /* * TLS Client Constructor */ @@ -43,7 +61,7 @@ Client::Client(std::function<void (const byte[], size_t)> output_fn, Handshake_State* Client::new_handshake_state() { - return new Handshake_State(new Stream_Handshake_IO(m_writer)); + return new Client_Handshake_State(new Stream_Handshake_IO(m_writer)); } /* @@ -75,7 +93,7 @@ void Client::initiate_handshake(bool force_full_renegotiation, m_state->set_expected_next(HELLO_VERIFY_REQUEST); m_state->set_expected_next(SERVER_HELLO); - m_state->client_npn_cb = next_protocol; + dynamic_cast<Client_Handshake_State&>(*m_state).client_npn_cb = next_protocol; const bool send_npn_request = static_cast<bool>(next_protocol); @@ -95,7 +113,8 @@ void Client::initiate_handshake(bool force_full_renegotiation, session_info, send_npn_request)); - m_state->resume_master_secret = session_info.master_secret(); + dynamic_cast<Client_Handshake_State&>(*m_state).resume_master_secret = + session_info.master_secret(); } } } @@ -234,7 +253,9 @@ void Client::process_handshake_msg(Handshake_Type type, throw TLS_Exception(Alert::HANDSHAKE_FAILURE, "Server resumed session but with wrong version"); - m_state->compute_session_keys(m_state->resume_master_secret); + m_state->compute_session_keys( + dynamic_cast<Client_Handshake_State&>(*m_state).resume_master_secret + ); // The server is not strictly required to send us a new ticket if(m_state->server_hello()->supports_session_ticket()) @@ -410,7 +431,8 @@ void Client::process_handshake_msg(Handshake_Type type, if(m_state->server_hello()->next_protocol_notification()) { const std::string protocol = - m_state->client_npn_cb(m_state->server_hello()->next_protocols()); + dynamic_cast<Client_Handshake_State&>(*m_state).client_npn_cb( + m_state->server_hello()->next_protocols()); m_state->next_protocol( new Next_Protocol(m_state->handshake_io(), m_state->hash(), protocol) diff --git a/src/tls/tls_handshake_state.h b/src/tls/tls_handshake_state.h index 66c1ac113..6710e1ce6 100644 --- a/src/tls/tls_handshake_state.h +++ b/src/tls/tls_handshake_state.h @@ -47,7 +47,7 @@ class Handshake_State public: Handshake_State(Handshake_IO* io); - ~Handshake_State(); + virtual ~Handshake_State(); Handshake_State(const Handshake_State&) = delete; Handshake_State& operator=(const Handshake_State&) = delete; @@ -151,21 +151,11 @@ class Handshake_State Private_Key* server_rsa_kex_key = nullptr; // FIXME make private /* - * Only used by clients for session resumption - */ - secure_vector<byte> resume_master_secret; // FIXME make private - - /* * Used by the server to know if resumption should be allowed on * a server-initiated renegotiation */ bool allow_session_resumption = true; // FIXME make private - /** - * Used by client using NPN FIXME make private - */ - std::function<std::string (std::vector<std::string>)> client_npn_cb; - private: std::unique_ptr<Handshake_IO> m_handshake_io; |