aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/tls_client.cpp32
-rw-r--r--src/tls/tls_handshake_state.h12
2 files changed, 28 insertions, 16 deletions
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index 57195e1f9..0a0ca0549 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -15,6 +15,24 @@ namespace Botan {
namespace TLS {
+namespace {
+
+class Client_Handshake_State : public Handshake_State
+ {
+ public:
+ Client_Handshake_State(Handshake_IO* io) : Handshake_State(io) {}
+
+ secure_vector<byte> resume_master_secret; // FIXME make private
+
+ /**
+ * Used by client using NPN
+ * FIXME make private
+ */
+ std::function<std::string (std::vector<std::string>)> client_npn_cb;
+ };
+
+}
+
/*
* TLS Client Constructor
*/
@@ -43,7 +61,7 @@ Client::Client(std::function<void (const byte[], size_t)> output_fn,
Handshake_State* Client::new_handshake_state()
{
- return new Handshake_State(new Stream_Handshake_IO(m_writer));
+ return new Client_Handshake_State(new Stream_Handshake_IO(m_writer));
}
/*
@@ -75,7 +93,7 @@ void Client::initiate_handshake(bool force_full_renegotiation,
m_state->set_expected_next(HELLO_VERIFY_REQUEST);
m_state->set_expected_next(SERVER_HELLO);
- m_state->client_npn_cb = next_protocol;
+ dynamic_cast<Client_Handshake_State&>(*m_state).client_npn_cb = next_protocol;
const bool send_npn_request = static_cast<bool>(next_protocol);
@@ -95,7 +113,8 @@ void Client::initiate_handshake(bool force_full_renegotiation,
session_info,
send_npn_request));
- m_state->resume_master_secret = session_info.master_secret();
+ dynamic_cast<Client_Handshake_State&>(*m_state).resume_master_secret =
+ session_info.master_secret();
}
}
}
@@ -234,7 +253,9 @@ void Client::process_handshake_msg(Handshake_Type type,
throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
"Server resumed session but with wrong version");
- m_state->compute_session_keys(m_state->resume_master_secret);
+ m_state->compute_session_keys(
+ dynamic_cast<Client_Handshake_State&>(*m_state).resume_master_secret
+ );
// The server is not strictly required to send us a new ticket
if(m_state->server_hello()->supports_session_ticket())
@@ -410,7 +431,8 @@ void Client::process_handshake_msg(Handshake_Type type,
if(m_state->server_hello()->next_protocol_notification())
{
const std::string protocol =
- m_state->client_npn_cb(m_state->server_hello()->next_protocols());
+ dynamic_cast<Client_Handshake_State&>(*m_state).client_npn_cb(
+ m_state->server_hello()->next_protocols());
m_state->next_protocol(
new Next_Protocol(m_state->handshake_io(), m_state->hash(), protocol)
diff --git a/src/tls/tls_handshake_state.h b/src/tls/tls_handshake_state.h
index 66c1ac113..6710e1ce6 100644
--- a/src/tls/tls_handshake_state.h
+++ b/src/tls/tls_handshake_state.h
@@ -47,7 +47,7 @@ class Handshake_State
public:
Handshake_State(Handshake_IO* io);
- ~Handshake_State();
+ virtual ~Handshake_State();
Handshake_State(const Handshake_State&) = delete;
Handshake_State& operator=(const Handshake_State&) = delete;
@@ -151,21 +151,11 @@ class Handshake_State
Private_Key* server_rsa_kex_key = nullptr; // FIXME make private
/*
- * Only used by clients for session resumption
- */
- secure_vector<byte> resume_master_secret; // FIXME make private
-
- /*
* Used by the server to know if resumption should be allowed on
* a server-initiated renegotiation
*/
bool allow_session_resumption = true; // FIXME make private
- /**
- * Used by client using NPN FIXME make private
- */
- std::function<std::string (std::vector<std::string>)> client_npn_cb;
-
private:
std::unique_ptr<Handshake_IO> m_handshake_io;