Adding Post-Handshake message handling.
Change-Id: I5cc194fc0a3ba8283049078e5671c924ee23036c
Reviewed-on: https://boringssl-review.googlesource.com/8980
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/internal.h b/ssl/internal.h
index e3d0463..14265f9 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -905,6 +905,10 @@
enum ssl_hs_wait_t tls13_client_handshake(SSL *ssl);
enum ssl_hs_wait_t tls13_server_handshake(SSL *ssl);
+/* tls13_post_handshake processes a post-handshake message. It returns one on
+ * success and zero on failure. */
+int tls13_post_handshake(SSL *ssl);
+
/* tls13_check_message_type checks if the current message has type |type|. If so
* it returns one. Otherwise, it sends an alert and returns zero. */
int tls13_check_message_type(SSL *ssl, int type);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index c161950..f06c0de 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -675,9 +675,7 @@
return ssl_do_renegotiate(ssl);
}
- /* TODO(svaldez): Handle TLS 1.3 post-handshake messages. For now,
- * silently drop them. */
- return 1;
+ return tls13_post_handshake(ssl);
}
static int ssl_read_impl(SSL *ssl, void *buf, int num, int peek) {
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 8815f8f..48d8703 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -5144,10 +5144,6 @@
})
// Renegotiation is forbidden in TLS 1.3.
- //
- // TODO(davidben): This test current asserts that we ignore
- // HelloRequests, but we actually should hard reject them. Fix this
- // test once we actually parse post-handshake messages.
testCases = append(testCases, testCase{
name: "Renegotiate-Client-TLS13",
config: Config{
@@ -5159,6 +5155,8 @@
flags: []string{
"-renegotiate-freely",
},
+ shouldFail: true,
+ expectedError: ":UNEXPECTED_MESSAGE:",
})
// Stray HelloRequests during the handshake are forbidden in TLS 1.3.
diff --git a/ssl/tls13_both.c b/ssl/tls13_both.c
index 7b276df..1f60453 100644
--- a/ssl/tls13_both.c
+++ b/ssl/tls13_both.c
@@ -452,3 +452,18 @@
return 1;
}
+
+int tls13_post_handshake(SSL *ssl) {
+ if (ssl->s3->tmp.message_type == SSL3_MT_NEW_SESSION_TICKET &&
+ !ssl->server) {
+ // TODO(svaldez): Handle NewSessionTicket.
+ return 1;
+ }
+
+ // TODO(svaldez): Handle post-handshake authentication.
+ // TODO(svaldez): Handle KeyUpdate.
+
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
+ return 0;
+}
