Move TLSv1.3 Session Ticket processing into the state machine
We still ignore it for now, but at least its in the right place.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 59aa8d4..58a4716 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1372,16 +1372,6 @@
}
}
- /*
- * TODO(TLS1.3): Temporarily we will just ignore NewSessionTicket messages.
- * Later we will want to process them.
- */
- if (!s->server && SSL_IS_TLS13(s) && s->rlayer.handshake_fragment_len >= 4
- && s->rlayer.handshake_fragment[0] == SSL3_MT_NEWSESSION_TICKET) {
- SSL3_RECORD_set_read(rr);
- goto start;
- }
-
/*-
* s->rlayer.handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE;
* s->rlayer.alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT.
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 8a308f8..35082ae 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -181,6 +181,13 @@
return 1;
}
break;
+
+ case TLS_ST_OK:
+ if (mt == SSL3_MT_NEWSESSION_TICKET) {
+ st->hand_state = TLS_ST_CR_SESSION_TICKET;
+ return 1;
+ }
+ break;
}
/* No valid transition found */
@@ -406,10 +413,15 @@
st->hand_state = TLS_ST_CW_FINISHED;
return WRITE_TRAN_CONTINUE;
+ case TLS_ST_CR_SESSION_TICKET:
case TLS_ST_CW_FINISHED:
st->hand_state = TLS_ST_OK;
ossl_statem_set_in_init(s, 0);
return WRITE_TRAN_CONTINUE;
+
+ case TLS_ST_OK:
+ /* Just go straight to trying to read from the server */
+ return WRITE_TRAN_FINISHED;
}
}
@@ -845,6 +857,8 @@
return tls_process_change_cipher_spec(s, pkt);
case TLS_ST_CR_SESSION_TICKET:
+ if (SSL_IS_TLS13(s))
+ return tls13_process_new_session_ticket(s, pkt);
return tls_process_new_session_ticket(s, pkt);
case TLS_ST_CR_FINISHED:
@@ -2269,6 +2283,12 @@
return MSG_PROCESS_ERROR;
}
+MSG_PROCESS_RETURN tls13_process_new_session_ticket(SSL *s, PACKET *pkt)
+{
+ /* TODO(TLS1.3): For now we just ignore these. This needs implementing */
+ return MSG_PROCESS_FINISHED_READING;
+}
+
/*
* In TLSv1.3 this is called from the extensions code, otherwise it is used to
* parse a separate message. Returns 1 on success or 0 on failure. On failure
diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h
index 5e9f72d..51adfc6 100644
--- a/ssl/statem/statem_locl.h
+++ b/ssl/statem/statem_locl.h
@@ -115,6 +115,7 @@
__owur MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt);
__owur MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt);
__owur MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt);
+__owur MSG_PROCESS_RETURN tls13_process_new_session_ticket(SSL *s, PACKET *pkt);
__owur int tls_process_cert_status_body(SSL *s, PACKET *pkt, int *al);
__owur MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt);
__owur MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt);
