Merge branch 'master' of github.com:cyassl/cyassl
This commit is contained in:
commit
397fbb743f
@ -105,6 +105,8 @@ enum CyaSSL_ErrorCodes {
|
||||
SEQUENCE_ERROR = -270, /* dtls sequence error */
|
||||
SUITES_ERROR = -271, /* suites pointer error */
|
||||
SSL_NO_PEM_HEADER = -272, /* no PEM header found */
|
||||
OUT_OF_ORDER_E = -273, /* out of order message */
|
||||
BAD_KEA_TYPE_E = -274, /* bad KEA type found */
|
||||
/* add strings to SetErrorString !!!!! */
|
||||
|
||||
/* begin negotiation parameter errors */
|
||||
|
@ -888,6 +888,8 @@ typedef struct CipherSpecs {
|
||||
} CipherSpecs;
|
||||
|
||||
|
||||
void InitCipherSpecs(CipherSpecs* cs);
|
||||
|
||||
|
||||
/* Supported Ciphers from page 43 */
|
||||
enum BulkCipherAlgorithm {
|
||||
|
@ -496,6 +496,22 @@ void FreeCiphers(CYASSL* ssl)
|
||||
}
|
||||
|
||||
|
||||
void InitCipherSpecs(CipherSpecs* cs)
|
||||
{
|
||||
cs->bulk_cipher_algorithm = -1;
|
||||
cs->cipher_type = -1;
|
||||
cs->mac_algorithm = -1;
|
||||
cs->kea = -1;
|
||||
cs->sig_algo = -1;
|
||||
|
||||
cs->hash_size = 0;
|
||||
cs->static_ecdh = 0;
|
||||
cs->key_size = 0;
|
||||
cs->iv_size = 0;
|
||||
cs->block_size = 0;
|
||||
}
|
||||
|
||||
|
||||
void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
|
||||
byte haveNTRU, byte haveECDSAsig, byte haveStaticECC, int side)
|
||||
{
|
||||
@ -4332,6 +4348,14 @@ void SetErrorString(int error, char* str)
|
||||
XSTRNCPY(str, "No PEM Header Error", max);
|
||||
break;
|
||||
|
||||
case OUT_OF_ORDER_E:
|
||||
XSTRNCPY(str, "Out of order message, fatal", max);
|
||||
break;
|
||||
|
||||
case BAD_KEA_TYPE_E:
|
||||
XSTRNCPY(str, "Bad KEA type found", max);
|
||||
break;
|
||||
|
||||
default :
|
||||
XSTRNCPY(str, "unknown error number", max);
|
||||
}
|
||||
@ -7316,6 +7340,11 @@ int SetCipherList(Suites* s, const char* list)
|
||||
word32 length = 0;
|
||||
byte* out;
|
||||
|
||||
if (ssl->options.clientState < CLIENT_HELLO_COMPLETE) {
|
||||
CYASSL_MSG("Client sending keyexchange at wrong time");
|
||||
return OUT_OF_ORDER_E;
|
||||
}
|
||||
|
||||
if (ssl->options.verifyPeer && ssl->options.failNoCert)
|
||||
if (!ssl->options.havePeerCert) {
|
||||
CYASSL_MSG("client didn't present peer cert");
|
||||
@ -7486,6 +7515,10 @@ int SetCipherList(Suites* s, const char* list)
|
||||
ret = MakeMasterSecret(ssl);
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
}
|
||||
else {
|
||||
CYASSL_MSG("Bad kea type");
|
||||
return BAD_KEA_TYPE_E;
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
|
||||
|
Loading…
Reference in New Issue
Block a user