diff options
| author | David Benjamin <davidben@chromium.org> | 2014-08-26 05:34:56 +0400 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2014-08-27 05:54:50 +0400 |
| commit | 590cbe970c75973f38aeba4b7146dc0b84b66348 (patch) | |
| tree | 4699a8daf78d3fc4ee8eea294bedec17cde4443e /ssl/d1_clnt.c | |
| parent | 912806b1bb42151159c3d52376dd8c36c2073cfc (diff) | |
Introduce a hash_message parameter to ssl_get_message.
This replaces the special-case in ssl3_get_message for Channel ID. Also add
ssl3_hash_current_message to hash the current message, taking TLS vs DTLS
handshake header size into account.
One subtlety with this flag is that a message intended to be processed with
SSL_GET_MESSAGE_DONT_HASH_MESSAGE cannot follow an optional message
(reprocessed with reuse_message, etc.). There is an assertion to that effect.
If need be, we can loosen it to requiring that the preceeding optional message
also pass SSL_GET_MESSAGE_DONT_HASH_MESSAGE and then maintain some state to
perform the more accurate assertion, but this is sufficient for now.
Change-Id: If8c87342b291ac041a35885b9b5ee961aee86eab
Reviewed-on: https://boringssl-review.googlesource.com/1630
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'ssl/d1_clnt.c')
| -rw-r--r-- | ssl/d1_clnt.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index a518481a..4fcf0c34 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -596,6 +596,7 @@ static int dtls1_get_hello_verify(SSL *s) -1, /* Use the same maximum size as ssl3_get_server_hello. */ 20000, + SSL_GET_MESSAGE_HASH_MESSAGE, &ok); s->first_packet = 0; |