Update TLSProxy to know about new HRR style
Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4701)
This commit is contained in:
Matt Caswell
parent
fc7129dc37
commit
be60b10a80
3 changed files with 23 additions and 15 deletions
|
|
@ -170,10 +170,12 @@ sub get_messages
|
|||
#We can't handle this yet
|
||||
die "CCS received before message data complete\n";
|
||||
}
|
||||
if ($server) {
|
||||
TLSProxy::Record->server_encrypting(1);
|
||||
} else {
|
||||
TLSProxy::Record->client_encrypting(1);
|
||||
if (!TLSProxy::Proxy->is_tls13()) {
|
||||
if ($server) {
|
||||
TLSProxy::Record->server_encrypting(1);
|
||||
} else {
|
||||
TLSProxy::Record->client_encrypting(1);
|
||||
}
|
||||
}
|
||||
} elsif ($record->content_type == TLSProxy::Record::RT_HANDSHAKE) {
|
||||
if ($record->len == 0 || $record->len_real == 0) {
|
||||
|
|
|
|||
|
|
@ -109,7 +109,7 @@ sub get_records
|
|||
substr($packet, TLS_RECORD_HEADER_LENGTH, $len_real)
|
||||
);
|
||||
|
||||
if (!TLSProxy::Proxy->is_tls13() || $content_type != RT_CCS) {
|
||||
if ($content_type != RT_CCS) {
|
||||
if (($server && $server_encrypting)
|
||||
|| (!$server && $client_encrypting)) {
|
||||
if (!TLSProxy::Proxy->is_tls13() && $etm) {
|
||||
|
|
@ -118,11 +118,11 @@ sub get_records
|
|||
$record->decrypt();
|
||||
}
|
||||
$record->encrypted(1);
|
||||
}
|
||||
|
||||
if (TLSProxy::Proxy->is_tls13()) {
|
||||
print " Inner content type: "
|
||||
.$record_type{$record->content_type()}."\n";
|
||||
if (TLSProxy::Proxy->is_tls13()) {
|
||||
print " Inner content type: "
|
||||
.$record_type{$record->content_type()}."\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -12,6 +12,11 @@ package TLSProxy::ServerHello;
|
|||
use vars '@ISA';
|
||||
push @ISA, 'TLSProxy::Message';
|
||||
|
||||
my $hrrrandom = pack("C*", 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE,
|
||||
0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2,
|
||||
0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09,
|
||||
0xE2, 0xC8, 0xA8, 0x33, 0x9C);
|
||||
|
||||
sub new
|
||||
{
|
||||
my $class = shift;
|
||||
|
|
@ -93,10 +98,15 @@ sub parse
|
|||
}
|
||||
}
|
||||
|
||||
# TODO(TLS1.3): Replace this reference to draft version before release
|
||||
if ($server_version == TLSProxy::Record::VERS_TLS_1_3_DRAFT) {
|
||||
if ($random eq $hrrrandom) {
|
||||
TLSProxy::Proxy->is_tls13(1);
|
||||
# TODO(TLS1.3): Replace this reference to draft version before release
|
||||
} elsif ($server_version == TLSProxy::Record::VERS_TLS_1_3_DRAFT) {
|
||||
$server_version = TLSProxy::Record::VERS_TLS_1_3;
|
||||
TLSProxy::Proxy->is_tls13(1);
|
||||
|
||||
TLSProxy::Record->server_encrypting(1);
|
||||
TLSProxy::Record->client_encrypting(1);
|
||||
}
|
||||
|
||||
$self->server_version($server_version);
|
||||
|
|
@ -110,10 +120,6 @@ sub parse
|
|||
|
||||
$self->process_data();
|
||||
|
||||
if (TLSProxy::Proxy->is_tls13()) {
|
||||
TLSProxy::Record->server_encrypting(1);
|
||||
TLSProxy::Record->client_encrypting(1);
|
||||
}
|
||||
|
||||
print " Server Version:".$server_version."\n";
|
||||
print " Session ID Len:".$session_id_len."\n";
|
||||
|
|
|
|||
Loading…
Reference in a new issue