Lines Matching +full:max +full:- +full:reason
2 * Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
20 if (!s->renegotiate)
25 || !WPACKET_sub_memcpy_u8(pkt, s->s3.previous_client_finished,
26 s->s3.previous_client_finished_len)
39 if (s->ext.hostname == NULL)
44 /* Sub-packet for server_name extension */
46 /* Sub-packet for servername list (always 1 hostname)*/
49 || !WPACKET_sub_memcpy_u16(pkt, s->ext.hostname,
50 strlen(s->ext.hostname))
60 /* Push a Max Fragment Len extension into ClientHello */
65 if (s->ext.max_fragment_len_mode == TLSEXT_max_fragment_length_DISABLED)
68 /* Add Max Fragment Length extension if client enabled it. */
69 /*-
71 * 1 byte for the Max Fragment Length code value.
74 /* Sub-packet for Max Fragment Length extension (1 byte) */
76 || !WPACKET_put_bytes_u8(pkt, s->ext.max_fragment_len_mode)
90 if (s->srp_ctx.login == NULL)
94 /* Sub-packet for SRP extension */
99 || !WPACKET_memcpy(pkt, s->srp_ctx.login,
100 strlen(s->srp_ctx.login))
120 if (s->version == SSL3_VERSION)
128 alg_k = c->algorithm_mkey;
129 alg_a = c->algorithm_auth;
132 || c->min_tls >= TLS1_3_VERSION) {
160 int reason, min_version, max_version;
162 reason = ssl_get_min_max_version(s, &min_version, &max_version, NULL);
163 if (reason != 0) {
164 SSLfatal(s, SSL_AD_INTERNAL_ERROR, reason);
174 /* Sub-packet for formats extension */
191 int min_version, max_version, reason;
193 reason = ssl_get_min_max_version(s, &min_version, &max_version, NULL);
194 if (reason != 0) {
195 SSLfatal(s, SSL_AD_INTERNAL_ERROR, reason);
213 /* Sub-packet for supported_groups extension */
239 "No groups enabled for max supported SSL/TLS version");
247 "No groups enabled for max supported SSL/TLS version");
263 if (!s->new_session && s->session != NULL
264 && s->session->ext.tick != NULL
265 && s->session->ssl_version != TLS1_3_VERSION) {
266 ticklen = s->session->ext.ticklen;
267 } else if (s->session && s->ext.session_ticket != NULL
268 && s->ext.session_ticket->data != NULL) {
269 ticklen = s->ext.session_ticket->length;
270 s->session->ext.tick = OPENSSL_malloc(ticklen);
271 if (s->session->ext.tick == NULL) {
275 memcpy(s->session->ext.tick,
276 s->ext.session_ticket->data, ticklen);
277 s->session->ext.ticklen = ticklen;
282 if (ticklen == 0 && s->ext.session_ticket != NULL &&
283 s->ext.session_ticket->data == NULL)
287 || !WPACKET_sub_memcpy_u16(pkt, s->session->ext.tick, ticklen)) {
307 /* Sub-packet for sig-algs extension */
309 /* Sub-packet for the actual list */
332 if (s->ext.status_type != TLSEXT_STATUSTYPE_ocsp)
336 /* Sub-packet for status request extension */
339 /* Sub-packet for the ids */
344 for (i = 0; i < sk_OCSP_RESPID_num(s->ext.ocsp.ids); i++) {
346 OCSP_RESPID *id = sk_OCSP_RESPID_value(s->ext.ocsp.ids, i);
350 /* Sub-packet for an individual id */
362 if (s->ext.ocsp.exts) {
364 int extlen = i2d_X509_EXTENSIONS(s->ext.ocsp.exts, NULL);
371 || i2d_X509_EXTENSIONS(s->ext.ocsp.exts, &extbytes)
390 if (s->ctx->ext.npn_select_cb == NULL || !SSL_IS_FIRST_HANDSHAKE(s))
410 s->s3.alpn_sent = 0;
412 if (s->ext.alpn == NULL || !SSL_IS_FIRST_HANDSHAKE(s))
417 /* Sub-packet ALPN extension */
419 || !WPACKET_sub_memcpy_u16(pkt, s->ext.alpn, s->ext.alpn_len)
424 s->s3.alpn_sent = 1;
442 /* Sub-packet for SRTP extension */
444 /* Sub-packet for the protection profile list */
455 if (prof == NULL || !WPACKET_put_bytes_u16(pkt, prof->id)) {
475 if (s->options & SSL_OP_NO_ENCRYPT_THEN_MAC)
491 if (s->ct_validation_callback == NULL)
511 if (s->options & SSL_OP_NO_EXTENDED_MASTER_SECRET)
527 int currv, min_version, max_version, reason;
529 reason = ssl_get_min_max_version(s, &min_version, &max_version, NULL);
530 if (reason != 0) {
531 SSLfatal(s, SSL_AD_INTERNAL_ERROR, reason);
549 for (currv = max_version; currv >= min_version; currv--) {
571 int nodhe = s->options & SSL_OP_ALLOW_NO_DHE_KEX;
584 s->ext.psk_kex_mode = TLSEXT_KEX_MODE_FLAG_KE_DHE;
586 s->ext.psk_kex_mode |= TLSEXT_KEX_MODE_FLAG_KE;
599 if (s->s3.tmp.pkey != NULL) {
600 if (!ossl_assert(s->hello_retry_request == SSL_HRR_PENDING)) {
607 key_share_key = s->s3.tmp.pkey;
636 s->s3.tmp.pkey = key_share_key;
637 s->s3.group_id = curve_id;
642 if (s->s3.tmp.pkey == NULL)
660 /* Extension data sub-packet */
662 /* KeyShare list sub-packet */
674 if (s->s3.group_id != 0) {
675 curve_id = s->s3.group_id;
717 if (s->ext.tls13_cookie_len == 0)
721 /* Extension data sub-packet */
723 || !WPACKET_sub_memcpy_u16(pkt, s->ext.tls13_cookie,
724 s->ext.tls13_cookie_len)
732 OPENSSL_free(s->ext.tls13_cookie);
733 s->ext.tls13_cookie = NULL;
734 s->ext.tls13_cookie_len = 0;
752 if (s->hello_retry_request == SSL_HRR_PENDING)
755 if (s->psk_use_session_cb != NULL
756 && (!s->psk_use_session_cb(s, handmd, &id, &idlen, &psksess)
758 && psksess->ssl_version != TLS1_3_VERSION))) {
765 if (psksess == NULL && s->psk_client_callback != NULL) {
770 psklen = s->psk_client_callback(s, NULL, identity, sizeof(identity) - 1,
811 SSL_SESSION_free(s->psksession);
812 s->psksession = psksess;
814 OPENSSL_free(s->psksession_id);
815 s->psksession_id = OPENSSL_memdup(id, idlen);
816 if (s->psksession_id == NULL) {
817 s->psksession_id_len = 0;
821 s->psksession_id_len = idlen;
824 if (s->early_data_state != SSL_EARLY_DATA_CONNECTING
825 || (s->session->ext.max_early_data == 0
826 && (psksess == NULL || psksess->ext.max_early_data == 0))) {
827 s->max_early_data = 0;
830 edsess = s->session->ext.max_early_data != 0 ? s->session : psksess;
831 s->max_early_data = edsess->ext.max_early_data;
833 if (edsess->ext.hostname != NULL) {
834 if (s->ext.hostname == NULL
835 || (s->ext.hostname != NULL
836 && strcmp(s->ext.hostname, edsess->ext.hostname) != 0)) {
843 if ((s->ext.alpn == NULL && edsess->ext.alpn_selected != NULL)) {
852 if (edsess->ext.alpn_selected != NULL) {
856 if (!PACKET_buf_init(&prots, s->ext.alpn, s->ext.alpn_len)) {
861 if (PACKET_equal(&alpnpkt, edsess->ext.alpn_selected,
862 edsess->ext.alpn_selected_len)) {
885 s->ext.early_data = SSL_EARLY_DATA_REJECTED;
886 s->ext.early_data_ok = 1;
915 if ((s->options & SSL_OP_TLSEXT_PADDING) == 0)
933 if (s->session->ssl_version == TLS1_3_VERSION
934 && s->session->ext.ticklen != 0
935 && s->session->cipher != NULL) {
936 const EVP_MD *md = ssl_md(s->ctx, s->session->cipher->algorithm2);
943 hlen += PSK_PRE_BINDER_OVERHEAD + s->session->ext.ticklen
950 hlen = F5_WORKAROUND_MAX_MSG_LEN - hlen;
959 hlen -= 4;
987 s->ext.tick_identity = 0;
999 if (s->session->ssl_version != TLS1_3_VERSION
1000 || (s->session->ext.ticklen == 0 && s->psksession == NULL))
1003 if (s->hello_retry_request == SSL_HRR_PENDING)
1006 if (s->session->ext.ticklen != 0) {
1008 if (s->session->cipher == NULL) {
1012 mdres = ssl_md(s->ctx, s->session->cipher->algorithm2);
1021 if (s->hello_retry_request == SSL_HRR_PENDING && mdres != handmd) {
1037 agesec = (uint32_t)(time(NULL) - s->session->time);
1043 * bigger than the age calculated on the server - which should never
1047 agesec--;
1049 if (s->session->ext.tick_lifetime_hint < agesec) {
1072 agems += s->session->ext.tick_age_add;
1075 s->ext.tick_identity++;
1080 if (!dores && s->psksession == NULL)
1083 if (s->psksession != NULL) {
1084 mdpsk = ssl_md(s->ctx, s->psksession->cipher->algorithm2);
1094 if (s->hello_retry_request == SSL_HRR_PENDING && mdpsk != handmd) {
1115 if (!WPACKET_sub_memcpy_u16(pkt, s->session->ext.tick,
1116 s->session->ext.ticklen)
1123 if (s->psksession != NULL) {
1124 if (!WPACKET_sub_memcpy_u16(pkt, s->psksession_id,
1125 s->psksession_id_len)
1130 s->ext.tick_identity++;
1138 || (s->psksession != NULL
1144 * We need to fill in all the sub-packet lengths now so we can
1152 msgstart = WPACKET_get_curr(pkt) - msglen;
1156 resbinder, s->session, 1, 0) != 1) {
1161 if (s->psksession != NULL
1163 pskbinder, s->psksession, 1, 1) != 1) {
1180 if (!s->pha_enabled)
1183 /* construct extension - 0 length, no contents */
1191 s->post_handshake_auth = SSL_PHA_EXT_SENT;
1206 size_t expected_len = s->s3.previous_client_finished_len
1207 + s->s3.previous_server_finished_len;
1213 || s->s3.previous_client_finished_len != 0)
1215 || s->s3.previous_server_finished_len != 0)) {
1238 if (!PACKET_get_bytes(pkt, &data, s->s3.previous_client_finished_len)
1239 || memcmp(data, s->s3.previous_client_finished,
1240 s->s3.previous_client_finished_len) != 0) {
1245 if (!PACKET_get_bytes(pkt, &data, s->s3.previous_server_finished_len)
1246 || memcmp(data, s->s3.previous_server_finished,
1247 s->s3.previous_server_finished_len) != 0) {
1251 s->s3.send_connection_binding = 1;
1256 /* Parse the server's max fragment len extension packet */
1267 /* |value| should contains a valid max-fragment-length code. */
1274 /* Must be the same value as client-configured one who was sent to server */
1275 /*-
1280 if (value != s->ext.max_fragment_len_mode) {
1290 s->session->ext.max_fragment_len_mode = value;
1298 if (s->ext.hostname == NULL) {
1308 if (!s->hit) {
1309 if (s->session->ext.hostname != NULL) {
1313 s->session->ext.hostname = OPENSSL_strdup(s->ext.hostname);
1314 if (s->session->ext.hostname == NULL) {
1333 if (!s->hit) {
1340 s->ext.peer_ecpointformats_len = 0;
1341 OPENSSL_free(s->ext.peer_ecpointformats);
1342 s->ext.peer_ecpointformats = OPENSSL_malloc(ecpointformats_len);
1343 if (s->ext.peer_ecpointformats == NULL) {
1344 s->ext.peer_ecpointformats_len = 0;
1349 s->ext.peer_ecpointformats_len = ecpointformats_len;
1352 s->ext.peer_ecpointformats,
1365 if (s->ext.session_ticket_cb != NULL &&
1366 !s->ext.session_ticket_cb(s, PACKET_data(pkt),
1368 s->ext.session_ticket_cb_arg)) {
1382 s->ext.ticket_expected = 1;
1400 if (s->ext.status_type != TLSEXT_STATUSTYPE_ocsp) {
1421 s->ext.status_expected = 1;
1438 * Only take it if we asked for it - i.e if there is no CT validation
1442 if (s->ct_validation_callback != NULL) {
1446 OPENSSL_free(s->ext.scts);
1447 s->ext.scts = NULL;
1449 s->ext.scts_len = (uint16_t)size;
1451 s->ext.scts = OPENSSL_malloc(size);
1452 if (s->ext.scts == NULL) {
1453 s->ext.scts_len = 0;
1457 if (!PACKET_copy_bytes(pkt, s->ext.scts, size)) {
1470 if (custom_ext_find(&s->cert->custext, role,
1524 if (s->ctx->ext.npn_select_cb == NULL) {
1535 if (s->ctx->ext.npn_select_cb(s, &selected, &selected_len,
1538 s->ctx->ext.npn_select_cb_arg) !=
1546 * Could be non-NULL if server has sent multiple NPN extensions in
1549 OPENSSL_free(s->ext.npn);
1550 s->ext.npn = OPENSSL_malloc(selected_len);
1551 if (s->ext.npn == NULL) {
1552 s->ext.npn_len = 0;
1557 memcpy(s->ext.npn, selected, selected_len);
1558 s->ext.npn_len = selected_len;
1559 s->s3.npn_seen = 1;
1573 if (!s->s3.alpn_sent) {
1577 /*-
1591 if (!PACKET_buf_init(&confpkt, s->ext.alpn, s->ext.alpn_len)) {
1611 OPENSSL_free(s->s3.alpn_selected);
1612 s->s3.alpn_selected = OPENSSL_malloc(len);
1613 if (s->s3.alpn_selected == NULL) {
1614 s->s3.alpn_selected_len = 0;
1618 if (!PACKET_copy_bytes(pkt, s->s3.alpn_selected, len)) {
1622 s->s3.alpn_selected_len = len;
1624 if (s->session->ext.alpn_selected == NULL
1625 || s->session->ext.alpn_selected_len != len
1626 || memcmp(s->session->ext.alpn_selected, s->s3.alpn_selected, len)
1629 s->ext.early_data_ok = 0;
1631 if (!s->hit) {
1636 if (!ossl_assert(s->session->ext.alpn_selected == NULL)) {
1640 s->session->ext.alpn_selected =
1641 OPENSSL_memdup(s->s3.alpn_selected, s->s3.alpn_selected_len);
1642 if (s->session->ext.alpn_selected == NULL) {
1643 s->session->ext.alpn_selected_len = 0;
1647 s->session->ext.alpn_selected_len = s->s3.alpn_selected_len;
1691 if (prof->id == id) {
1692 s->srtp_profile = prof;
1707 if (!(s->options & SSL_OP_NO_ENCRYPT_THEN_MAC)
1708 && s->s3.tmp.new_cipher->algorithm_mac != SSL_AEAD
1709 && s->s3.tmp.new_cipher->algorithm_enc != SSL_RC4
1710 && s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT
1711 && s->s3.tmp.new_cipher->algorithm_enc != SSL_eGOST2814789CNT12
1712 && s->s3.tmp.new_cipher->algorithm_enc != SSL_MAGMA
1713 && s->s3.tmp.new_cipher->algorithm_enc != SSL_KUZNYECHIK)
1714 s->ext.use_etm = 1;
1722 if (s->options & SSL_OP_NO_EXTENDED_MASTER_SECRET)
1724 s->s3.flags |= TLS1_FLAGS_RECEIVED_EXTMS;
1725 if (!s->hit)
1726 s->session->flags |= SSL_SESS_FLAG_EXTMS;
1757 s->version = version;
1768 EVP_PKEY *ckey = s->s3.tmp.pkey, *skey = NULL;
1772 if (ckey == NULL || s->s3.peer_tmp != NULL) {
1795 if (group_id == s->s3.group_id) {
1814 s->s3.group_id = group_id;
1815 EVP_PKEY_free(s->s3.tmp.pkey);
1816 s->s3.tmp.pkey = NULL;
1820 if (group_id != s->s3.group_id) {
1829 if (!s->hit) {
1830 s->session->kex_group = group_id;
1831 } else if (group_id != s->session->kex_group) {
1842 if ((new_sess = ssl_session_dup(s->session, 0)) == NULL) {
1846 SSL_SESSION_free(s->session);
1847 s->session = new_sess;
1848 s->session->kex_group = group_id;
1851 if ((ginf = tls1_group_id_lookup(s->ctx, group_id)) == NULL) {
1862 if (!ginf->is_kem) {
1883 s->s3.peer_tmp = skey;
1894 s->s3.did_kex = 1;
1906 || !PACKET_memdup(&cookie, &s->ext.tls13_cookie,
1907 &s->ext.tls13_cookie_len)) {
1927 s->session->ext.max_early_data = max_early_data;
1937 if (!s->ext.early_data_ok
1938 || !s->hit) {
1948 s->ext.early_data = SSL_EARLY_DATA_ACCEPTED;
1964 if (identity >= (unsigned int)s->ext.tick_identity) {
1974 if (identity == 0 && (s->psksession == NULL || s->ext.tick_identity == 2)) {
1975 s->hit = 1;
1976 SSL_SESSION_free(s->psksession);
1977 s->psksession = NULL;
1981 if (s->psksession == NULL) {
1988 * If we used the external PSK for sending early_data then s->early_secret
1992 if ((s->early_data_state != SSL_EARLY_DATA_WRITE_RETRY
1993 && s->early_data_state != SSL_EARLY_DATA_FINISHED_WRITING)
1994 || s->session->ext.max_early_data > 0
1995 || s->psksession->ext.max_early_data == 0)
1996 memcpy(s->early_secret, s->psksession->early_secret, EVP_MAX_MD_SIZE);
1998 SSL_SESSION_free(s->session);
1999 s->session = s->psksession;
2000 s->psksession = NULL;
2001 s->hit = 1;
2004 s->ext.early_data_ok = 0;