forked from wolfSSL/wolfssl
Use final TLS 1.3 version value by default.
This commit is contained in:
Sean Parkinson
23
configure.ac
23
configure.ac
@@ -266,7 +266,7 @@ AC_ARG_ENABLE([tls13-draft18],
|
|||||||
)
|
)
|
||||||
if test "$ENABLED_TLS13_DRAFT18" = "yes"
|
if test "$ENABLED_TLS13_DRAFT18" = "yes"
|
||||||
then
|
then
|
||||||
AM_CFLAGS="-DWOLFSSL_TLS13_DRAFT_18 $AM_CFLAGS"
|
AM_CFLAGS="-DWOLFSSL_TLS13_DRAFT -DWOLFSSL_TLS13_DRAFT_18 $AM_CFLAGS"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
@@ -278,7 +278,7 @@ AC_ARG_ENABLE([tls13-draft22],
|
|||||||
)
|
)
|
||||||
if test "$ENABLED_TLS13_DRAFT22" = "yes"
|
if test "$ENABLED_TLS13_DRAFT22" = "yes"
|
||||||
then
|
then
|
||||||
AM_CFLAGS="-DWOLFSSL_TLS13_DRAFT_22 $AM_CFLAGS"
|
AM_CFLAGS="-DWOLFSSL_TLS13_DRAFT -DWOLFSSL_TLS13_DRAFT_22 $AM_CFLAGS"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
@@ -290,7 +290,7 @@ AC_ARG_ENABLE([tls13-draft23],
|
|||||||
)
|
)
|
||||||
if test "$ENABLED_TLS13_DRAFT23" = "yes"
|
if test "$ENABLED_TLS13_DRAFT23" = "yes"
|
||||||
then
|
then
|
||||||
AM_CFLAGS="-DWOLFSSL_TLS13_DRAFT_23 $AM_CFLAGS"
|
AM_CFLAGS="-DWOLFSSL_TLS13_DRAFT -DWOLFSSL_TLS13_DRAFT_23 $AM_CFLAGS"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
@@ -302,7 +302,19 @@ AC_ARG_ENABLE([tls13-draft26],
|
|||||||
)
|
)
|
||||||
if test "$ENABLED_TLS13_DRAFT26" = "yes"
|
if test "$ENABLED_TLS13_DRAFT26" = "yes"
|
||||||
then
|
then
|
||||||
AM_CFLAGS="-DWOLFSSL_TLS13_DRAFT_26 $AM_CFLAGS"
|
AM_CFLAGS="-DWOLFSSL_TLS13_DRAFT -DWOLFSSL_TLS13_DRAFT_26 $AM_CFLAGS"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# TLS v1.3 Draft 28
|
||||||
|
AC_ARG_ENABLE([tls13-draft28],
|
||||||
|
[AS_HELP_STRING([--enable-tls13-draft28],[Enable wolfSSL TLS v1.3 Draft 28 (default: disabled)])],
|
||||||
|
[ ENABLED_TLS13_DRAFT28=$enableval ],
|
||||||
|
[ ENABLED_TLS13_DRAFT28=no ]
|
||||||
|
)
|
||||||
|
if test "$ENABLED_TLS13_DRAFT28" = "yes"
|
||||||
|
then
|
||||||
|
AM_CFLAGS="-DWOLFSSL_TLS13_DRAFT $AM_CFLAGS"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
@@ -313,7 +325,7 @@ AC_ARG_ENABLE([tls13],
|
|||||||
[ ENABLED_TLS13=no ]
|
[ ENABLED_TLS13=no ]
|
||||||
)
|
)
|
||||||
|
|
||||||
if test "$ENABLED_TLS13_DRAFT18" = "yes" || test "$ENABLED_TLS13_DRAFT22" = "yes" || test "$ENABLED_TLS13_DRAFT23" = "yes" || test "$ENABLED_TLS13_DRAFT26" = "yes"
|
if test "$ENABLED_TLS13_DRAFT18" = "yes" || test "$ENABLED_TLS13_DRAFT22" = "yes" || test "$ENABLED_TLS13_DRAFT23" = "yes" || test "$ENABLED_TLS13_DRAFT26" = "yes" || test "$ENABLED_TLS13_DRAFT28" = "yes"
|
||||||
then
|
then
|
||||||
ENABLED_TLS13="yes"
|
ENABLED_TLS13="yes"
|
||||||
fi
|
fi
|
||||||
@@ -4544,6 +4556,7 @@ echo " * TLS v1.3 Draft 18: $ENABLED_TLS13_DRAFT18"
|
|||||||
echo " * TLS v1.3 Draft 22: $ENABLED_TLS13_DRAFT22"
|
echo " * TLS v1.3 Draft 22: $ENABLED_TLS13_DRAFT22"
|
||||||
echo " * TLS v1.3 Draft 23: $ENABLED_TLS13_DRAFT23"
|
echo " * TLS v1.3 Draft 23: $ENABLED_TLS13_DRAFT23"
|
||||||
echo " * TLS v1.3 Draft 26: $ENABLED_TLS13_DRAFT26"
|
echo " * TLS v1.3 Draft 26: $ENABLED_TLS13_DRAFT26"
|
||||||
|
echo " * TLS v1.3 Draft 28: $ENABLED_TLS13_DRAFT28"
|
||||||
echo " * Post-handshake Auth: $ENABLED_TLS13_POST_AUTH"
|
echo " * Post-handshake Auth: $ENABLED_TLS13_POST_AUTH"
|
||||||
echo " * Early Data: $ENABLED_TLS13_EARLY_DATA"
|
echo " * Early Data: $ENABLED_TLS13_EARLY_DATA"
|
||||||
echo " * Send State in HRR Cookie: $ENABLED_SEND_HRR_COOKIE"
|
echo " * Send State in HRR Cookie: $ENABLED_SEND_HRR_COOKIE"
|
||||||
|
|||||||
@@ -16813,7 +16813,7 @@ exit_dpk:
|
|||||||
int CheckVersion(WOLFSSL *ssl, ProtocolVersion pv)
|
int CheckVersion(WOLFSSL *ssl, ProtocolVersion pv)
|
||||||
{
|
{
|
||||||
#ifdef WOLFSSL_TLS13
|
#ifdef WOLFSSL_TLS13
|
||||||
#ifndef WOLFSSL_TLS13_FINAL
|
#ifdef WOLFSSL_TLS13_DRAFT
|
||||||
/* TODO: [TLS13] Remove this.
|
/* TODO: [TLS13] Remove this.
|
||||||
* Translate the draft TLS v1.3 version to final version.
|
* Translate the draft TLS v1.3 version to final version.
|
||||||
*/
|
*/
|
||||||
|
|||||||
@@ -15520,7 +15520,7 @@ const char* wolfSSL_get_version(WOLFSSL* ssl)
|
|||||||
#ifdef WOLFSSL_TLS13
|
#ifdef WOLFSSL_TLS13
|
||||||
case TLSv1_3_MINOR :
|
case TLSv1_3_MINOR :
|
||||||
/* TODO: [TLS13] Remove draft versions. */
|
/* TODO: [TLS13] Remove draft versions. */
|
||||||
#ifndef WOLFSSL_TLS13_FINAL
|
#ifdef WOLFSSL_TLS13_DRAFT
|
||||||
#ifdef WOLFSSL_TLS13_DRAFT_18
|
#ifdef WOLFSSL_TLS13_DRAFT_18
|
||||||
return "TLSv1.3 (Draft 18)";
|
return "TLSv1.3 (Draft 18)";
|
||||||
#elif defined(WOLFSSL_TLS13_DRAFT_22)
|
#elif defined(WOLFSSL_TLS13_DRAFT_22)
|
||||||
|
|||||||
@@ -5231,7 +5231,7 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output,
|
|||||||
|
|
||||||
*(output++) = (byte)(cnt * OPAQUE16_LEN);
|
*(output++) = (byte)(cnt * OPAQUE16_LEN);
|
||||||
for (i = 0; i < cnt; i++) {
|
for (i = 0; i < cnt; i++) {
|
||||||
#ifndef WOLFSSL_TLS13_FINAL
|
#ifdef WOLFSSL_TLS13_DRAFT
|
||||||
/* TODO: [TLS13] Remove code when TLS v1.3 becomes an RFC. */
|
/* TODO: [TLS13] Remove code when TLS v1.3 becomes an RFC. */
|
||||||
if (pv.minor - i == TLSv1_3_MINOR) {
|
if (pv.minor - i == TLSv1_3_MINOR) {
|
||||||
/* The TLS draft major number. */
|
/* The TLS draft major number. */
|
||||||
@@ -5250,7 +5250,7 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output,
|
|||||||
}
|
}
|
||||||
#ifndef WOLFSSL_TLS13_DRAFT_18
|
#ifndef WOLFSSL_TLS13_DRAFT_18
|
||||||
else if (msgType == server_hello || msgType == hello_retry_request) {
|
else if (msgType == server_hello || msgType == hello_retry_request) {
|
||||||
#ifndef WOLFSSL_TLS13_FINAL
|
#ifdef WOLFSSL_TLS13_DRAFT
|
||||||
if (ssl->version.major == SSLv3_MAJOR &&
|
if (ssl->version.major == SSLv3_MAJOR &&
|
||||||
ssl->version.minor == TLSv1_3_MINOR) {
|
ssl->version.minor == TLSv1_3_MINOR) {
|
||||||
output[0] = TLS_DRAFT_MAJOR;
|
output[0] = TLS_DRAFT_MAJOR;
|
||||||
@@ -5307,7 +5307,7 @@ static int TLSX_SupportedVersions_Parse(WOLFSSL* ssl, byte* input,
|
|||||||
major = input[i];
|
major = input[i];
|
||||||
minor = input[i + OPAQUE8_LEN];
|
minor = input[i + OPAQUE8_LEN];
|
||||||
|
|
||||||
#ifndef WOLFSSL_TLS13_FINAL
|
#ifdef WOLFSSL_TLS13_DRAFT
|
||||||
/* TODO: [TLS13] Remove code when TLS v1.3 becomes an RFC. */
|
/* TODO: [TLS13] Remove code when TLS v1.3 becomes an RFC. */
|
||||||
if (major == TLS_DRAFT_MAJOR && minor == TLS_DRAFT_MINOR) {
|
if (major == TLS_DRAFT_MAJOR && minor == TLS_DRAFT_MINOR) {
|
||||||
major = SSLv3_MAJOR;
|
major = SSLv3_MAJOR;
|
||||||
@@ -5362,7 +5362,7 @@ static int TLSX_SupportedVersions_Parse(WOLFSSL* ssl, byte* input,
|
|||||||
major = input[0];
|
major = input[0];
|
||||||
minor = input[OPAQUE8_LEN];
|
minor = input[OPAQUE8_LEN];
|
||||||
|
|
||||||
#ifndef WOLFSSL_TLS13_FINAL
|
#ifdef WOLFSSL_TLS13_DRAFT
|
||||||
/* TODO: [TLS13] Remove code when TLS v1.3 becomes an RFC. */
|
/* TODO: [TLS13] Remove code when TLS v1.3 becomes an RFC. */
|
||||||
if (major == TLS_DRAFT_MAJOR && minor == TLS_DRAFT_MINOR) {
|
if (major == TLS_DRAFT_MAJOR && minor == TLS_DRAFT_MINOR) {
|
||||||
major = SSLv3_MAJOR;
|
major = SSLv3_MAJOR;
|
||||||
|
|||||||
@@ -1416,6 +1416,7 @@ static void AddTls13RecordHeader(byte* output, word32 length, byte type,
|
|||||||
#ifdef WOLFSSL_TLS13_DRAFT_18
|
#ifdef WOLFSSL_TLS13_DRAFT_18
|
||||||
rl->pvMinor = TLSv1_MINOR;
|
rl->pvMinor = TLSv1_MINOR;
|
||||||
#else
|
#else
|
||||||
|
/* NOTE: May be TLSv1_MINOR when sending first ClientHello. */
|
||||||
rl->pvMinor = TLSv1_2_MINOR;
|
rl->pvMinor = TLSv1_2_MINOR;
|
||||||
#endif
|
#endif
|
||||||
c16toa((word16)length, rl->length);
|
c16toa((word16)length, rl->length);
|
||||||
@@ -3704,12 +3705,12 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie)
|
|||||||
c16toa(OPAQUE16_LEN, hrr + hrrIdx);
|
c16toa(OPAQUE16_LEN, hrr + hrrIdx);
|
||||||
hrrIdx += 2;
|
hrrIdx += 2;
|
||||||
/* TODO: [TLS13] Change to ssl->version.major and minor once final. */
|
/* TODO: [TLS13] Change to ssl->version.major and minor once final. */
|
||||||
#ifdef WOLFSSL_TLS13_FINAL
|
#ifdef WOLFSSL_TLS13_DRAFT
|
||||||
hrr[hrrIdx++] = ssl->version.major;
|
|
||||||
hrr[hrrIdx++] = ssl->version.minor;
|
|
||||||
#else
|
|
||||||
hrr[hrrIdx++] = TLS_DRAFT_MAJOR;
|
hrr[hrrIdx++] = TLS_DRAFT_MAJOR;
|
||||||
hrr[hrrIdx++] = TLS_DRAFT_MINOR;
|
hrr[hrrIdx++] = TLS_DRAFT_MINOR;
|
||||||
|
#else
|
||||||
|
hrr[hrrIdx++] = ssl->version.major;
|
||||||
|
hrr[hrrIdx++] = ssl->version.minor;
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
/* Mandatory Cookie Extension */
|
/* Mandatory Cookie Extension */
|
||||||
|
|||||||
@@ -1121,7 +1121,7 @@ enum Misc {
|
|||||||
TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */
|
TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */
|
||||||
TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */
|
TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */
|
||||||
TLSv1_3_MINOR = 4, /* TLSv1_3 minor version number */
|
TLSv1_3_MINOR = 4, /* TLSv1_3 minor version number */
|
||||||
#ifndef WOLFSSL_TLS13_FINAL
|
#ifdef WOLFSSL_TLS13_DRAFT
|
||||||
TLS_DRAFT_MAJOR = 0x7f, /* Draft TLS major version number */
|
TLS_DRAFT_MAJOR = 0x7f, /* Draft TLS major version number */
|
||||||
#ifdef WOLFSSL_TLS13_DRAFT_18
|
#ifdef WOLFSSL_TLS13_DRAFT_18
|
||||||
TLS_DRAFT_MINOR = 0x12, /* Minor version number of TLS draft */
|
TLS_DRAFT_MINOR = 0x12, /* Minor version number of TLS draft */
|
||||||
|
|||||||
Reference in New Issue
Block a user