forked from wolfSSL/wolfssl
Implemented strict switch fall-through handling using new macro FALL_THROUGH.
This commit is contained in:
David Garske
@@ -113,7 +113,7 @@ OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET"
|
|||||||
DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL"
|
DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL"
|
||||||
LIB_ADD=
|
LIB_ADD=
|
||||||
LIB_STATIC_ADD=
|
LIB_STATIC_ADD=
|
||||||
SWITCH_FALLTHROUGH="-Wimplicit-fallthrough=0"
|
SWITCH_FALLTHROUGH="-Wimplicit-fallthrough=5"
|
||||||
|
|
||||||
thread_ls_on=no
|
thread_ls_on=no
|
||||||
# Thread local storage
|
# Thread local storage
|
||||||
@@ -3423,7 +3423,7 @@ case $host_os in
|
|||||||
fi ;;
|
fi ;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
# add workaround for switch fall-through
|
# add strict checking for switch fall-through
|
||||||
CFLAGS="$CFLAGS $SWITCH_FALLTHROUGH"
|
CFLAGS="$CFLAGS $SWITCH_FALLTHROUGH"
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -7084,6 +7084,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
||||||
} /* case TLS_ASYNC_BEGIN */
|
} /* case TLS_ASYNC_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_BUILD:
|
case TLS_ASYNC_BUILD:
|
||||||
{
|
{
|
||||||
@@ -7308,6 +7309,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_DO;
|
ssl->options.asyncState = TLS_ASYNC_DO;
|
||||||
} /* case TLS_ASYNC_BUILD */
|
} /* case TLS_ASYNC_BUILD */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_DO:
|
case TLS_ASYNC_DO:
|
||||||
{
|
{
|
||||||
@@ -7513,6 +7515,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* case TLS_ASYNC_DO */
|
} /* case TLS_ASYNC_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_VERIFY:
|
case TLS_ASYNC_VERIFY:
|
||||||
{
|
{
|
||||||
@@ -7697,6 +7700,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* case TLS_ASYNC_VERIFY */
|
} /* case TLS_ASYNC_VERIFY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_FINALIZE:
|
case TLS_ASYNC_FINALIZE:
|
||||||
{
|
{
|
||||||
@@ -7826,6 +7830,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_END;
|
ssl->options.asyncState = TLS_ASYNC_END;
|
||||||
} /* case TLS_ASYNC_FINALIZE */
|
} /* case TLS_ASYNC_FINALIZE */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_END:
|
case TLS_ASYNC_END:
|
||||||
{
|
{
|
||||||
@@ -9593,6 +9598,8 @@ static INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input, word16 sz,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->encrypt.state = CIPHER_STATE_DO;
|
ssl->encrypt.state = CIPHER_STATE_DO;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CIPHER_STATE_DO:
|
case CIPHER_STATE_DO:
|
||||||
{
|
{
|
||||||
ret = EncryptDo(ssl, out, input, sz, asyncOkay);
|
ret = EncryptDo(ssl, out, input, sz, asyncOkay);
|
||||||
@@ -9607,6 +9614,7 @@ static INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input, word16 sz,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CIPHER_STATE_END:
|
case CIPHER_STATE_END:
|
||||||
{
|
{
|
||||||
@@ -9826,6 +9834,7 @@ static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->decrypt.state = CIPHER_STATE_DO;
|
ssl->decrypt.state = CIPHER_STATE_DO;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
case CIPHER_STATE_DO:
|
case CIPHER_STATE_DO:
|
||||||
{
|
{
|
||||||
ret = DecryptDo(ssl, plain, input, sz);
|
ret = DecryptDo(ssl, plain, input, sz);
|
||||||
@@ -9840,7 +9849,7 @@ static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
case CIPHER_STATE_END:
|
case CIPHER_STATE_END:
|
||||||
{
|
{
|
||||||
#if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
|
#if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
|
||||||
@@ -10527,6 +10536,7 @@ int ProcessReply(WOLFSSL* ssl)
|
|||||||
ssl->options.processReply = getRecordLayerHeader;
|
ssl->options.processReply = getRecordLayerHeader;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* in the WOLFSSL_SERVER case, run the old client hello */
|
/* in the WOLFSSL_SERVER case, run the old client hello */
|
||||||
case runProcessOldClientHello:
|
case runProcessOldClientHello:
|
||||||
@@ -10561,6 +10571,7 @@ int ProcessReply(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
|
|
||||||
#endif /* OLD_HELLO_ALLOWED */
|
#endif /* OLD_HELLO_ALLOWED */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* get the record layer header */
|
/* get the record layer header */
|
||||||
case getRecordLayerHeader:
|
case getRecordLayerHeader:
|
||||||
@@ -10588,6 +10599,7 @@ int ProcessReply(WOLFSSL* ssl)
|
|||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
ssl->options.processReply = getData;
|
ssl->options.processReply = getData;
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* retrieve record layer data */
|
/* retrieve record layer data */
|
||||||
case getData:
|
case getData:
|
||||||
@@ -10609,6 +10621,7 @@ int ProcessReply(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.processReply = decryptMessage;
|
ssl->options.processReply = decryptMessage;
|
||||||
startIdx = ssl->buffers.inputBuffer.idx; /* in case > 1 msg per */
|
startIdx = ssl->buffers.inputBuffer.idx; /* in case > 1 msg per */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* decrypt message */
|
/* decrypt message */
|
||||||
case decryptMessage:
|
case decryptMessage:
|
||||||
@@ -10679,6 +10692,7 @@ int ProcessReply(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
|
|
||||||
ssl->options.processReply = verifyMessage;
|
ssl->options.processReply = verifyMessage;
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* verify digest of message */
|
/* verify digest of message */
|
||||||
case verifyMessage:
|
case verifyMessage:
|
||||||
@@ -10713,6 +10727,7 @@ int ProcessReply(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
|
|
||||||
ssl->options.processReply = runProcessingOneMessage;
|
ssl->options.processReply = runProcessingOneMessage;
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* the record layer is here */
|
/* the record layer is here */
|
||||||
case runProcessingOneMessage:
|
case runProcessingOneMessage:
|
||||||
@@ -11351,7 +11366,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
|
|||||||
|
|
||||||
ssl->options.buildMsgState = BUILD_MSG_SIZE;
|
ssl->options.buildMsgState = BUILD_MSG_SIZE;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
case BUILD_MSG_SIZE:
|
case BUILD_MSG_SIZE:
|
||||||
{
|
{
|
||||||
args->digestSz = ssl->specs.hash_size;
|
args->digestSz = ssl->specs.hash_size;
|
||||||
@@ -11430,6 +11445,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
|
|||||||
|
|
||||||
ssl->options.buildMsgState = BUILD_MSG_HASH;
|
ssl->options.buildMsgState = BUILD_MSG_HASH;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
case BUILD_MSG_HASH:
|
case BUILD_MSG_HASH:
|
||||||
{
|
{
|
||||||
word32 i;
|
word32 i;
|
||||||
@@ -11448,6 +11464,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
|
|||||||
|
|
||||||
ssl->options.buildMsgState = BUILD_MSG_VERIFY_MAC;
|
ssl->options.buildMsgState = BUILD_MSG_VERIFY_MAC;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
case BUILD_MSG_VERIFY_MAC:
|
case BUILD_MSG_VERIFY_MAC:
|
||||||
{
|
{
|
||||||
/* User Record Layer Callback handling */
|
/* User Record Layer Callback handling */
|
||||||
@@ -11499,6 +11516,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
|
|||||||
|
|
||||||
ssl->options.buildMsgState = BUILD_MSG_ENCRYPT;
|
ssl->options.buildMsgState = BUILD_MSG_ENCRYPT;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
case BUILD_MSG_ENCRYPT:
|
case BUILD_MSG_ENCRYPT:
|
||||||
{
|
{
|
||||||
ret = Encrypt(ssl, output + args->headerSz, output + args->headerSz, args->size,
|
ret = Encrypt(ssl, output + args->headerSz, output + args->headerSz, args->size,
|
||||||
@@ -11982,7 +12000,7 @@ static int BuildCertificateStatus(WOLFSSL* ssl, byte type, buffer* status,
|
|||||||
switch (type) {
|
switch (type) {
|
||||||
case WOLFSSL_CSR2_OCSP_MULTI:
|
case WOLFSSL_CSR2_OCSP_MULTI:
|
||||||
length += OPAQUE24_LEN;
|
length += OPAQUE24_LEN;
|
||||||
/* followed by */
|
FALL_THROUGH; /* followed by */
|
||||||
|
|
||||||
case WOLFSSL_CSR2_OCSP:
|
case WOLFSSL_CSR2_OCSP:
|
||||||
for (i = 0; i < count; i++)
|
for (i = 0; i < count; i++)
|
||||||
@@ -16134,6 +16152,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
||||||
} /* case TLS_ASYNC_BEGIN */
|
} /* case TLS_ASYNC_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_BUILD:
|
case TLS_ASYNC_BUILD:
|
||||||
{
|
{
|
||||||
@@ -16307,6 +16326,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_DO;
|
ssl->options.asyncState = TLS_ASYNC_DO;
|
||||||
} /* case TLS_ASYNC_BUILD */
|
} /* case TLS_ASYNC_BUILD */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_DO:
|
case TLS_ASYNC_DO:
|
||||||
{
|
{
|
||||||
@@ -16405,6 +16425,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* case TLS_ASYNC_DO */
|
} /* case TLS_ASYNC_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_VERIFY:
|
case TLS_ASYNC_VERIFY:
|
||||||
{
|
{
|
||||||
@@ -16500,6 +16521,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* case TLS_ASYNC_VERIFY */
|
} /* case TLS_ASYNC_VERIFY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_FINALIZE:
|
case TLS_ASYNC_FINALIZE:
|
||||||
{
|
{
|
||||||
@@ -16536,6 +16558,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_END;
|
ssl->options.asyncState = TLS_ASYNC_END;
|
||||||
} /* case TLS_ASYNC_FINALIZE */
|
} /* case TLS_ASYNC_FINALIZE */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_END:
|
case TLS_ASYNC_END:
|
||||||
{
|
{
|
||||||
@@ -17153,6 +17176,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
||||||
} /* case TLS_ASYNC_BEGIN */
|
} /* case TLS_ASYNC_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_BUILD:
|
case TLS_ASYNC_BUILD:
|
||||||
{
|
{
|
||||||
@@ -17403,6 +17427,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_DO;
|
ssl->options.asyncState = TLS_ASYNC_DO;
|
||||||
} /* case TLS_ASYNC_BUILD */
|
} /* case TLS_ASYNC_BUILD */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_DO:
|
case TLS_ASYNC_DO:
|
||||||
{
|
{
|
||||||
@@ -17535,6 +17560,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* case TLS_ASYNC_DO */
|
} /* case TLS_ASYNC_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_VERIFY:
|
case TLS_ASYNC_VERIFY:
|
||||||
{
|
{
|
||||||
@@ -17645,6 +17671,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* case TLS_ASYNC_VERIFY */
|
} /* case TLS_ASYNC_VERIFY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_FINALIZE:
|
case TLS_ASYNC_FINALIZE:
|
||||||
{
|
{
|
||||||
@@ -17748,6 +17775,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_END;
|
ssl->options.asyncState = TLS_ASYNC_END;
|
||||||
} /* case TLS_ASYNC_FINALIZE */
|
} /* case TLS_ASYNC_FINALIZE */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_END:
|
case TLS_ASYNC_END:
|
||||||
{
|
{
|
||||||
@@ -18026,6 +18054,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
||||||
} /* case TLS_ASYNC_BEGIN */
|
} /* case TLS_ASYNC_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_BUILD:
|
case TLS_ASYNC_BUILD:
|
||||||
{
|
{
|
||||||
@@ -18150,6 +18179,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_DO;
|
ssl->options.asyncState = TLS_ASYNC_DO;
|
||||||
} /* case TLS_ASYNC_BUILD */
|
} /* case TLS_ASYNC_BUILD */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_DO:
|
case TLS_ASYNC_DO:
|
||||||
{
|
{
|
||||||
@@ -18201,6 +18231,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* case TLS_ASYNC_DO */
|
} /* case TLS_ASYNC_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_VERIFY:
|
case TLS_ASYNC_VERIFY:
|
||||||
{
|
{
|
||||||
@@ -18248,6 +18279,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* case TLS_ASYNC_VERIFY */
|
} /* case TLS_ASYNC_VERIFY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_FINALIZE:
|
case TLS_ASYNC_FINALIZE:
|
||||||
{
|
{
|
||||||
@@ -18282,6 +18314,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_END;
|
ssl->options.asyncState = TLS_ASYNC_END;
|
||||||
} /* case TLS_ASYNC_FINALIZE */
|
} /* case TLS_ASYNC_FINALIZE */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_END:
|
case TLS_ASYNC_END:
|
||||||
{
|
{
|
||||||
@@ -18955,6 +18988,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
||||||
} /* case TLS_ASYNC_BEGIN */
|
} /* case TLS_ASYNC_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_BUILD:
|
case TLS_ASYNC_BUILD:
|
||||||
{
|
{
|
||||||
@@ -19737,6 +19771,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_DO;
|
ssl->options.asyncState = TLS_ASYNC_DO;
|
||||||
} /* case TLS_ASYNC_BUILD */
|
} /* case TLS_ASYNC_BUILD */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_DO:
|
case TLS_ASYNC_DO:
|
||||||
{
|
{
|
||||||
@@ -19859,6 +19894,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* case TLS_ASYNC_DO */
|
} /* case TLS_ASYNC_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_VERIFY:
|
case TLS_ASYNC_VERIFY:
|
||||||
{
|
{
|
||||||
@@ -19988,6 +20024,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* case TLS_ASYNC_VERIFY */
|
} /* case TLS_ASYNC_VERIFY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_FINALIZE:
|
case TLS_ASYNC_FINALIZE:
|
||||||
{
|
{
|
||||||
@@ -20057,6 +20094,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_END;
|
ssl->options.asyncState = TLS_ASYNC_END;
|
||||||
} /* case TLS_ASYNC_FINALIZE */
|
} /* case TLS_ASYNC_FINALIZE */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_END:
|
case TLS_ASYNC_END:
|
||||||
{
|
{
|
||||||
@@ -21028,6 +21066,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
||||||
} /* case TLS_ASYNC_BEGIN */
|
} /* case TLS_ASYNC_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_BUILD:
|
case TLS_ASYNC_BUILD:
|
||||||
{
|
{
|
||||||
@@ -21106,6 +21145,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_DO;
|
ssl->options.asyncState = TLS_ASYNC_DO;
|
||||||
} /* case TLS_ASYNC_BUILD */
|
} /* case TLS_ASYNC_BUILD */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_DO:
|
case TLS_ASYNC_DO:
|
||||||
{
|
{
|
||||||
@@ -21160,6 +21200,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* case TLS_ASYNC_DO */
|
} /* case TLS_ASYNC_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_VERIFY:
|
case TLS_ASYNC_VERIFY:
|
||||||
{
|
{
|
||||||
@@ -21253,6 +21294,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* case TLS_ASYNC_VERIFY */
|
} /* case TLS_ASYNC_VERIFY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_FINALIZE:
|
case TLS_ASYNC_FINALIZE:
|
||||||
{
|
{
|
||||||
@@ -21825,6 +21867,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
||||||
} /* TLS_ASYNC_BEGIN */
|
} /* TLS_ASYNC_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_BUILD:
|
case TLS_ASYNC_BUILD:
|
||||||
{
|
{
|
||||||
@@ -22232,6 +22275,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_DO;
|
ssl->options.asyncState = TLS_ASYNC_DO;
|
||||||
} /* TLS_ASYNC_BUILD */
|
} /* TLS_ASYNC_BUILD */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_DO:
|
case TLS_ASYNC_DO:
|
||||||
{
|
{
|
||||||
@@ -22350,6 +22394,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* TLS_ASYNC_DO */
|
} /* TLS_ASYNC_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_VERIFY:
|
case TLS_ASYNC_VERIFY:
|
||||||
{
|
{
|
||||||
@@ -22478,6 +22523,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* TLS_ASYNC_VERIFY */
|
} /* TLS_ASYNC_VERIFY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_FINALIZE:
|
case TLS_ASYNC_FINALIZE:
|
||||||
{
|
{
|
||||||
@@ -22516,6 +22562,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_END;
|
ssl->options.asyncState = TLS_ASYNC_END;
|
||||||
} /* TLS_ASYNC_FINALIZE */
|
} /* TLS_ASYNC_FINALIZE */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_END:
|
case TLS_ASYNC_END:
|
||||||
{
|
{
|
||||||
|
|||||||
27
src/ssl.c
27
src/ssl.c
@@ -8095,6 +8095,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
}
|
}
|
||||||
ssl->options.connectState = CLIENT_HELLO_SENT;
|
ssl->options.connectState = CLIENT_HELLO_SENT;
|
||||||
WOLFSSL_MSG("connect state: CLIENT_HELLO_SENT");
|
WOLFSSL_MSG("connect state: CLIENT_HELLO_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CLIENT_HELLO_SENT :
|
case CLIENT_HELLO_SENT :
|
||||||
neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE :
|
neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE :
|
||||||
@@ -8124,6 +8125,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
|
|
||||||
ssl->options.connectState = HELLO_AGAIN;
|
ssl->options.connectState = HELLO_AGAIN;
|
||||||
WOLFSSL_MSG("connect state: HELLO_AGAIN");
|
WOLFSSL_MSG("connect state: HELLO_AGAIN");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case HELLO_AGAIN :
|
case HELLO_AGAIN :
|
||||||
if (ssl->options.certOnly)
|
if (ssl->options.certOnly)
|
||||||
@@ -8150,6 +8152,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
|
|
||||||
ssl->options.connectState = HELLO_AGAIN_REPLY;
|
ssl->options.connectState = HELLO_AGAIN_REPLY;
|
||||||
WOLFSSL_MSG("connect state: HELLO_AGAIN_REPLY");
|
WOLFSSL_MSG("connect state: HELLO_AGAIN_REPLY");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case HELLO_AGAIN_REPLY :
|
case HELLO_AGAIN_REPLY :
|
||||||
#ifdef WOLFSSL_DTLS
|
#ifdef WOLFSSL_DTLS
|
||||||
@@ -8173,6 +8176,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
|
|
||||||
ssl->options.connectState = FIRST_REPLY_DONE;
|
ssl->options.connectState = FIRST_REPLY_DONE;
|
||||||
WOLFSSL_MSG("connect state: FIRST_REPLY_DONE");
|
WOLFSSL_MSG("connect state: FIRST_REPLY_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FIRST_REPLY_DONE :
|
case FIRST_REPLY_DONE :
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
@@ -8187,6 +8191,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
#endif
|
#endif
|
||||||
ssl->options.connectState = FIRST_REPLY_FIRST;
|
ssl->options.connectState = FIRST_REPLY_FIRST;
|
||||||
WOLFSSL_MSG("connect state: FIRST_REPLY_FIRST");
|
WOLFSSL_MSG("connect state: FIRST_REPLY_FIRST");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FIRST_REPLY_FIRST :
|
case FIRST_REPLY_FIRST :
|
||||||
if (!ssl->options.resuming) {
|
if (!ssl->options.resuming) {
|
||||||
@@ -8199,6 +8204,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
|
|
||||||
ssl->options.connectState = FIRST_REPLY_SECOND;
|
ssl->options.connectState = FIRST_REPLY_SECOND;
|
||||||
WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND");
|
WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FIRST_REPLY_SECOND :
|
case FIRST_REPLY_SECOND :
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
@@ -8212,6 +8218,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
#endif
|
#endif
|
||||||
ssl->options.connectState = FIRST_REPLY_THIRD;
|
ssl->options.connectState = FIRST_REPLY_THIRD;
|
||||||
WOLFSSL_MSG("connect state: FIRST_REPLY_THIRD");
|
WOLFSSL_MSG("connect state: FIRST_REPLY_THIRD");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FIRST_REPLY_THIRD :
|
case FIRST_REPLY_THIRD :
|
||||||
if ( (ssl->error = SendChangeCipher(ssl)) != 0) {
|
if ( (ssl->error = SendChangeCipher(ssl)) != 0) {
|
||||||
@@ -8221,6 +8228,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
WOLFSSL_MSG("sent: change cipher spec");
|
WOLFSSL_MSG("sent: change cipher spec");
|
||||||
ssl->options.connectState = FIRST_REPLY_FOURTH;
|
ssl->options.connectState = FIRST_REPLY_FOURTH;
|
||||||
WOLFSSL_MSG("connect state: FIRST_REPLY_FOURTH");
|
WOLFSSL_MSG("connect state: FIRST_REPLY_FOURTH");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FIRST_REPLY_FOURTH :
|
case FIRST_REPLY_FOURTH :
|
||||||
if ( (ssl->error = SendFinished(ssl)) != 0) {
|
if ( (ssl->error = SendFinished(ssl)) != 0) {
|
||||||
@@ -8230,6 +8238,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
WOLFSSL_MSG("sent: finished");
|
WOLFSSL_MSG("sent: finished");
|
||||||
ssl->options.connectState = FINISHED_DONE;
|
ssl->options.connectState = FINISHED_DONE;
|
||||||
WOLFSSL_MSG("connect state: FINISHED_DONE");
|
WOLFSSL_MSG("connect state: FINISHED_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FINISHED_DONE :
|
case FINISHED_DONE :
|
||||||
/* get response */
|
/* get response */
|
||||||
@@ -8241,6 +8250,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
|
|
||||||
ssl->options.connectState = SECOND_REPLY_DONE;
|
ssl->options.connectState = SECOND_REPLY_DONE;
|
||||||
WOLFSSL_MSG("connect state: SECOND_REPLY_DONE");
|
WOLFSSL_MSG("connect state: SECOND_REPLY_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case SECOND_REPLY_DONE:
|
case SECOND_REPLY_DONE:
|
||||||
#ifndef NO_HANDSHAKE_DONE_CB
|
#ifndef NO_HANDSHAKE_DONE_CB
|
||||||
@@ -8441,6 +8451,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
#ifdef WOLFSSL_TLS13
|
#ifdef WOLFSSL_TLS13
|
||||||
ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE;
|
ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_CLIENT_HELLO_DONE :
|
case ACCEPT_CLIENT_HELLO_DONE :
|
||||||
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) {
|
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) {
|
||||||
@@ -8451,6 +8462,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = ACCEPT_HELLO_RETRY_REQUEST_DONE;
|
ssl->options.acceptState = ACCEPT_HELLO_RETRY_REQUEST_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_HELLO_RETRY_REQUEST_DONE :
|
case ACCEPT_HELLO_RETRY_REQUEST_DONE :
|
||||||
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) {
|
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) {
|
||||||
@@ -8462,6 +8474,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
#endif
|
#endif
|
||||||
ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE;
|
ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_FIRST_REPLY_DONE :
|
case ACCEPT_FIRST_REPLY_DONE :
|
||||||
#ifdef WOLFSSL_TLS13
|
#ifdef WOLFSSL_TLS13
|
||||||
@@ -8475,6 +8488,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = SERVER_HELLO_SENT;
|
ssl->options.acceptState = SERVER_HELLO_SENT;
|
||||||
WOLFSSL_MSG("accept state SERVER_HELLO_SENT");
|
WOLFSSL_MSG("accept state SERVER_HELLO_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case SERVER_HELLO_SENT :
|
case SERVER_HELLO_SENT :
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
@@ -8486,6 +8500,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
#endif
|
#endif
|
||||||
ssl->options.acceptState = CERT_SENT;
|
ssl->options.acceptState = CERT_SENT;
|
||||||
WOLFSSL_MSG("accept state CERT_SENT");
|
WOLFSSL_MSG("accept state CERT_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CERT_SENT :
|
case CERT_SENT :
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
@@ -8497,6 +8512,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
#endif
|
#endif
|
||||||
ssl->options.acceptState = CERT_STATUS_SENT;
|
ssl->options.acceptState = CERT_STATUS_SENT;
|
||||||
WOLFSSL_MSG("accept state CERT_STATUS_SENT");
|
WOLFSSL_MSG("accept state CERT_STATUS_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CERT_STATUS_SENT :
|
case CERT_STATUS_SENT :
|
||||||
if (!ssl->options.resuming)
|
if (!ssl->options.resuming)
|
||||||
@@ -8506,6 +8522,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = KEY_EXCHANGE_SENT;
|
ssl->options.acceptState = KEY_EXCHANGE_SENT;
|
||||||
WOLFSSL_MSG("accept state KEY_EXCHANGE_SENT");
|
WOLFSSL_MSG("accept state KEY_EXCHANGE_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case KEY_EXCHANGE_SENT :
|
case KEY_EXCHANGE_SENT :
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
@@ -8520,6 +8537,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
#endif
|
#endif
|
||||||
ssl->options.acceptState = CERT_REQ_SENT;
|
ssl->options.acceptState = CERT_REQ_SENT;
|
||||||
WOLFSSL_MSG("accept state CERT_REQ_SENT");
|
WOLFSSL_MSG("accept state CERT_REQ_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CERT_REQ_SENT :
|
case CERT_REQ_SENT :
|
||||||
if (!ssl->options.resuming)
|
if (!ssl->options.resuming)
|
||||||
@@ -8529,6 +8547,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = SERVER_HELLO_DONE;
|
ssl->options.acceptState = SERVER_HELLO_DONE;
|
||||||
WOLFSSL_MSG("accept state SERVER_HELLO_DONE");
|
WOLFSSL_MSG("accept state SERVER_HELLO_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case SERVER_HELLO_DONE :
|
case SERVER_HELLO_DONE :
|
||||||
if (!ssl->options.resuming) {
|
if (!ssl->options.resuming) {
|
||||||
@@ -8540,6 +8559,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE;
|
ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_SECOND_REPLY_DONE :
|
case ACCEPT_SECOND_REPLY_DONE :
|
||||||
#ifdef HAVE_SESSION_TICKET
|
#ifdef HAVE_SESSION_TICKET
|
||||||
@@ -8552,6 +8572,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
#endif /* HAVE_SESSION_TICKET */
|
#endif /* HAVE_SESSION_TICKET */
|
||||||
ssl->options.acceptState = TICKET_SENT;
|
ssl->options.acceptState = TICKET_SENT;
|
||||||
WOLFSSL_MSG("accept state TICKET_SENT");
|
WOLFSSL_MSG("accept state TICKET_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TICKET_SENT:
|
case TICKET_SENT:
|
||||||
if ( (ssl->error = SendChangeCipher(ssl)) != 0) {
|
if ( (ssl->error = SendChangeCipher(ssl)) != 0) {
|
||||||
@@ -8560,6 +8581,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = CHANGE_CIPHER_SENT;
|
ssl->options.acceptState = CHANGE_CIPHER_SENT;
|
||||||
WOLFSSL_MSG("accept state CHANGE_CIPHER_SENT");
|
WOLFSSL_MSG("accept state CHANGE_CIPHER_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CHANGE_CIPHER_SENT :
|
case CHANGE_CIPHER_SENT :
|
||||||
if ( (ssl->error = SendFinished(ssl)) != 0) {
|
if ( (ssl->error = SendFinished(ssl)) != 0) {
|
||||||
@@ -8569,6 +8591,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
|
|
||||||
ssl->options.acceptState = ACCEPT_FINISHED_DONE;
|
ssl->options.acceptState = ACCEPT_FINISHED_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_FINISHED_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_FINISHED_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_FINISHED_DONE :
|
case ACCEPT_FINISHED_DONE :
|
||||||
if (ssl->options.resuming)
|
if (ssl->options.resuming)
|
||||||
@@ -8580,6 +8603,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||||||
|
|
||||||
ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE;
|
ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_THIRD_REPLY_DONE :
|
case ACCEPT_THIRD_REPLY_DONE :
|
||||||
#ifndef NO_HANDSHAKE_DONE_CB
|
#ifndef NO_HANDSHAKE_DONE_CB
|
||||||
@@ -24017,10 +24041,13 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
|
|||||||
switch (a->data[i++] - 0x80) {
|
switch (a->data[i++] - 0x80) {
|
||||||
case 4:
|
case 4:
|
||||||
len |= a->data[i++] << 24;
|
len |= a->data[i++] << 24;
|
||||||
|
FALL_THROUGH;
|
||||||
case 3:
|
case 3:
|
||||||
len |= a->data[i++] << 16;
|
len |= a->data[i++] << 16;
|
||||||
|
FALL_THROUGH;
|
||||||
case 2:
|
case 2:
|
||||||
len |= a->data[i++] << 8;
|
len |= a->data[i++] << 8;
|
||||||
|
FALL_THROUGH;
|
||||||
case 1:
|
case 1:
|
||||||
len |= a->data[i++];
|
len |= a->data[i++];
|
||||||
break;
|
break;
|
||||||
|
|||||||
@@ -2666,7 +2666,7 @@ int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert, byte isPeer,
|
|||||||
if (!isPeer || csr2->requests != 0)
|
if (!isPeer || csr2->requests != 0)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
/* followed by */
|
FALL_THROUGH; /* followed by */
|
||||||
|
|
||||||
case WOLFSSL_CSR2_OCSP_MULTI: {
|
case WOLFSSL_CSR2_OCSP_MULTI: {
|
||||||
if (csr2->requests < 1 + MAX_CHAIN_DEPTH) {
|
if (csr2->requests < 1 + MAX_CHAIN_DEPTH) {
|
||||||
|
|||||||
31
src/tls13.c
31
src/tls13.c
@@ -3557,6 +3557,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
||||||
} /* case TLS_ASYNC_BEGIN */
|
} /* case TLS_ASYNC_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_BUILD:
|
case TLS_ASYNC_BUILD:
|
||||||
{
|
{
|
||||||
@@ -3618,6 +3619,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_DO;
|
ssl->options.asyncState = TLS_ASYNC_DO;
|
||||||
} /* case TLS_ASYNC_BUILD */
|
} /* case TLS_ASYNC_BUILD */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_DO:
|
case TLS_ASYNC_DO:
|
||||||
{
|
{
|
||||||
@@ -3666,6 +3668,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* case TLS_ASYNC_DO */
|
} /* case TLS_ASYNC_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_VERIFY:
|
case TLS_ASYNC_VERIFY:
|
||||||
{
|
{
|
||||||
@@ -3699,6 +3702,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* case TLS_ASYNC_VERIFY */
|
} /* case TLS_ASYNC_VERIFY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_FINALIZE:
|
case TLS_ASYNC_FINALIZE:
|
||||||
{
|
{
|
||||||
@@ -3723,6 +3727,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl)
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_END;
|
ssl->options.asyncState = TLS_ASYNC_END;
|
||||||
} /* case TLS_ASYNC_FINALIZE */
|
} /* case TLS_ASYNC_FINALIZE */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_END:
|
case TLS_ASYNC_END:
|
||||||
{
|
{
|
||||||
@@ -3868,6 +3873,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
ssl->options.asyncState = TLS_ASYNC_BUILD;
|
||||||
} /* case TLS_ASYNC_BEGIN */
|
} /* case TLS_ASYNC_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_BUILD:
|
case TLS_ASYNC_BUILD:
|
||||||
{
|
{
|
||||||
@@ -3933,6 +3939,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_DO;
|
ssl->options.asyncState = TLS_ASYNC_DO;
|
||||||
} /* case TLS_ASYNC_BUILD */
|
} /* case TLS_ASYNC_BUILD */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_DO:
|
case TLS_ASYNC_DO:
|
||||||
{
|
{
|
||||||
@@ -3983,6 +3990,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* case TLS_ASYNC_DO */
|
} /* case TLS_ASYNC_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_VERIFY:
|
case TLS_ASYNC_VERIFY:
|
||||||
{
|
{
|
||||||
@@ -3998,6 +4006,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
|
|||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* case TLS_ASYNC_VERIFY */
|
} /* case TLS_ASYNC_VERIFY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TLS_ASYNC_FINALIZE:
|
case TLS_ASYNC_FINALIZE:
|
||||||
{
|
{
|
||||||
@@ -5024,6 +5033,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.connectState = CLIENT_HELLO_SENT;
|
ssl->options.connectState = CLIENT_HELLO_SENT;
|
||||||
WOLFSSL_MSG("connect state: CLIENT_HELLO_SENT");
|
WOLFSSL_MSG("connect state: CLIENT_HELLO_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CLIENT_HELLO_SENT:
|
case CLIENT_HELLO_SENT:
|
||||||
neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE :
|
neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE :
|
||||||
@@ -5043,6 +5053,8 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.connectState = HELLO_AGAIN;
|
ssl->options.connectState = HELLO_AGAIN;
|
||||||
WOLFSSL_MSG("connect state: HELLO_AGAIN");
|
WOLFSSL_MSG("connect state: HELLO_AGAIN");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case HELLO_AGAIN:
|
case HELLO_AGAIN:
|
||||||
if (ssl->options.certOnly)
|
if (ssl->options.certOnly)
|
||||||
return SSL_SUCCESS;
|
return SSL_SUCCESS;
|
||||||
@@ -5061,6 +5073,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.connectState = HELLO_AGAIN_REPLY;
|
ssl->options.connectState = HELLO_AGAIN_REPLY;
|
||||||
WOLFSSL_MSG("connect state: HELLO_AGAIN_REPLY");
|
WOLFSSL_MSG("connect state: HELLO_AGAIN_REPLY");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case HELLO_AGAIN_REPLY:
|
case HELLO_AGAIN_REPLY:
|
||||||
if (ssl->options.serverState == NULL_STATE) {
|
if (ssl->options.serverState == NULL_STATE) {
|
||||||
@@ -5083,6 +5096,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.connectState = FIRST_REPLY_DONE;
|
ssl->options.connectState = FIRST_REPLY_DONE;
|
||||||
WOLFSSL_MSG("connect state: FIRST_REPLY_DONE");
|
WOLFSSL_MSG("connect state: FIRST_REPLY_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FIRST_REPLY_DONE:
|
case FIRST_REPLY_DONE:
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
@@ -5098,6 +5112,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.connectState = FIRST_REPLY_FIRST;
|
ssl->options.connectState = FIRST_REPLY_FIRST;
|
||||||
WOLFSSL_MSG("connect state: FIRST_REPLY_FIRST");
|
WOLFSSL_MSG("connect state: FIRST_REPLY_FIRST");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FIRST_REPLY_FIRST:
|
case FIRST_REPLY_FIRST:
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
@@ -5113,6 +5128,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.connectState = FIRST_REPLY_SECOND;
|
ssl->options.connectState = FIRST_REPLY_SECOND;
|
||||||
WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND");
|
WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FIRST_REPLY_SECOND:
|
case FIRST_REPLY_SECOND:
|
||||||
if ((ssl->error = SendTls13Finished(ssl)) != 0) {
|
if ((ssl->error = SendTls13Finished(ssl)) != 0) {
|
||||||
@@ -5123,6 +5139,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.connectState = FINISHED_DONE;
|
ssl->options.connectState = FINISHED_DONE;
|
||||||
WOLFSSL_MSG("connect state: FINISHED_DONE");
|
WOLFSSL_MSG("connect state: FINISHED_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case FINISHED_DONE:
|
case FINISHED_DONE:
|
||||||
#ifndef NO_HANDSHAKE_DONE_CB
|
#ifndef NO_HANDSHAKE_DONE_CB
|
||||||
@@ -5366,6 +5383,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE;
|
ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_CLIENT_HELLO_DONE :
|
case ACCEPT_CLIENT_HELLO_DONE :
|
||||||
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) {
|
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) {
|
||||||
@@ -5376,6 +5394,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = ACCEPT_HELLO_RETRY_REQUEST_DONE;
|
ssl->options.acceptState = ACCEPT_HELLO_RETRY_REQUEST_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_HELLO_RETRY_REQUEST_DONE :
|
case ACCEPT_HELLO_RETRY_REQUEST_DONE :
|
||||||
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) {
|
if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) {
|
||||||
@@ -5386,6 +5405,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE;
|
ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_FIRST_REPLY_DONE :
|
case ACCEPT_FIRST_REPLY_DONE :
|
||||||
if ((ssl->error = SendTls13ServerHello(ssl)) != 0) {
|
if ((ssl->error = SendTls13ServerHello(ssl)) != 0) {
|
||||||
@@ -5394,6 +5414,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = SERVER_HELLO_SENT;
|
ssl->options.acceptState = SERVER_HELLO_SENT;
|
||||||
WOLFSSL_MSG("accept state SERVER_HELLO_SENT");
|
WOLFSSL_MSG("accept state SERVER_HELLO_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case SERVER_HELLO_SENT :
|
case SERVER_HELLO_SENT :
|
||||||
if ((ssl->error = SendTls13EncryptedExtensions(ssl)) != 0) {
|
if ((ssl->error = SendTls13EncryptedExtensions(ssl)) != 0) {
|
||||||
@@ -5402,6 +5423,8 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
ssl->options.acceptState = SERVER_EXTENSIONS_SENT;
|
ssl->options.acceptState = SERVER_EXTENSIONS_SENT;
|
||||||
WOLFSSL_MSG("accept state SERVER_EXTENSIONS_SENT");
|
WOLFSSL_MSG("accept state SERVER_EXTENSIONS_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case SERVER_EXTENSIONS_SENT :
|
case SERVER_EXTENSIONS_SENT :
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
if (!ssl->options.resuming) {
|
if (!ssl->options.resuming) {
|
||||||
@@ -5416,6 +5439,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
#endif
|
#endif
|
||||||
ssl->options.acceptState = CERT_REQ_SENT;
|
ssl->options.acceptState = CERT_REQ_SENT;
|
||||||
WOLFSSL_MSG("accept state CERT_REQ_SENT");
|
WOLFSSL_MSG("accept state CERT_REQ_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CERT_REQ_SENT :
|
case CERT_REQ_SENT :
|
||||||
ssl->options.acceptState = KEY_EXCHANGE_SENT;
|
ssl->options.acceptState = KEY_EXCHANGE_SENT;
|
||||||
@@ -5429,6 +5453,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
#endif
|
#endif
|
||||||
ssl->options.acceptState = CERT_SENT;
|
ssl->options.acceptState = CERT_SENT;
|
||||||
WOLFSSL_MSG("accept state CERT_SENT");
|
WOLFSSL_MSG("accept state CERT_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CERT_SENT :
|
case CERT_SENT :
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
@@ -5441,6 +5466,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
#endif
|
#endif
|
||||||
ssl->options.acceptState = CERT_STATUS_SENT;
|
ssl->options.acceptState = CERT_STATUS_SENT;
|
||||||
WOLFSSL_MSG("accept state CERT_STATUS_SENT");
|
WOLFSSL_MSG("accept state CERT_STATUS_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case CERT_VERIFY_SENT :
|
case CERT_VERIFY_SENT :
|
||||||
if ((ssl->error = SendTls13Finished(ssl)) != 0) {
|
if ((ssl->error = SendTls13Finished(ssl)) != 0) {
|
||||||
@@ -5450,6 +5476,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.acceptState = ACCEPT_FINISHED_DONE;
|
ssl->options.acceptState = ACCEPT_FINISHED_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_FINISHED_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_FINISHED_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_FINISHED_DONE :
|
case ACCEPT_FINISHED_DONE :
|
||||||
#ifdef HAVE_SESSION_TICKET
|
#ifdef HAVE_SESSION_TICKET
|
||||||
@@ -5464,6 +5491,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
#endif /* HAVE_SESSION_TICKET */
|
#endif /* HAVE_SESSION_TICKET */
|
||||||
ssl->options.acceptState = TICKET_SENT;
|
ssl->options.acceptState = TICKET_SENT;
|
||||||
WOLFSSL_MSG("accept state TICKET_SENT");
|
WOLFSSL_MSG("accept state TICKET_SENT");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case TICKET_SENT:
|
case TICKET_SENT:
|
||||||
while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE)
|
while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE)
|
||||||
@@ -5474,6 +5502,8 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
|
|
||||||
ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE;
|
ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_SECOND_REPLY_DONE :
|
case ACCEPT_SECOND_REPLY_DONE :
|
||||||
#ifdef HAVE_SESSION_TICKET
|
#ifdef HAVE_SESSION_TICKET
|
||||||
if (!ssl->options.resuming && ssl->options.verifyPeer &&
|
if (!ssl->options.resuming && ssl->options.verifyPeer &&
|
||||||
@@ -5486,6 +5516,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||||||
#endif /* HAVE_SESSION_TICKET */
|
#endif /* HAVE_SESSION_TICKET */
|
||||||
ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE;
|
ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE;
|
||||||
WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE");
|
WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE");
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case ACCEPT_THIRD_REPLY_DONE:
|
case ACCEPT_THIRD_REPLY_DONE:
|
||||||
#ifndef NO_HANDSHAKE_DONE_CB
|
#ifndef NO_HANDSHAKE_DONE_CB
|
||||||
|
|||||||
@@ -4472,9 +4472,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
ERROR_OUT(MEMORY_E, exit_cs);
|
ERROR_OUT(MEMORY_E, exit_cs);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* fall through */
|
|
||||||
sigCtx->state = SIG_STATE_HASH;
|
sigCtx->state = SIG_STATE_HASH;
|
||||||
} /* SIG_STATE_BEGIN */
|
} /* SIG_STATE_BEGIN */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case SIG_STATE_HASH:
|
case SIG_STATE_HASH:
|
||||||
{
|
{
|
||||||
@@ -4550,9 +4550,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
goto exit_cs;
|
goto exit_cs;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* fall through */
|
|
||||||
sigCtx->state = SIG_STATE_KEY;
|
sigCtx->state = SIG_STATE_KEY;
|
||||||
} /* SIG_STATE_HASH */
|
} /* SIG_STATE_HASH */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case SIG_STATE_KEY:
|
case SIG_STATE_KEY:
|
||||||
{
|
{
|
||||||
@@ -4625,9 +4625,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
goto exit_cs;
|
goto exit_cs;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* fall through */
|
|
||||||
sigCtx->state = SIG_STATE_DO;
|
sigCtx->state = SIG_STATE_DO;
|
||||||
} /* SIG_STATE_KEY */
|
} /* SIG_STATE_KEY */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case SIG_STATE_DO:
|
case SIG_STATE_DO:
|
||||||
{
|
{
|
||||||
@@ -4667,9 +4667,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
goto exit_cs;
|
goto exit_cs;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* fall through */
|
|
||||||
sigCtx->state = SIG_STATE_CHECK;
|
sigCtx->state = SIG_STATE_CHECK;
|
||||||
} /* SIG_STATE_DO */
|
} /* SIG_STATE_DO */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case SIG_STATE_CHECK:
|
case SIG_STATE_CHECK:
|
||||||
{
|
{
|
||||||
@@ -8207,8 +8207,8 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buffer, int sz,
|
|||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
goto exit_ms;
|
goto exit_ms;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* fall-through */
|
|
||||||
case CERTSIGN_STATE_ENCODE:
|
case CERTSIGN_STATE_ENCODE:
|
||||||
#ifndef NO_RSA
|
#ifndef NO_RSA
|
||||||
if (rsaKey) {
|
if (rsaKey) {
|
||||||
@@ -8223,8 +8223,8 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buffer, int sz,
|
|||||||
certSignCtx->digest, digestSz, typeH);
|
certSignCtx->digest, digestSz, typeH);
|
||||||
}
|
}
|
||||||
#endif /* !NO_RSA */
|
#endif /* !NO_RSA */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* fall-through */
|
|
||||||
case CERTSIGN_STATE_DO:
|
case CERTSIGN_STATE_DO:
|
||||||
certSignCtx->state = CERTSIGN_STATE_DO;
|
certSignCtx->state = CERTSIGN_STATE_DO;
|
||||||
ret = ALGO_ID_E; /* default to error */
|
ret = ALGO_ID_E; /* default to error */
|
||||||
|
|||||||
@@ -2900,8 +2900,8 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
|
|||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* fall through */
|
|
||||||
case ECC_STATE_SHARED_SEC_RES:
|
case ECC_STATE_SHARED_SEC_RES:
|
||||||
private_key->state = ECC_STATE_SHARED_SEC_RES;
|
private_key->state = ECC_STATE_SHARED_SEC_RES;
|
||||||
err = 0;
|
err = 0;
|
||||||
@@ -3393,8 +3393,8 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
|
|||||||
}
|
}
|
||||||
|
|
||||||
#endif /* WOLFSSL_ATECC508A */
|
#endif /* WOLFSSL_ATECC508A */
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* fall through */
|
|
||||||
case ECC_STATE_SIGN_ENCODE:
|
case ECC_STATE_SIGN_ENCODE:
|
||||||
key->state = ECC_STATE_SIGN_ENCODE;
|
key->state = ECC_STATE_SIGN_ENCODE;
|
||||||
|
|
||||||
@@ -3924,8 +3924,8 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
|
|||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* fall through */
|
|
||||||
case ECC_STATE_VERIFY_DO:
|
case ECC_STATE_VERIFY_DO:
|
||||||
key->state = ECC_STATE_VERIFY_DO;
|
key->state = ECC_STATE_VERIFY_DO;
|
||||||
|
|
||||||
@@ -3933,8 +3933,8 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
|
|||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
/* fall through */
|
|
||||||
case ECC_STATE_VERIFY_RES:
|
case ECC_STATE_VERIFY_RES:
|
||||||
key->state = ECC_STATE_VERIFY_RES;
|
key->state = ECC_STATE_VERIFY_RES;
|
||||||
err = 0;
|
err = 0;
|
||||||
|
|||||||
@@ -1282,7 +1282,8 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
|
|||||||
}
|
}
|
||||||
|
|
||||||
key->state = RSA_STATE_ENCRYPT_EXPTMOD;
|
key->state = RSA_STATE_ENCRYPT_EXPTMOD;
|
||||||
/* fall through */
|
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case RSA_STATE_ENCRYPT_EXPTMOD:
|
case RSA_STATE_ENCRYPT_EXPTMOD:
|
||||||
|
|
||||||
@@ -1296,7 +1297,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* fall through */
|
FALL_THROUGH;
|
||||||
|
|
||||||
case RSA_STATE_ENCRYPT_RES:
|
case RSA_STATE_ENCRYPT_RES:
|
||||||
ret = key->dataLen;
|
ret = key->dataLen;
|
||||||
@@ -1402,7 +1403,7 @@ static int RsaPrivateDecryptEx(byte* in, word32 inLen, byte* out,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* fall through */
|
FALL_THROUGH;
|
||||||
|
|
||||||
case RSA_STATE_DECRYPT_UNPAD:
|
case RSA_STATE_DECRYPT_UNPAD:
|
||||||
{
|
{
|
||||||
@@ -1426,7 +1427,8 @@ static int RsaPrivateDecryptEx(byte* in, word32 inLen, byte* out,
|
|||||||
}
|
}
|
||||||
|
|
||||||
key->state = RSA_STATE_DECRYPT_RES;
|
key->state = RSA_STATE_DECRYPT_RES;
|
||||||
/* fall through */
|
|
||||||
|
FALL_THROUGH;
|
||||||
}
|
}
|
||||||
case RSA_STATE_DECRYPT_RES:
|
case RSA_STATE_DECRYPT_RES:
|
||||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) && \
|
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) && \
|
||||||
|
|||||||
@@ -206,6 +206,7 @@ int wc_SignatureVerify(
|
|||||||
/* Otherwise fall-through and perform normal RSA verify against updated
|
/* Otherwise fall-through and perform normal RSA verify against updated
|
||||||
* DER encoding + hash */
|
* DER encoding + hash */
|
||||||
#endif
|
#endif
|
||||||
|
FALL_THROUGH;
|
||||||
|
|
||||||
case WC_SIGNATURE_TYPE_RSA:
|
case WC_SIGNATURE_TYPE_RSA:
|
||||||
{
|
{
|
||||||
@@ -338,7 +339,7 @@ int wc_SignatureGenerate(
|
|||||||
/* Otherwise fall-through and perform normal RSA sign against updated
|
/* Otherwise fall-through and perform normal RSA sign against updated
|
||||||
* DER encoding + hash */
|
* DER encoding + hash */
|
||||||
#endif
|
#endif
|
||||||
|
FALL_THROUGH;
|
||||||
case WC_SIGNATURE_TYPE_RSA:
|
case WC_SIGNATURE_TYPE_RSA:
|
||||||
#ifndef NO_RSA
|
#ifndef NO_RSA
|
||||||
/* Create signature using provided RSA key */
|
/* Create signature using provided RSA key */
|
||||||
|
|||||||
@@ -161,6 +161,14 @@
|
|||||||
#define THREAD_LS_T
|
#define THREAD_LS_T
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* GCC 7 has new switch() fall-through detection */
|
||||||
|
#ifndef FALL_THROUGH
|
||||||
|
#if defined(__GNUC__)
|
||||||
|
#define FALL_THROUGH __attribute__ ((fallthrough))
|
||||||
|
#else
|
||||||
|
#define FALL_THROUGH
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Micrium will use Visual Studio for compilation but not the Win32 API */
|
/* Micrium will use Visual Studio for compilation but not the Win32 API */
|
||||||
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
|
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
|
||||||
|
|||||||
Reference in New Issue
Block a user