Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

TLS: Add helper functions for version number handling

Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen 13 years ago
parent
8307489840
commit
ebe4e8f814
4 changed files with 33 additions and 7 deletions
Split View Show Diff Stats
  1. 2 4
      src/tls/tlsv1_client_read.c
  2. 27 1
      src/tls/tlsv1_common.c
  3. 2 0
      src/tls/tlsv1_common.h
  4. 2 2
      src/tls/tlsv1_server_read.c

+ 2 - 4
src/tls/tlsv1_client_read.c
View File 

@@ -81,9 +81,7 @@ static int tls_process_server_hello(struct tlsv1_client *conn, u8 ct,
 
 	if (end - pos < 2)
 
 		goto decode_error;
 
 	tls_version = WPA_GET_BE16(pos);
 
-	if (tls_version != TLS_VERSION_1 &&
 
-	    (tls_version != TLS_VERSION_1_1 ||
 
-	     TLS_VERSION == TLS_VERSION_1)) {
 
+	if (!tls_version_ok(tls_version)) {
 
 		wpa_printf(MSG_DEBUG, "TLSv1: Unexpected protocol version in "
 
 			   "ServerHello %u.%u", pos[0], pos[1]);
 
 		tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
 
@@ -93,7 +91,7 @@ static int tls_process_server_hello(struct tlsv1_client *conn, u8 ct,
 
 	pos += 2;
 
 
 	wpa_printf(MSG_DEBUG, "TLSv1: Using TLS v%s",
 
-		   tls_version == TLS_VERSION_1_1 ? "1.1" : "1.0");
 
+		   tls_version_str(tls_version));
 
 	conn->rl.tls_version = tls_version;
 
 
 	/* Random random */

+ 27 - 1
src/tls/tlsv1_common.c
View File 

@@ -1,6 +1,6 @@
 
 /*
 
  * TLSv1 common routines
 
- * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi>
 
+ * Copyright (c) 2006-2011, Jouni Malinen <j@w1.fi>
 
  *
 
  * This program is free software; you can redistribute it and/or modify
 
  * it under the terms of the GNU General Public License version 2 as
 
@@ -239,3 +239,29 @@ void tls_verify_hash_free(struct tls_verify_hash *verify)
 
 	verify->sha1_server = NULL;
 
 	verify->sha1_cert = NULL;
 
 }
 
+
 
+
 
+int tls_version_ok(u16 ver)
 
+{
 
+	if (ver == TLS_VERSION_1)
 
+		return 1;
 
+#ifdef CONFIG_TLSV11
 
+	if (ver == TLS_VERSION_1_1)
 
+		return 1;
 
+#endif /* CONFIG_TLSV11 */
 
+
 
+	return 0;
 
+}
 
+
 
+
 
+const char * tls_version_str(u16 ver)
 
+{
 
+	switch (ver) {
 
+	case TLS_VERSION_1:
 
+		return "1.0";
 
+	case TLS_VERSION_1_1:
 
+		return "1.1";
 
+	}
 
+
 
+	return "?";
 
+}

+ 2 - 0
src/tls/tlsv1_common.h
View File 

@@ -218,5 +218,7 @@ int tls_verify_hash_init(struct tls_verify_hash *verify);
 
 void tls_verify_hash_add(struct tls_verify_hash *verify, const u8 *buf,
 
 			 size_t len);
 
 void tls_verify_hash_free(struct tls_verify_hash *verify);
 
+int tls_version_ok(u16 ver);
 
+const char * tls_version_str(u16 ver);
 
 
 #endif /* TLSV1_COMMON_H */

+ 2 - 2
src/tls/tlsv1_server_read.c
View File 

@@ -1,6 +1,6 @@
 
 /*
 
  * TLSv1 server - read handshake message
 
- * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi>
 
+ * Copyright (c) 2006-2011, Jouni Malinen <j@w1.fi>
 
  *
 
  * This program is free software; you can redistribute it and/or modify
 
  * it under the terms of the GNU General Public License version 2 as
 
@@ -103,7 +103,7 @@ static int tls_process_client_hello(struct tlsv1_server *conn, u8 ct,
 
 	else
 
 		conn->rl.tls_version = conn->client_version;
 
 	wpa_printf(MSG_DEBUG, "TLSv1: Using TLS v%s",
 
-		   conn->rl.tls_version == TLS_VERSION_1_1 ? "1.1" : "1.0");
 
+		   tls_version_str(conn->rl.tls_version));
 
 
 	/* Random random */
 
 	if (end - pos < TLS_RANDOM_LEN)