mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-04 12:37:35 +03:00
add TODO
- Function `MakeConnWithCompleteHandshake` needs revision to support TLS 1.3
This commit is contained in:
Gaukas Wang
parent
4e8fa06059
commit
135e28202e
2 changed files with 57 additions and 49 deletions
|
|
@ -308,6 +308,10 @@ func forgeConn() {
|
|||
// TODO: Redesign this part to use TLS 1.3
|
||||
serverTls := tls.MakeConnWithCompleteHandshake(serverConn, hs.ServerHello.Vers, hs.ServerHello.CipherSuite,
|
||||
hs.MasterSecret, hs.Hello.Random, hs.ServerHello.Random, false)
|
||||
if serverTls == nil {
|
||||
fmt.Printf("tls.MakeConnWithCompleteHandshake error, unsupported TLS protocol?")
|
||||
return
|
||||
}
|
||||
|
||||
go func() {
|
||||
clientUtls.Write([]byte("Hello, world!"))
|
||||
|
|
|
|||
18
u_conn.go
18
u_conn.go
|
|
@ -58,8 +58,11 @@ func UClient(conn net.Conn, config *Config, clientHelloID ClientHelloID) *UConn
|
|||
// BuildHandshakeState behavior varies based on ClientHelloID and
|
||||
// whether it was already called before.
|
||||
// If HelloGolang:
|
||||
//
|
||||
// [only once] make default ClientHello and overwrite existing state
|
||||
//
|
||||
// If any other mimicking ClientHelloID is used:
|
||||
//
|
||||
// [only once] make ClientHello based on ID and overwrite existing state
|
||||
// [each call] apply uconn.Extensions config to internal crypto/tls structures
|
||||
// [each call] marshal ClientHello.
|
||||
|
|
@ -575,9 +578,9 @@ func (uconn *UConn) GetOutKeystream(length int) ([]byte, error) {
|
|||
|
||||
// SetTLSVers sets min and max TLS version in all appropriate places.
|
||||
// Function will use first non-zero version parsed in following order:
|
||||
// 1) Provided minTLSVers, maxTLSVers
|
||||
// 2) specExtensions may have SupportedVersionsExtension
|
||||
// 3) [default] min = TLS 1.0, max = TLS 1.2
|
||||
// 1. Provided minTLSVers, maxTLSVers
|
||||
// 2. specExtensions may have SupportedVersionsExtension
|
||||
// 3. [default] min = TLS 1.0, max = TLS 1.2
|
||||
//
|
||||
// Error is only returned if things are in clearly undesirable state
|
||||
// to help user fix them.
|
||||
|
|
@ -653,10 +656,7 @@ func (uconn *UConn) GetUnderlyingConn() net.Conn {
|
|||
func MakeConnWithCompleteHandshake(tcpConn net.Conn, version uint16, cipherSuite uint16, masterSecret []byte, clientRandom []byte, serverRandom []byte, isClient bool) *Conn {
|
||||
tlsConn := &Conn{conn: tcpConn, config: &Config{}, isClient: isClient}
|
||||
cs := cipherSuiteByID(cipherSuite)
|
||||
if cs == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
if cs != nil {
|
||||
// This is mostly borrowed from establishKeys()
|
||||
clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV :=
|
||||
keysFromMasterSecret(version, cs, masterSecret, clientRandom, serverRandom,
|
||||
|
|
@ -697,6 +697,10 @@ func MakeConnWithCompleteHandshake(tcpConn net.Conn, version uint16, cipherSuite
|
|||
tlsConn.out.incSeq()
|
||||
|
||||
return tlsConn
|
||||
} else {
|
||||
// TODO: Support TLS 1.3 Cipher Suites
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func makeSupportedVersions(minVers, maxVers uint16) []uint16 {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue