mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-04 20:47:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

update: use VerifyData in RenegotiationInfoExt

Browse source 
This make sure the renegotiation would work in certain scenarios instead of no scenarios.

Signed-off-by: Gaukas Wang <i@gaukas.wang>
This commit is contained in:
Gaukas Wang 2024-04-10 01:15:04 -06:00
parent 2a6df0af89
commit b563ec45ac
No known key found for this signature in database
GPG key ID: 6F0DF52D710D8189
1 changed files with 15 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

23
u_tls_extensions.go
View file

@ -1563,11 +1563,11 @@ type RenegotiationInfoExtension struct {
// If this is the initial handshake for a connection, then the // If this is the initial handshake for a connection, then the
// "renegotiated_connection" field is of zero length in both the // "renegotiated_connection" field is of zero length in both the
// ClientHello and the ServerHello. // ClientHello and the ServerHello.
// RenegotiatedConnection []byte RenegotiatedConnection []byte
} }
func (e *RenegotiationInfoExtension) Len() int { func (e *RenegotiationInfoExtension) Len() int {
return 5 // + len(e.RenegotiatedConnection) return 5 + len(e.RenegotiatedConnection)
} }
func (e *RenegotiationInfoExtension) Read(b []byte) (int, error) { func (e *RenegotiationInfoExtension) Read(b []byte) (int, error) {
@ -1575,15 +1575,15 @@ func (e *RenegotiationInfoExtension) Read(b []byte) (int, error) {
return 0, io.ErrShortBuffer return 0, io.ErrShortBuffer
} }
// dataLen := len(e.RenegotiatedConnection) dataLen := len(e.RenegotiatedConnection)
extBodyLen := 1 // + len(dataLen) extBodyLen := 1 + dataLen
b[0] = byte(extensionRenegotiationInfo >> 8) b[0] = byte(extensionRenegotiationInfo >> 8)
b[1] = byte(extensionRenegotiationInfo & 0xff) b[1] = byte(extensionRenegotiationInfo & 0xff)
b[2] = byte(extBodyLen >> 8) b[2] = byte(extBodyLen >> 8)
b[3] = byte(extBodyLen) b[3] = byte(extBodyLen)
// b[4] = byte(dataLen) b[4] = byte(dataLen)
// copy(b[5:], e.RenegotiatedConnection) copy(b[5:], e.RenegotiatedConnection)
return e.Len(), io.EOF return e.Len(), io.EOF
} }
@ -1593,7 +1593,7 @@ func (e *RenegotiationInfoExtension) UnmarshalJSON(_ []byte) error {
return nil return nil
} }
func (e *RenegotiationInfoExtension) Write(_ []byte) (int, error) { func (e *RenegotiationInfoExtension) Write(b []byte) (int, error) {
e.Renegotiation = RenegotiateOnceAsClient // none empty or other modes are unsupported e.Renegotiation = RenegotiateOnceAsClient // none empty or other modes are unsupported
// extData := cryptobyte.String(b) // extData := cryptobyte.String(b)
// var renegotiatedConnection cryptobyte.String // var renegotiatedConnection cryptobyte.String
@ -1602,7 +1602,10 @@ func (e *RenegotiationInfoExtension) Write(_ []byte) (int, error) {
// } // }
// e.RenegotiatedConnection = make([]byte, len(renegotiatedConnection)) // e.RenegotiatedConnection = make([]byte, len(renegotiatedConnection))
// copy(e.RenegotiatedConnection, renegotiatedConnection) // copy(e.RenegotiatedConnection, renegotiatedConnection)
return 0, nil
// we don't really want to parse it at all.
return len(b), nil
} }
func (e *RenegotiationInfoExtension) writeToUConn(uc *UConn) error { func (e *RenegotiationInfoExtension) writeToUConn(uc *UConn) error {
@ -1612,6 +1615,10 @@ func (e *RenegotiationInfoExtension) writeToUConn(uc *UConn) error {
fallthrough fallthrough
case RenegotiateFreelyAsClient: case RenegotiateFreelyAsClient:
uc.HandshakeState.Hello.SecureRenegotiationSupported = true uc.HandshakeState.Hello.SecureRenegotiationSupported = true
// TODO: don't do backward propagation here
if uc.handshakes > 0 {
e.RenegotiatedConnection = uc.clientFinished[:]
}
case RenegotiateNever: case RenegotiateNever:
default: default:
} }