tls13: srv: Move TLS version setting
When parsing the ClientHello message, move the setting of the TLS version to TLS 1.3 after the computation of the end of the list of cipher suites. At that point we are able to compute the address and end address of the list of extensions and thus able to search and parse the supported_versions extension to select which version of the TLS protocol we are going to negotiate. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
parent
47dce630f4
commit
6458239b36
1 changed files with 11 additions and 11 deletions
|
|
@ -1291,17 +1291,6 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||
}
|
||||
p += 2;
|
||||
|
||||
/*
|
||||
* Only support TLS 1.3 currently, temporarily set the version.
|
||||
*/
|
||||
ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
/* Store minor version for later use with ticket serialization. */
|
||||
ssl->session_negotiate->tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
|
||||
ssl->session_negotiate->endpoint = ssl->conf->endpoint;
|
||||
#endif
|
||||
|
||||
/* ...
|
||||
* Random random;
|
||||
* ...
|
||||
|
|
@ -1372,6 +1361,17 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_DEBUG_BUF(3, "client hello, ciphersuitelist",
|
||||
p, cipher_suites_len);
|
||||
|
||||
/*
|
||||
* Only support TLS 1.3 currently, temporarily set the version.
|
||||
*/
|
||||
ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
|
||||
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
/* Store minor version for later use with ticket serialization. */
|
||||
ssl->session_negotiate->tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
|
||||
ssl->session_negotiate->endpoint = ssl->conf->endpoint;
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Search for a matching ciphersuite
|
||||
*/
|
||||
|
|
|
|||
Loading…
Reference in a new issue