Rearrange ExtendedMasterSecret parsing logic
`mbedtls_ssl_handshake_params::extended_ms` holds the state of the
ExtendedMasterSecret extension in the current handshake. Initially
set to 'disabled' for both client and server,
- the client sets it to 'enabled' as soon as it finds the ExtendedMS
extension in the `ServerHello` and it has advertised that extension
in its ClientHello,
- the server sets it to 'enabled' as soon as it finds the ExtendedMS
extension in the `ClientHello` and is willing to advertise is in its
`ServerHello`.
This commit slightly restructures this logic in prepraration for the
removal of `mbedtls_ssl_handshake_params::extended_ms` in case both
the use and the enforcement of the ExtendedMasterSecret extension have
been fixed at compile-time. Namely, in this case there is no need for
the `extended_ms` field in the handshake structure, as the ExtendedMS
must be in use if the handshake progresses beyond the Hello stage.
Paving the way for the removal of mbedtls_ssl_handshake_params::extended_ms
this commit introduces a temporary variable tracking the presence of the
ExtendedMS extension in the ClientHello/ServerHello messages, leaving
the derivation of `extended_ms` (and potential failure) to the end of
the parsing routine.
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 657fbae..b012918 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -567,13 +567,6 @@
((void) buf);
- if( mbedtls_ssl_conf_get_ems( ssl->conf ) ==
- MBEDTLS_SSL_EXTENDED_MS_ENABLED &&
- ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
- {
- ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
- }
-
return( 0 );
}
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
@@ -1267,6 +1260,9 @@
#if defined(MBEDTLS_SSL_RENEGOTIATION)
int renegotiation_info_seen = 0;
#endif
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+ int extended_ms_seen = 0;
+#endif
int handshake_failure = 0;
const int *ciphersuites;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
@@ -1894,6 +1890,7 @@
ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size );
if( ret != 0 )
return( ret );
+ extended_ms_seen = 1;
break;
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
@@ -2041,14 +2038,19 @@
*/
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( mbedtls_ssl_conf_get_ems( ssl->conf ) ==
- MBEDTLS_SSL_EXTENDED_MS_ENABLED &&
- mbedtls_ssl_conf_get_ems_enforced( ssl->conf ) ==
- MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED &&
- ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED)
+ MBEDTLS_SSL_EXTENDED_MS_ENABLED )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "Peer not offering extended master "
- "secret, while it is enforced") );
- handshake_failure = 1;
+ if( extended_ms_seen )
+ {
+ ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+ }
+ else if( mbedtls_ssl_conf_get_ems_enforced( ssl->conf ) ==
+ MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Peer not offering extended master "
+ "secret, while it is enforced") );
+ handshake_failure = 1;
+ }
}
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */