use more Role type instead of Bool
This commit is contained in:
parent
460ada214b
commit
37ef6af6e8
6 changed files with 19 additions and 13 deletions
|
@ -49,9 +49,9 @@ handshakeClient cparams ctx = do
|
|||
recvServerHello sentExtensions
|
||||
sessionResuming <- usingState_ ctx isSessionResuming
|
||||
if sessionResuming
|
||||
then sendChangeCipherAndFinish ctx True
|
||||
then sendChangeCipherAndFinish ctx ClientRole
|
||||
else do sendClientData cparams ctx
|
||||
sendChangeCipherAndFinish ctx True
|
||||
sendChangeCipherAndFinish ctx ClientRole
|
||||
recvChangeCipherAndFinish ctx
|
||||
handshakeTerminate ctx
|
||||
where params = ctxParams ctx
|
||||
|
|
|
@ -22,6 +22,7 @@ import Network.TLS.IO
|
|||
import Network.TLS.State hiding (getNegotiatedProtocol)
|
||||
import Network.TLS.Receiving
|
||||
import Network.TLS.Measurement
|
||||
import Network.TLS.Types
|
||||
import Data.Maybe
|
||||
import Data.Data
|
||||
import Data.ByteString.Char8 ()
|
||||
|
@ -66,11 +67,11 @@ handshakeTerminate ctx = do
|
|||
setEstablished ctx True
|
||||
return ()
|
||||
|
||||
sendChangeCipherAndFinish :: MonadIO m => Context -> Bool -> m ()
|
||||
sendChangeCipherAndFinish ctx isClient = do
|
||||
sendChangeCipherAndFinish :: MonadIO m => Context -> Role -> m ()
|
||||
sendChangeCipherAndFinish ctx role = do
|
||||
sendPacket ctx ChangeCipherSpec
|
||||
|
||||
when isClient $ do
|
||||
when (role == ClientRole) $ do
|
||||
let cparams = getClientParams $ ctxParams ctx
|
||||
suggest <- usingState_ ctx $ getServerNextProtocolSuggest
|
||||
case (onNPNServerSuggest cparams, suggest) of
|
||||
|
@ -84,7 +85,7 @@ sendChangeCipherAndFinish ctx isClient = do
|
|||
(Nothing, _) -> return ()
|
||||
liftIO $ contextFlush ctx
|
||||
|
||||
cf <- usingState_ ctx $ getHandshakeDigest isClient
|
||||
cf <- usingState_ ctx $ getHandshakeDigest role
|
||||
sendPacket ctx (Handshake [Finished cf])
|
||||
liftIO $ contextFlush ctx
|
||||
|
||||
|
|
|
@ -107,13 +107,13 @@ handshakeServerWith sparams ctx clientHello@(ClientHello ver _ clientSession cip
|
|||
liftIO $ contextFlush ctx
|
||||
-- Receive client info until client Finished.
|
||||
recvClientData sparams ctx
|
||||
sendChangeCipherAndFinish ctx False
|
||||
sendChangeCipherAndFinish ctx ServerRole
|
||||
Just sessionData -> do
|
||||
usingState_ ctx (setSession clientSession True)
|
||||
serverhello <- makeServerHello clientSession
|
||||
sendPacket ctx $ Handshake [serverhello]
|
||||
usingHState ctx $ setMasterSecret ver ServerRole $ sessionSecret sessionData
|
||||
sendChangeCipherAndFinish ctx False
|
||||
sendChangeCipherAndFinish ctx ServerRole
|
||||
recvChangeCipherAndFinish ctx
|
||||
handshakeTerminate ctx
|
||||
where
|
||||
|
|
|
@ -22,7 +22,7 @@ import Control.Monad.Error
|
|||
import Data.ByteString (ByteString)
|
||||
import qualified Data.ByteString as B
|
||||
|
||||
import Network.TLS.Types (Role(..))
|
||||
import Network.TLS.Types (Role(..), invertRole)
|
||||
import Network.TLS.Util
|
||||
import Network.TLS.Struct
|
||||
import Network.TLS.Record
|
||||
|
@ -154,7 +154,7 @@ processClientKeyXchg encryptedPremaster = do
|
|||
processClientFinished :: FinishedData -> TLSSt ()
|
||||
processClientFinished fdata = do
|
||||
cc <- isClientContext
|
||||
expected <- getHandshakeDigest (cc == ServerRole)
|
||||
expected <- getHandshakeDigest $ invertRole cc
|
||||
when (expected /= fdata) $ do
|
||||
throwError $ Error_Protocol("bad record mac", True, BadRecordMac)
|
||||
updateVerifiedData ServerRole fdata
|
||||
|
|
|
@ -265,13 +265,13 @@ withHandshakeM f =
|
|||
put (st { stHandshake = Just nhst })
|
||||
return a
|
||||
|
||||
getHandshakeDigest :: MonadState TLSState m => Bool -> m Bytes
|
||||
getHandshakeDigest roleClient = do
|
||||
getHandshakeDigest :: MonadState TLSState m => Role -> m Bytes
|
||||
getHandshakeDigest role = do
|
||||
st <- get
|
||||
let hst = fromJust "handshake" $ stHandshake st
|
||||
let hashctx = hstHandshakeDigest hst
|
||||
let msecret = fromJust "master secret" $ hstMasterSecret hst
|
||||
return $ (if roleClient then generateClientFinished else generateServerFinished) (stVersion $ stRecordState st) msecret hashctx
|
||||
return $ (if role == ClientRole then generateClientFinished else generateServerFinished) (stVersion $ stRecordState st) msecret hashctx
|
||||
|
||||
endHandshake :: MonadState TLSState m => m ()
|
||||
endHandshake = modify (\st -> st { stHandshake = Nothing })
|
||||
|
|
|
@ -12,6 +12,7 @@ module Network.TLS.Types
|
|||
, CipherID
|
||||
, CompressionID
|
||||
, Role(..)
|
||||
, invertRole
|
||||
) where
|
||||
|
||||
import Data.ByteString (ByteString)
|
||||
|
@ -41,3 +42,7 @@ type CompressionID = Word8
|
|||
-- | Role
|
||||
data Role = ClientRole | ServerRole
|
||||
deriving (Show,Eq)
|
||||
|
||||
invertRole :: Role -> Role
|
||||
invertRole ClientRole = ServerRole
|
||||
invertRole ServerRole = ClientRole
|
||||
|
|
Loading…
Reference in a new issue