tls-peer: Return INVALID_STATE after changing TLS 1.3 keys
authorTobias Brunner <tobias@strongswan.org>
Tue, 1 Sep 2020 16:59:17 +0000 (18:59 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 13:35:23 +0000 (14:35 +0100)
Even though we return from build(), we are not actually sending a response,
so we can't return NEED_MORE (would send an invalid ClientHello message) and
if we return SUCCESS, the EAP layer treats this as failure (there is a comment
in eap_authenticator_t about client methods never returning SUCCESS from
process()).  Instead we return INVALID_STATE, which allows tls_t.build() to
exit from the build() loop immediately and send the already generated Finished
message.

src/libtls/tls_peer.c

index b5d5bef..002b84c 100644 (file)
@@ -1730,7 +1730,7 @@ METHOD(tls_handshake_t, build, status_t,
                                this->crypto->change_cipher(this->crypto, TRUE);
                                this->crypto->change_cipher(this->crypto, FALSE);
                                this->state = STATE_FINISHED_SENT_KEY_SWITCHED;
-                               return SUCCESS;
+                               return INVALID_STATE;
                        case STATE_KEY_UPDATE_REQUESTED:
                                return send_key_update(this, type, writer);
                        case STATE_KEY_UPDATE_SENT:
@@ -1741,9 +1741,7 @@ METHOD(tls_handshake_t, build, status_t,
                                }
                                this->crypto->change_cipher(this->crypto, FALSE);
                                this->state = STATE_FINISHED_SENT_KEY_SWITCHED;
-                               return SUCCESS;
-                       case STATE_FINISHED_SENT_KEY_SWITCHED:
-                               return SUCCESS;
+                               return INVALID_STATE;
                        default:
                                return INVALID_STATE;
                }