rust/rustls
rust
/
rustls
mirror of https://github.com/ctz/rustls
1
0
Fork 0
Code Issues Releases Wiki Activity

prepare State trait to handle borrowed types 

Co-authored-by: Jorge Aparicio <jorge.aparicio@ferrous-systems.com>
This commit is contained in:
Christian Poveda 2023-12-08 15:05:06 -05:00 committed by Daniel McCarney
parent 0423bb69e7
commit 65370b8de1
8 changed files with 444 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
rustls/src/client/hs.rs
View File

@ -39,8 +39,8 @@ use alloc::vec;
use alloc::vec::Vec;
use core::ops::Deref;
pub(super) type NextState = Box<dyn State<ClientConnectionData>>;
pub(super) type NextStateOrError = Result<NextState, Error>;
pub(super) type NextState<'a> = Box<dyn State<ClientConnectionData> + 'a>;
pub(super) type NextStateOrError<'a> = Result<NextState<'a>, Error>;
pub(super) type ClientContext<'a> = crate::common_state::Context<'a, ClientConnectionData>;
fn find_session(
@ -95,7 +95,7 @@ pub(super) fn start_handshake(
extra_exts: Vec<ClientExtension>,
config: Arc<ClientConfig>,
cx: &mut ClientContext<'_>,
) -> NextStateOrError {
) -> NextStateOrError<'static> {
let mut transcript_buffer = HandshakeHashBuffer::new();
if config
.client_auth_cert_resolver
@ -196,7 +196,7 @@ fn emit_client_hello_for_retry(
suite: Option<SupportedCipherSuite>,
mut input: ClientHelloInput,
cx: &mut ClientContext<'_>,
) -> NextState {
) -> NextState<'static> {
let config = &input.config;
let support_tls12 = config.supports_version(ProtocolVersion::TLSv1_2) && !cx.common.is_quic();
let support_tls13 = config.supports_version(ProtocolVersion::TLSv1_3);
@ -481,7 +481,14 @@ pub(super) fn process_alpn_protocol(
}
impl State<ClientConnectionData> for ExpectServerHello {
fn handle(mut self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> NextStateOrError<'m>
where
Self: 'm,
{
let server_hello =
require_handshake_msg!(m, HandshakeType::ServerHello, HandshakePayload::ServerHello)?;
trace!("We got ServerHello {:#?}", server_hello);
@ -671,10 +678,14 @@ impl State<ClientConnectionData> for ExpectServerHello {
}
}
}
fn into_owned(self: Box<Self>) -> NextState<'static> {
self
}
}
impl ExpectServerHelloOrHelloRetryRequest {
fn into_expect_server_hello(self) -> NextState {
fn into_expect_server_hello(self) -> NextState<'static> {
Box::new(self.next)
}
@ -682,7 +693,7 @@ impl ExpectServerHelloOrHelloRetryRequest {
self,
cx: &mut ClientContext<'_>,
m: Message,
) -> NextStateOrError {
) -> NextStateOrError<'static> {
let hrr = require_handshake_msg!(
m,
HandshakeType::HelloRetryRequest,
@ -847,7 +858,14 @@ impl ExpectServerHelloOrHelloRetryRequest {
}
impl State<ClientConnectionData> for ExpectServerHelloOrHelloRetryRequest {
fn handle(self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::Handshake {
parsed:
@ -874,6 +892,10 @@ impl State<ClientConnectionData> for ExpectServerHelloOrHelloRetryRequest {
)),
}
}
fn into_owned(self: Box<Self>) -> NextState<'static> {
self
}
}
enum ClientSessionValue {

145
rustls/src/client/tls12.rs
View File

@ -61,7 +61,7 @@ mod server_hello {
suite: &'static Tls12CipherSuite,
server_hello: &ServerHelloPayload,
tls13_supported: bool,
) -> hs::NextStateOrError {
) -> hs::NextStateOrError<'static> {
self.randoms
.server
.clone_from_slice(&server_hello.random.0[..]);
@ -194,11 +194,14 @@ struct ExpectCertificate {
}
impl State<ClientConnectionData> for ExpectCertificate {
fn handle(
fn handle<'m>(
mut self: Box<Self>,
_cx: &mut ClientContext<'_>,
m: Message,
) -> hs::NextStateOrError {
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
self.transcript.add_message(&m);
let server_cert_chain = require_handshake_msg_move!(
m,
@ -236,6 +239,10 @@ impl State<ClientConnectionData> for ExpectCertificate {
}))
}
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectCertificateStatusOrServerKx {
@ -252,7 +259,14 @@ struct ExpectCertificateStatusOrServerKx {
}
impl State<ClientConnectionData> for ExpectCertificateStatusOrServerKx {
fn handle(self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::Handshake {
parsed:
@ -304,6 +318,10 @@ impl State<ClientConnectionData> for ExpectCertificateStatusOrServerKx {
)),
}
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectCertificateStatus {
@ -320,11 +338,14 @@ struct ExpectCertificateStatus {
}
impl State<ClientConnectionData> for ExpectCertificateStatus {
fn handle(
fn handle<'m>(
mut self: Box<Self>,
_cx: &mut ClientContext<'_>,
m: Message,
) -> hs::NextStateOrError {
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
self.transcript.add_message(&m);
let server_cert_ocsp_response = require_handshake_msg_move!(
m,
@ -353,6 +374,10 @@ impl State<ClientConnectionData> for ExpectCertificateStatus {
must_issue_new_ticket: self.must_issue_new_ticket,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectServerKx {
@ -369,7 +394,14 @@ struct ExpectServerKx {
}
impl State<ClientConnectionData> for ExpectServerKx {
fn handle(mut self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let opaque_kx = require_handshake_msg!(
m,
HandshakeType::ServerKeyExchange,
@ -410,6 +442,10 @@ impl State<ClientConnectionData> for ExpectServerKx {
must_issue_new_ticket: self.must_issue_new_ticket,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
fn emit_certificate(
@ -535,7 +571,14 @@ struct ExpectServerDoneOrCertReq {
}
impl State<ClientConnectionData> for ExpectServerDoneOrCertReq {
fn handle(mut self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
if matches!(
m.payload,
MessagePayload::Handshake {
@ -580,6 +623,10 @@ impl State<ClientConnectionData> for ExpectServerDoneOrCertReq {
.handle(cx, m)
}
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectCertificateRequest {
@ -597,11 +644,14 @@ struct ExpectCertificateRequest {
}
impl State<ClientConnectionData> for ExpectCertificateRequest {
fn handle(
fn handle<'m>(
mut self: Box<Self>,
_cx: &mut ClientContext<'_>,
m: Message,
) -> hs::NextStateOrError {
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let certreq = require_handshake_msg!(
m,
HandshakeType::CertificateRequest,
@ -641,6 +691,10 @@ impl State<ClientConnectionData> for ExpectCertificateRequest {
must_issue_new_ticket: self.must_issue_new_ticket,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectServerDone {
@ -659,7 +713,14 @@ struct ExpectServerDone {
}
impl State<ClientConnectionData> for ExpectServerDone {
fn handle(self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::Handshake {
parsed:
@ -843,6 +904,10 @@ impl State<ClientConnectionData> for ExpectServerDone {
}))
}
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectNewTicket {
@ -859,11 +924,14 @@ struct ExpectNewTicket {
}
impl State<ClientConnectionData> for ExpectNewTicket {
fn handle(
fn handle<'m>(
mut self: Box<Self>,
_cx: &mut ClientContext<'_>,
m: Message,
) -> hs::NextStateOrError {
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
self.transcript.add_message(&m);
let nst = require_handshake_msg_move!(
@ -886,6 +954,10 @@ impl State<ClientConnectionData> for ExpectNewTicket {
sig_verified: self.sig_verified,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// -- Waiting for their CCS --
@ -904,7 +976,14 @@ struct ExpectCcs {
}
impl State<ClientConnectionData> for ExpectCcs {
fn handle(self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::ChangeCipherSpec(..) => {}
payload => {
@ -937,6 +1016,10 @@ impl State<ClientConnectionData> for ExpectCcs {
sig_verified: self.sig_verified,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectFinished {
@ -996,7 +1079,14 @@ impl ExpectFinished {
}
impl State<ClientConnectionData> for ExpectFinished {
fn handle(self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let mut st = *self;
let finished =
require_handshake_msg!(m, HandshakeType::Finished, HandshakePayload::Finished)?;
@ -1053,6 +1143,10 @@ impl State<ClientConnectionData> for ExpectFinished {
.remove_tls12_session(&self.server_name);
}
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// -- Traffic transit state --
@ -1064,7 +1158,14 @@ struct ExpectTraffic {
}
impl State<ClientConnectionData> for ExpectTraffic {
fn handle(self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::ApplicationData(payload) => cx
.common
@ -1094,4 +1195,8 @@ impl State<ClientConnectionData> for ExpectTraffic {
self.secrets
.extract_secrets(Side::Client)
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}

106
rustls/src/client/tls13.rs
View File

@ -77,7 +77,7 @@ pub(super) fn handle_server_hello(
hello: ClientHelloDetails,
our_key_share: Box<dyn ActiveKeyExchange>,
mut sent_tls13_fake_ccs: bool,
) -> hs::NextStateOrError {
) -> hs::NextStateOrError<'static> {
validate_server_hello(cx.common, server_hello)?;
let their_key_share = server_hello
@ -380,7 +380,14 @@ struct ExpectEncryptedExtensions {
}
impl State<ClientConnectionData> for ExpectEncryptedExtensions {
fn handle(mut self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let exts = require_handshake_msg!(
m,
HandshakeType::EncryptedExtensions,
@ -456,6 +463,10 @@ impl State<ClientConnectionData> for ExpectEncryptedExtensions {
}))
}
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectCertificateOrCertReq {
@ -468,7 +479,14 @@ struct ExpectCertificateOrCertReq {
}
impl State<ClientConnectionData> for ExpectCertificateOrCertReq {
fn handle(self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::Handshake {
parsed:
@ -513,6 +531,10 @@ impl State<ClientConnectionData> for ExpectCertificateOrCertReq {
)),
}
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// TLS1.3 version of CertificateRequest handling. We then move to expecting the server
@ -528,7 +550,14 @@ struct ExpectCertificateRequest {
}
impl State<ClientConnectionData> for ExpectCertificateRequest {
fn handle(mut self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let certreq = &require_handshake_msg!(
m,
HandshakeType::CertificateRequest,
@ -584,6 +613,10 @@ impl State<ClientConnectionData> for ExpectCertificateRequest {
client_auth: Some(client_auth),
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectCertificate {
@ -597,7 +630,14 @@ struct ExpectCertificate {
}
impl State<ClientConnectionData> for ExpectCertificate {
fn handle(mut self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
self.transcript.add_message(&m);
let cert_chain = require_handshake_msg_move!(
m,
@ -635,6 +675,10 @@ impl State<ClientConnectionData> for ExpectCertificate {
client_auth: self.client_auth,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// --- TLS1.3 CertificateVerify ---
@ -650,7 +694,14 @@ struct ExpectCertificateVerify {
}
impl State<ClientConnectionData> for ExpectCertificateVerify {
fn handle(mut self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let cert_verify = require_handshake_msg!(
m,
HandshakeType::CertificateVerify,
@ -710,6 +761,10 @@ impl State<ClientConnectionData> for ExpectCertificateVerify {
sig_verified,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
fn emit_certificate_tls13(
@ -817,7 +872,14 @@ struct ExpectFinished {
}
impl State<ClientConnectionData> for ExpectFinished {
fn handle(self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let mut st = *self;
let finished =
require_handshake_msg!(m, HandshakeType::Finished, HandshakePayload::Finished)?;
@ -915,6 +977,10 @@ impl State<ClientConnectionData> for ExpectFinished {
false => Box::new(st),
})
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// -- Traffic transit state (TLS1.3) --
@ -1010,7 +1076,14 @@ impl ExpectTraffic {
}
impl State<ClientConnectionData> for ExpectTraffic {
fn handle(mut self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::ApplicationData(payload) => cx
.common
@ -1057,12 +1130,23 @@ impl State<ClientConnectionData> for ExpectTraffic {
self.key_schedule
.extract_secrets(Side::Client)
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectQuicTraffic(ExpectTraffic);
impl State<ClientConnectionData> for ExpectQuicTraffic {
fn handle(mut self: Box<Self>, cx: &mut ClientContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ClientContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let nst = require_handshake_msg!(
m,
HandshakeType::NewSessionTicket,
@ -1082,4 +1166,8 @@ impl State<ClientConnectionData> for ExpectQuicTraffic {
self.0
.export_keying_material(output, label, context)
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}

12
rustls/src/common_state.rs
View File

@ -169,7 +169,7 @@ impl CommonState {
};
match state.handle(&mut cx, msg) {
Ok(next) => {
state = next;
state = next.into_owned();
Ok(state)
}
Err(e @ Error::InappropriateMessage { .. })
@ -710,11 +710,13 @@ impl IoState {
}
pub(crate) trait State<Data>: Send + Sync {
fn handle(
fn handle<'m>(
self: Box<Self>,
cx: &mut Context<'_, Data>,
message: Message,
) -> Result<Box<dyn State<Data>>, Error>;
message: Message<'m>,
) -> Result<Box<dyn State<Data> + 'm>, Error>
where
Self: 'm;
fn export_keying_material(
&self,
@ -730,6 +732,8 @@ pub(crate) trait State<Data>: Send + Sync {
}
fn handle_decrypt_error(&self) {}
fn into_owned(self: Box<Self>) -> Box<dyn State<Data> + 'static>;
}
pub(crate) struct Context<'a, Data> {

19
rustls/src/server/hs.rs
View File

@ -31,8 +31,8 @@ use alloc::boxed::Box;
use alloc::sync::Arc;
use alloc::vec::Vec;
pub(super) type NextState = Box<dyn State<ServerConnectionData>>;
pub(super) type NextStateOrError = Result<NextState, Error>;
pub(super) type NextState<'a> = Box<dyn State<ServerConnectionData> + 'a>;
pub(super) type NextStateOrError<'a> = Result<NextState<'a>, Error>;
pub(super) type ServerContext<'a> = crate::common_state::Context<'a, ServerConnectionData>;
pub(super) fn can_resume(
@ -243,7 +243,7 @@ impl ExpectClientHello {
client_hello: &ClientHelloPayload,
m: &Message,
cx: &mut ServerContext<'_>,
) -> NextStateOrError {
) -> NextStateOrError<'static> {
let tls13_enabled = self
.config
.supports_version(ProtocolVersion::TLSv1_3);
@ -426,10 +426,21 @@ impl ExpectClientHello {
}
impl State<ServerConnectionData> for ExpectClientHello {
fn handle(self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> NextStateOrError<'m>
where
Self: 'm,
{
let (client_hello, sig_schemes) = process_client_hello(&m, self.done_retry, cx)?;
self.with_certified_key(sig_schemes, client_hello, &m, cx)
}
fn into_owned(self: Box<Self>) -> NextState<'static> {
self
}
}
/// Configuration-independent validation of a `ClientHello` message.

13
rustls/src/server/server_conn.rs
View File

@ -785,13 +785,20 @@ impl Accepted {
struct Accepting;
impl State<ServerConnectionData> for Accepting {
fn handle(
fn handle<'m>(
self: Box<Self>,
_cx: &mut hs::ServerContext<'_>,
_m: Message,
) -> Result<Box<dyn State<ServerConnectionData>>, Error> {
_m: Message<'m>,
) -> Result<Box<dyn State<ServerConnectionData> + 'm>, Error>
where
Self: 'm,
{
Err(Error::General("unreachable state".into()))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
pub(super) enum EarlyDataState {

82
rustls/src/server/tls12.rs
View File

@ -75,7 +75,7 @@ mod client_hello {
client_hello: &ClientHelloPayload,
sigschemes_ext: Vec<SignatureScheme>,
tls13_enabled: bool,
) -> hs::NextStateOrError {
) -> hs::NextStateOrError<'static> {
// -- TLS1.2 only from hereon in --
self.transcript.add_message(chm);
@ -276,7 +276,7 @@ mod client_hello {
client_hello: &ClientHelloPayload,
id: &SessionId,
resumedata: persist::ServerSessionValue,
) -> hs::NextStateOrError {
) -> hs::NextStateOrError<'static> {
debug!("Resuming connection");
if resumedata.extended_ms && !self.using_ems {
@ -522,7 +522,14 @@ struct ExpectCertificate {
}
impl State<ServerConnectionData> for ExpectCertificate {
fn handle(mut self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
self.transcript.add_message(&m);
let cert_chain = require_handshake_msg_move!(
m,
@ -575,6 +582,10 @@ impl State<ServerConnectionData> for ExpectCertificate {
send_ticket: self.send_ticket,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// --- Process client's KeyExchange ---
@ -591,7 +602,14 @@ struct ExpectClientKx {
}
impl State<ServerConnectionData> for ExpectClientKx {
fn handle(mut self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let client_kx = require_handshake_msg!(
m,
HandshakeType::ClientKeyExchange,
@ -644,6 +662,10 @@ impl State<ServerConnectionData> for ExpectClientKx {
}))
}
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// --- Process client's certificate proof ---
@ -658,7 +680,14 @@ struct ExpectCertificateVerify {
}
impl State<ServerConnectionData> for ExpectCertificateVerify {
fn handle(mut self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let rc = {
let sig = require_handshake_msg!(
m,
@ -707,6 +736,10 @@ impl State<ServerConnectionData> for ExpectCertificateVerify {
send_ticket: self.send_ticket,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// --- Process client's ChangeCipherSpec ---
@ -721,7 +754,14 @@ struct ExpectCcs {
}
impl State<ServerConnectionData> for ExpectCcs {
fn handle(self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::ChangeCipherSpec(..) => {}
payload => {
@ -749,6 +789,10 @@ impl State<ServerConnectionData> for ExpectCcs {
send_ticket: self.send_ticket,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// --- Process client's Finished ---
@ -853,7 +897,14 @@ struct ExpectFinished {
}
impl State<ServerConnectionData> for ExpectFinished {
fn handle(mut self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let finished =
require_handshake_msg!(m, HandshakeType::Finished, HandshakePayload::Finished)?;
@ -918,6 +969,10 @@ impl State<ServerConnectionData> for ExpectFinished {
_fin_verified,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// --- Process traffic ---
@ -929,7 +984,14 @@ struct ExpectTraffic {
impl ExpectTraffic {}
impl State<ServerConnectionData> for ExpectTraffic {
fn handle(self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::ApplicationData(payload) => cx
.common
@ -959,4 +1021,8 @@ impl State<ServerConnectionData> for ExpectTraffic {
self.secrets
.extract_secrets(Side::Server)
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}

93
rustls/src/server/tls13.rs
View File

@ -150,7 +150,7 @@ mod client_hello {
chm: &Message,
client_hello: &ClientHelloPayload,
mut sigschemes_ext: Vec<SignatureScheme>,
) -> hs::NextStateOrError {
) -> hs::NextStateOrError<'static> {
if client_hello.compression_methods.len() != 1 {
return Err(cx.common.send_fatal_alert(
AlertDescription::IllegalParameter,
@ -850,7 +850,14 @@ struct ExpectAndSkipRejectedEarlyData {
}
impl State<ServerConnectionData> for ExpectAndSkipRejectedEarlyData {
fn handle(mut self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
/* "The server then ignores early data by skipping all records with an external
* content type of "application_data" (indicating that they are encrypted),
* up to the configured max_early_data_size."
@ -864,6 +871,10 @@ impl State<ServerConnectionData> for ExpectAndSkipRejectedEarlyData {
self.next.handle(cx, m)
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectCertificate {
@ -875,7 +886,14 @@ struct ExpectCertificate {
}
impl State<ServerConnectionData> for ExpectCertificate {
fn handle(mut self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
self.transcript.add_message(&m);
let certp = require_handshake_msg_move!(
m,
@ -935,6 +953,10 @@ impl State<ServerConnectionData> for ExpectCertificate {
send_tickets: self.send_tickets,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectCertificateVerify {
@ -947,7 +969,14 @@ struct ExpectCertificateVerify {
}
impl State<ServerConnectionData> for ExpectCertificateVerify {
fn handle(mut self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let rc = {
let sig = require_handshake_msg!(
m,
@ -982,6 +1011,10 @@ impl State<ServerConnectionData> for ExpectCertificateVerify {
send_tickets: self.send_tickets,
}))
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// --- Process (any number of) early ApplicationData messages,
@ -996,7 +1029,14 @@ struct ExpectEarlyData {
}
impl State<ServerConnectionData> for ExpectEarlyData {
fn handle(mut self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::ApplicationData(payload) => {
match cx
@ -1037,6 +1077,10 @@ impl State<ServerConnectionData> for ExpectEarlyData {
)),
}
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// --- Process client's Finished ---
@ -1149,7 +1193,14 @@ impl ExpectFinished {
}
impl State<ServerConnectionData> for ExpectFinished {
fn handle(mut self: Box<Self>, cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
let finished =
require_handshake_msg!(m, HandshakeType::Finished, HandshakePayload::Finished)?;
@ -1199,6 +1250,10 @@ impl State<ServerConnectionData> for ExpectFinished {
}),
})
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
// --- Process traffic ---
@ -1235,7 +1290,14 @@ impl ExpectTraffic {
}
impl State<ServerConnectionData> for ExpectTraffic {
fn handle(mut self: Box<Self>, cx: &mut ServerContext, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
mut self: Box<Self>,
cx: &mut ServerContext,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
match m.payload {
MessagePayload::ApplicationData(payload) => cx
.common
@ -1274,6 +1336,10 @@ impl State<ServerConnectionData> for ExpectTraffic {
self.key_schedule
.extract_secrets(Side::Server)
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}
struct ExpectQuicTraffic {
@ -1282,7 +1348,14 @@ struct ExpectQuicTraffic {
}
impl State<ServerConnectionData> for ExpectQuicTraffic {
fn handle(self: Box<Self>, _cx: &mut ServerContext<'_>, m: Message) -> hs::NextStateOrError {
fn handle<'m>(
self: Box<Self>,
_cx: &mut ServerContext<'_>,
m: Message<'m>,
) -> hs::NextStateOrError<'m>
where
Self: 'm,
{
// reject all messages
Err(inappropriate_message(&m.payload, &[]))
}
@ -1296,4 +1369,8 @@ impl State<ServerConnectionData> for ExpectQuicTraffic {
self.key_schedule
.export_keying_material(output, label, context)
}
fn into_owned(self: Box<Self>) -> hs::NextState<'static> {
self
}
}