mirror of https://github.com/ctz/rustls
Move is_valid_ccs as a method of InboundMessage
Signed-off-by: Eloi DEMOLIS <eloi.demolis@clever-cloud.com>
This commit is contained in:
parent
2f02ddc21b
commit
cf09842ca5
|
@ -344,15 +344,6 @@ impl ConnectionRandoms {
|
|||
}
|
||||
}
|
||||
|
||||
// --- Common (to client and server) connection functions ---
|
||||
|
||||
fn is_valid_ccs(msg: &InboundMessage) -> bool {
|
||||
// We passthrough ChangeCipherSpec messages in the deframer without decrypting them.
|
||||
// Note: this is prior to the record layer, so is unencrypted. See
|
||||
// third paragraph of section 5 in RFC8446.
|
||||
msg.typ == ContentType::ChangeCipherSpec && msg.payload == [0x01]
|
||||
}
|
||||
|
||||
/// Interface shared by client and server connections.
|
||||
pub struct ConnectionCommon<Data> {
|
||||
pub(crate) core: ConnectionCore<Data>,
|
||||
|
@ -853,7 +844,7 @@ impl<Data> ConnectionCore<Data> {
|
|||
.may_receive_application_data
|
||||
&& self.common_state.is_tls13()
|
||||
{
|
||||
if !is_valid_ccs(&msg)
|
||||
if !msg.is_valid_ccs()
|
||||
|| self.common_state.received_middlebox_ccs > TLS13_MAX_DROPPED_CCS
|
||||
{
|
||||
// "An implementation which receives any other change_cipher_spec value or
|
||||
|
|
|
@ -437,6 +437,17 @@ pub struct InboundMessage<'a> {
|
|||
pub payload: &'a [u8],
|
||||
}
|
||||
|
||||
impl InboundMessage<'_> {
|
||||
/// Returns true if the payload is a CCS message.
|
||||
///
|
||||
/// We passthrough ChangeCipherSpec messages in the deframer without decrypting them.
|
||||
/// Note: this is prior to the record layer, so is unencrypted. See
|
||||
/// third paragraph of section 5 in RFC8446.
|
||||
pub(crate) fn is_valid_ccs(&self) -> bool {
|
||||
self.typ == ContentType::ChangeCipherSpec && self.payload == [0x01]
|
||||
}
|
||||
}
|
||||
|
||||
impl BorrowedPlainMessage for InboundMessage<'_> {
|
||||
fn payload_to_vec(&self) -> Vec<u8> {
|
||||
self.payload.to_vec()
|
||||
|
|
Loading…
Reference in New Issue