Skip to content

Commit

Permalink
manually patched TLSConnection for NPN
Browse files Browse the repository at this point in the history
  • Loading branch information
@rcarmo
rcarmo committed Sep 25, 2011
1 parent bee06a2 commit 24fd00e
Showing 1 changed file with 16 additions and 8 deletions.
24 changes: 16 additions & 8 deletions tlslite/TLSConnection.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -931,7 +931,8 @@ def _handshakeClientAsyncHelper(self, srpParams, certParams, unknownParams,

def handshakeServer(self, sharedKeyDB=None, verifierDB=None,
certChain=None, privateKey=None, reqCert=False,
sessionCache=None, settings=None, checker=None):
sessionCache=None, settings=None, checker=None,
nextProtos = None):
"""Perform a handshake in the role of server.
This function performs an SSL or TLS handshake. Depending on
Expand Down Expand Up @@ -1006,13 +1007,14 @@ def handshakeServer(self, sharedKeyDB=None, verifierDB=None,
"""
for result in self.handshakeServerAsync(sharedKeyDB, verifierDB,
certChain, privateKey, reqCert, sessionCache, settings,
checker):
checker, nextProtos):
pass


def handshakeServerAsync(self, sharedKeyDB=None, verifierDB=None,
certChain=None, privateKey=None, reqCert=False,
sessionCache=None, settings=None, checker=None):
sessionCache=None, settings=None, checker=None,
nextProtos=None):
"""Start a server handshake operation on the TLS connection.
This function returns a generator which behaves similarly to
Expand All @@ -1028,14 +1030,15 @@ def handshakeServerAsync(self, sharedKeyDB=None, verifierDB=None,
sharedKeyDB=sharedKeyDB,
verifierDB=verifierDB, certChain=certChain,
privateKey=privateKey, reqCert=reqCert,
sessionCache=sessionCache, settings=settings)
sessionCache=sessionCache, settings=settings,
nextProtos=nextProtos)
for result in self._handshakeWrapperAsync(handshaker, checker):
yield result


def _handshakeServerAsyncHelper(self, sharedKeyDB, verifierDB,
certChain, privateKey, reqCert, sessionCache,
settings):
settings, nextProtos):

self._handshakeStart(client=False)

Expand Down Expand Up @@ -1240,6 +1243,9 @@ def _handshakeServerAsyncHelper(self, sharedKeyDB, verifierDB,
else:
sessionID = createByteArraySequence([])

if not clientHello.supports_npn:
nextProtos = None

#If we've selected an SRP suite, exchange keys and calculate
#premaster secret:
if cipherSuite in CipherSuite.srpSuites + CipherSuite.srpRsaSuites:
Expand Down Expand Up @@ -1336,6 +1342,7 @@ def _handshakeServerAsyncHelper(self, sharedKeyDB, verifierDB,
serverHello = ServerHello()
serverHello.create(self.version, serverRandom, sessionID,
cipherSuite, certificateType)
serverHello.next_protos_advertised = nextProtos
msgs.append(serverHello)
if cipherSuite in CipherSuite.srpRsaSuites:
certificateMsg = Certificate(certificateType)
Expand Down Expand Up @@ -1377,8 +1384,9 @@ def _handshakeServerAsyncHelper(self, sharedKeyDB, verifierDB,
#Send ServerHello, Certificate[, CertificateRequest],
#ServerHelloDone
msgs = []
msgs.append(ServerHello().create(self.version, serverRandom,
sessionID, cipherSuite, certificateType))
serverHello = ServerHello().create(self.version, serverRandom, sessionID, cipherSuite, certificateType)
serverHello.next_protos_advertised = nextProtos
msgs.append(serverHello)
msgs.append(Certificate(certificateType).create(serverCertChain))
if reqCert:
msgs.append(CertificateRequest())
Expand Down Expand Up @@ -1504,7 +1512,7 @@ def _handshakeServerAsyncHelper(self, sharedKeyDB, verifierDB,
settings.cipherImplementations)

#Exchange ChangeCipherSpec and Finished messages
for result in self._getFinished():
for result in self._getFinished(expect_next_protocol=nextProtos is not None):
yield result

#If we were holding a post-finished error until receiving the client
Expand Down

0 comments on commit 24fd00e

Please sign in to comment.