Coverage Report

Created: 2025-03-18 06:55

/src/gnutls/lib/ext/cookie.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (C) 2017 Red Hat, Inc.
3
 *
4
 * Author: Nikos Mavrogiannopoulos
5
 *
6
 * This file is part of GnuTLS.
7
 *
8
 * The GnuTLS is free software; you can redistribute it and/or
9
 * modify it under the terms of the GNU Lesser General Public License
10
 * as published by the Free Software Foundation; either version 2.1 of
11
 * the License, or (at your option) any later version.
12
 *
13
 * This library is distributed in the hope that it will be useful, but
14
 * WITHOUT ANY WARRANTY; without even the implied warranty of
15
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
16
 * Lesser General Public License for more details.
17
 *
18
 * You should have received a copy of the GNU Lesser General Public License
19
 * along with this program.  If not, see <https://www.gnu.org/licenses/>
20
 *
21
 */
22
23
/* This file contains the code for the Max Record Size TLS extension.
24
 */
25
26
#include "gnutls_int.h"
27
#include "errors.h"
28
#include "num.h"
29
#include "hello_ext_lib.h"
30
#include "ext/cookie.h"
31
32
static int cookie_recv_params(gnutls_session_t session, const uint8_t *data,
33
            size_t data_size);
34
static int cookie_send_params(gnutls_session_t session,
35
            gnutls_buffer_st *extdata);
36
37
const hello_ext_entry_st ext_mod_cookie = {
38
  .name = "Cookie",
39
  .tls_id = 44,
40
  .gid = GNUTLS_EXTENSION_COOKIE,
41
  .validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
42
        GNUTLS_EXT_FLAG_HRR | GNUTLS_EXT_FLAG_IGNORE_CLIENT_REQUEST,
43
  .client_parse_point =
44
    GNUTLS_EXT_MANDATORY, /* force parsing prior to EXT_TLS extensions */
45
  .server_parse_point =
46
    GNUTLS_EXT_MANDATORY, /* force parsing prior to EXT_TLS extensions */
47
  .recv_func = cookie_recv_params,
48
  .send_func = cookie_send_params,
49
  .pack_func = NULL,
50
  .unpack_func = NULL,
51
  .deinit_func = _gnutls_hello_ext_default_deinit,
52
  .cannot_be_overriden = 0
53
};
54
55
/* Only client sends this extension. */
56
static int cookie_recv_params(gnutls_session_t session, const uint8_t *data,
57
            size_t data_size)
58
0
{
59
0
  size_t csize;
60
0
  int ret;
61
0
  gnutls_datum_t tmp;
62
63
0
  if (session->security_parameters.entity == GNUTLS_SERVER) {
64
    /* we don't support it */
65
0
    return 0;
66
0
  } else { /* client */
67
0
    if (_gnutls_ext_get_msg(session) == GNUTLS_EXT_FLAG_HRR) {
68
0
      DECR_LEN(data_size, 2);
69
70
0
      csize = _gnutls_read_uint16(data);
71
0
      data += 2;
72
73
0
      DECR_LEN(data_size, csize);
74
75
0
      if (data_size != 0)
76
0
        return gnutls_assert_val(
77
0
          GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
78
79
0
      tmp.data = (void *)data;
80
0
      tmp.size = csize;
81
82
0
      ret = _gnutls_hello_ext_set_datum(
83
0
        session, GNUTLS_EXTENSION_COOKIE, &tmp);
84
0
      if (ret < 0)
85
0
        return gnutls_assert_val(ret);
86
87
0
      return 0;
88
0
    }
89
90
0
    return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
91
0
  }
92
93
0
  return 0;
94
0
}
95
96
/* returns data_size or a negative number on failure
97
 */
98
static int cookie_send_params(gnutls_session_t session,
99
            gnutls_buffer_st *extdata)
100
0
{
101
0
  gnutls_datum_t tmp;
102
0
  int ret;
103
104
  /* this function sends the client extension data (dnsname) */
105
0
  if (session->security_parameters.entity == GNUTLS_CLIENT) {
106
0
    ret = _gnutls_hello_ext_get_datum(
107
0
      session, GNUTLS_EXTENSION_COOKIE, &tmp);
108
0
    if (ret < 0)
109
0
      return 0;
110
111
0
    ret = _gnutls_buffer_append_data_prefix(extdata, 16, tmp.data,
112
0
              tmp.size);
113
0
    if (ret < 0)
114
0
      return gnutls_assert_val(ret);
115
116
0
    return 0;
117
0
  }
118
119
0
  return 0;
120
0
}