MCPcopy Index your code
hub / github.com/XTLS/Go / doFullHandshake

Method doFullHandshake

handshake_client.go:468–653  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

466}
467
468func (hs *clientHandshakeState) doFullHandshake() error {
469 c := hs.c
470
471 msg, err := c.readHandshake()
472 if err != nil {
473 return err
474 }
475 certMsg, ok := msg.(*certificateMsg)
476 if !ok || len(certMsg.certificates) == 0 {
477 c.sendAlert(alertUnexpectedMessage)
478 return unexpectedMessageError(certMsg, msg)
479 }
480 hs.finishedHash.Write(certMsg.marshal())
481
482 msg, err = c.readHandshake()
483 if err != nil {
484 return err
485 }
486
487 cs, ok := msg.(*certificateStatusMsg)
488 if ok {
489 // RFC4366 on Certificate Status Request:
490 // The server MAY return a "certificate_status" message.
491
492 if !hs.serverHello.ocspStapling {
493 // If a server returns a "CertificateStatus" message, then the
494 // server MUST have included an extension of type "status_request"
495 // with empty "extension_data" in the extended server hello.
496
497 c.sendAlert(alertUnexpectedMessage)
498 return errors.New("tls: received unexpected CertificateStatus message")
499 }
500 hs.finishedHash.Write(cs.marshal())
501
502 c.ocspResponse = cs.response
503
504 msg, err = c.readHandshake()
505 if err != nil {
506 return err
507 }
508 }
509
510 if c.handshakes == 0 {
511 // If this is the first handshake on a connection, process and
512 // (optionally) verify the server's certificates.
513 if err := c.verifyServerCertificate(certMsg.certificates); err != nil {
514 return err
515 }
516 } else {
517 // This is a renegotiation handshake. We require that the
518 // server's identity (i.e. leaf certificate) is unchanged and
519 // thus any previous trust decision is still valid.
520 //
521 // See https://mitls.org/pages/attacks/3SHAKE for the
522 // motivation behind this requirement.
523 if !bytes.Equal(c.peerCertificates[0].Raw, certMsg.certificates[0]) {
524 c.sendAlert(alertBadCertificate)
525 return errors.New("tls: server's identity changed during renegotiation")

Callers 1

handshakeMethod · 0.95

Calls 15

marshalMethod · 0.95
unexpectedMessageErrorFunction · 0.85
selectSignatureSchemeFunction · 0.85
readHandshakeMethod · 0.80
sendAlertMethod · 0.80
getClientCertificateMethod · 0.80
writeRecordMethod · 0.80

Tested by

no test coverage detected