OLD | NEW |
1 # Authors: | 1 # Authors: |
2 # Trevor Perrin | 2 # Trevor Perrin |
3 # Google - added reqCAs parameter | 3 # Google - added reqCAs parameter |
4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support | 4 # Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support |
5 # Dimitris Moraitis - Anon ciphersuites | 5 # Dimitris Moraitis - Anon ciphersuites |
6 # Martin von Loewis - python 3 port | 6 # Martin von Loewis - python 3 port |
7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 | 7 # Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2 |
8 # | 8 # |
9 # See the LICENSE file for legal information regarding use of this file. | 9 # See the LICENSE file for legal information regarding use of this file. |
10 | 10 |
(...skipping 1312 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1323 else: | 1323 else: |
1324 tackExt = None | 1324 tackExt = None |
1325 serverHello = ServerHello() | 1325 serverHello = ServerHello() |
1326 serverHello.create(self.version, getRandomBytes(32), sessionID, \ | 1326 serverHello.create(self.version, getRandomBytes(32), sessionID, \ |
1327 cipherSuite, CertificateType.x509, tackExt, | 1327 cipherSuite, CertificateType.x509, tackExt, |
1328 nextProtos) | 1328 nextProtos) |
1329 serverHello.channel_id = clientHello.channel_id | 1329 serverHello.channel_id = clientHello.channel_id |
1330 serverHello.extended_master_secret = \ | 1330 serverHello.extended_master_secret = \ |
1331 clientHello.extended_master_secret and \ | 1331 clientHello.extended_master_secret and \ |
1332 settings.enableExtendedMasterSecret | 1332 settings.enableExtendedMasterSecret |
| 1333 for param in clientHello.tb_client_params: |
| 1334 if param in settings.supportedTokenBindingParams: |
| 1335 serverHello.tb_params = param |
| 1336 break |
1333 if clientHello.support_signed_cert_timestamps: | 1337 if clientHello.support_signed_cert_timestamps: |
1334 serverHello.signed_cert_timestamps = signedCertTimestamps | 1338 serverHello.signed_cert_timestamps = signedCertTimestamps |
1335 if clientHello.status_request: | 1339 if clientHello.status_request: |
1336 serverHello.status_request = ocspResponse | 1340 serverHello.status_request = ocspResponse |
1337 | 1341 |
1338 # Perform the SRP key exchange | 1342 # Perform the SRP key exchange |
1339 clientCertChain = None | 1343 clientCertChain = None |
1340 if cipherSuite in CipherSuite.srpAllSuites: | 1344 if cipherSuite in CipherSuite.srpAllSuites: |
1341 for result in self._serverSRPKeyExchange(clientHello, serverHello, | 1345 for result in self._serverSRPKeyExchange(clientHello, serverHello, |
1342 verifierDB, cipherSuite, | 1346 verifierDB, cipherSuite, |
(...skipping 658 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2001 except TLSAlert as alert: | 2005 except TLSAlert as alert: |
2002 if not self.fault: | 2006 if not self.fault: |
2003 raise | 2007 raise |
2004 if alert.description not in Fault.faultAlerts[self.fault]: | 2008 if alert.description not in Fault.faultAlerts[self.fault]: |
2005 raise TLSFaultError(str(alert)) | 2009 raise TLSFaultError(str(alert)) |
2006 else: | 2010 else: |
2007 pass | 2011 pass |
2008 except: | 2012 except: |
2009 self._shutdown(False) | 2013 self._shutdown(False) |
2010 raise | 2014 raise |
OLD | NEW |