| OLD | NEW |
|---|
| 1 """ | 1 """ |
| 2 MAIN CLASS FOR TLS LITE (START HERE!). | 2 MAIN CLASS FOR TLS LITE (START HERE!). |
| 3 """ | 3 """ |
| 4 from __future__ import generators | 4 from __future__ import generators |
| 5 | 5 |
| 6 import socket | 6 import socket |
| 7 from utils.compat import formatExceptionTrace | 7 from utils.compat import formatExceptionTrace |
| 8 from TLSRecordLayer import TLSRecordLayer | 8 from TLSRecordLayer import TLSRecordLayer |
| 9 from Session import Session | 9 from Session import Session |
| 10 from constants import * | 10 from constants import * |
| (...skipping 1090 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1101 self.version = settings.maxVersion | 1101 self.version = settings.maxVersion |
| 1102 | 1102 |
| 1103 #Get ClientHello | 1103 #Get ClientHello |
| 1104 for result in self._getMsg(ContentType.handshake, | 1104 for result in self._getMsg(ContentType.handshake, |
| 1105 HandshakeType.client_hello): | 1105 HandshakeType.client_hello): |
| 1106 if result in (0,1): | 1106 if result in (0,1): |
| 1107 yield result | 1107 yield result |
| 1108 else: | 1108 else: |
| 1109 break | 1109 break |
| 1110 clientHello = result | 1110 clientHello = result |
| 1111 self.client_hello_length = clientHello.client_hello_length |
| 1111 | 1112 |
| 1112 #If client's version is too low, reject it | 1113 #If client's version is too low, reject it |
| 1113 if clientHello.client_version < settings.minVersion: | 1114 if clientHello.client_version < settings.minVersion: |
| 1114 self.version = settings.minVersion | 1115 self.version = settings.minVersion |
| 1115 for result in self._sendError(\ | 1116 for result in self._sendError(\ |
| 1116 AlertDescription.protocol_version, | 1117 AlertDescription.protocol_version, |
| 1117 "Too old version: %s" % str(clientHello.client_version)): | 1118 "Too old version: %s" % str(clientHello.client_version)): |
| 1118 yield result | 1119 yield result |
| 1119 | 1120 |
| 1120 #If tlsIntolerant is nonzero, reject certain TLS versions. | 1121 #If tlsIntolerant is nonzero, reject certain TLS versions. |
| (...skipping 515 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1636 if len(publicKey) < settings.minKeySize: | 1637 if len(publicKey) < settings.minKeySize: |
| 1637 for result in self._sendError(AlertDescription.handshake_failure, | 1638 for result in self._sendError(AlertDescription.handshake_failure, |
| 1638 "Other party's public key too small: %d" % len(publicKey)): | 1639 "Other party's public key too small: %d" % len(publicKey)): |
| 1639 yield result | 1640 yield result |
| 1640 if len(publicKey) > settings.maxKeySize: | 1641 if len(publicKey) > settings.maxKeySize: |
| 1641 for result in self._sendError(AlertDescription.handshake_failure, | 1642 for result in self._sendError(AlertDescription.handshake_failure, |
| 1642 "Other party's public key too large: %d" % len(publicKey)): | 1643 "Other party's public key too large: %d" % len(publicKey)): |
| 1643 yield result | 1644 yield result |
| 1644 | 1645 |
| 1645 yield publicKey, certChain | 1646 yield publicKey, certChain |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 19557004:
net: add a test to ensure that our TLS handshake doesn't get too large. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src