Cryptography Reference
In-Depth Information
parameters->peer_finished = 0;
while ( !parameters->peer_finished )
{
if ( receive_tls_msg( connection, NULL, 0, parameters ) < 0 )
{
perror( “Unable to receive server finished” );
return 6;
}
if ( server_hello_done )
{
// Check to see if the server agreed to resume; if not,
// abort, even though the server is probably willing to continue
// with a new session.
if ( memcmp( session_id, ¶meters->session_id, session_id_length ) )
{
printf( “Server refused to renegotiate, exiting.\n” );
return 7;
}
else
{
memcpy( parameters->master_secret, master_secret,
MASTER_SECRET_LENGTH );
calculate_keys( parameters );
}
}
}
if ( !( send_change_cipher_spec( connection, parameters ) ) )
{
perror( “Unable to send client change cipher spec” );
return 4;
}
if ( !( send_finished( connection, parameters ) ) )
{
perror( “Unable to send client finished” );
return 5;
}
return 0;
}
This is pretty close to
tls_connect
from Chapter 6; the differences are, of
course, that it doesn't send a
client_key_exchange
message, and it has some
special processing when the
server_hello_done
message is received:
if ( server_hello_done )
{
if ( memcmp( session_id, ¶meters->session_id, session_id_length ) )
{
(Continued)
Search WWH ::
Custom Search