Merged ALPN recv and NPN recv common code

aws · Sep 29, 2022 · d7175fa · d7175fa
1 parent e11949c
commit d7175fa
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 46 deletions.
diff --git a/tls/extensions/s2n_client_alpn.c b/tls/extensions/s2n_client_alpn.c
@@ -60,47 +60,31 @@ static int s2n_client_alpn_send(struct s2n_connection *conn, struct s2n_stuffer
 
 static int s2n_client_alpn_recv(struct s2n_connection *conn, struct s2n_stuffer *extension)
 {
-    uint16_t size_of_all;
-    struct s2n_stuffer server_protos = {0};
+    struct s2n_blob *supported_protocols = NULL;
+    POSIX_GUARD(s2n_connection_get_protocol_preferences(conn, &supported_protocols));
+    POSIX_ENSURE_REF(supported_protocols);
 
-    struct s2n_blob *server_app_protocols;
-    POSIX_GUARD(s2n_connection_get_protocol_preferences(conn, &server_app_protocols));
-
-    if (!server_app_protocols->size) {
+    if (supported_protocols->size == 0) {
         /* No protocols configured, nothing to do */
         return S2N_SUCCESS;
     }
 
-    POSIX_GUARD(s2n_stuffer_read_uint16(extension, &size_of_all));
-    if (size_of_all > s2n_stuffer_data_available(extension) || size_of_all < 3) {
+    uint16_t wire_size = 0;
+    POSIX_GUARD(s2n_stuffer_read_uint16(extension, &wire_size));
+    if (wire_size > s2n_stuffer_data_available(extension) || wire_size < 3) {
         /* Malformed length, ignore the extension */
         return S2N_SUCCESS;
     }
+
+    struct s2n_blob client_protocols = { 0 };
+    POSIX_GUARD(s2n_blob_init(&client_protocols, s2n_stuffer_raw_read(extension, wire_size), wire_size));
+
+    struct s2n_stuffer server_protocols = { 0 };
+    POSIX_GUARD(s2n_stuffer_init(&server_protocols, supported_protocols));
+    POSIX_GUARD(s2n_stuffer_skip_write(&server_protocols, supported_protocols->size));
+
+    POSIX_GUARD_RESULT(s2n_select_server_preference_protocol(conn, &server_protocols, &client_protocols));
 
-    struct s2n_blob client_app_protocols = { 0 };
-    client_app_protocols.size = size_of_all;
-    client_app_protocols.data = s2n_stuffer_raw_read(extension, size_of_all);
-    POSIX_ENSURE_REF(client_app_protocols.data);
-
-    /* Find a matching protocol */
-    POSIX_GUARD(s2n_stuffer_init(&server_protos, server_app_protocols));
-    POSIX_GUARD(s2n_stuffer_skip_write(&server_protos, server_app_protocols->size));
-
-    while (s2n_stuffer_data_available(&server_protos) > 0) {
-        struct s2n_blob server_protocol = { 0 };
-        POSIX_ENSURE(s2n_result_is_ok(s2n_protocol_preferences_read(&server_protos, &server_protocol)),
-                S2N_ERR_BAD_MESSAGE);
-
-        bool is_match = false;
-        POSIX_ENSURE(s2n_result_is_ok(s2n_protocol_preferences_contain(&client_app_protocols, &server_protocol, &is_match)),
-                S2N_ERR_BAD_MESSAGE);
-
-        if (is_match) {
-            POSIX_CHECKED_MEMCPY(conn->application_protocol, server_protocol.data, server_protocol.size);
-            conn->application_protocol[server_protocol.size] = '\0';
-            return S2N_SUCCESS;
-        }
-    }
     return S2N_SUCCESS;
 }
 

diff --git a/tls/extensions/s2n_npn.c b/tls/extensions/s2n_npn.c
@@ -67,20 +67,8 @@ int s2n_server_npn_recv(struct s2n_connection *conn, struct s2n_stuffer *extensi
         return S2N_SUCCESS;
     }
 
-    /* Selects mutually supported protocol with server preference */
-    while(s2n_stuffer_data_available(extension) > 0) {
-        struct s2n_blob protocol = { 0 };
-        POSIX_ENSURE(s2n_result_is_ok(s2n_protocol_preferences_read(extension, &protocol)), S2N_ERR_BAD_MESSAGE);
-
-        bool match_found = false;
-        POSIX_ENSURE(s2n_result_is_ok(s2n_protocol_preferences_contain(supported_protocols, &protocol, &match_found)), S2N_ERR_BAD_MESSAGE);
-
-        if (match_found) {
-            POSIX_CHECKED_MEMCPY(conn->application_protocol, protocol.data, protocol.size);
-            conn->application_protocol[protocol.size] = '\0';
-            return S2N_SUCCESS;
-        }    
-    }
+    POSIX_GUARD_RESULT(s2n_select_server_preference_protocol(conn, extension, supported_protocols));
+
     return S2N_SUCCESS;
 }
 

diff --git a/tls/s2n_protocol_preferences.c b/tls/s2n_protocol_preferences.c
@@ -137,6 +137,31 @@ S2N_RESULT s2n_protocol_preferences_set(struct s2n_blob *application_protocols,
     return S2N_RESULT_OK;
 }
 
+S2N_RESULT s2n_select_server_preference_protocol(struct s2n_connection *conn, struct s2n_stuffer *server_list,
+    struct s2n_blob *client_list)
+{
+    RESULT_ENSURE_REF(conn);
+    RESULT_ENSURE_REF(server_list);
+    RESULT_ENSURE_REF(client_list);
+
+    while(s2n_stuffer_data_available(server_list) > 0) {
+        struct s2n_blob protocol = { 0 };
+        RESULT_ENSURE_OK(s2n_protocol_preferences_read(server_list, &protocol), S2N_ERR_BAD_MESSAGE);
+
+        bool match_found = false;
+        RESULT_ENSURE_OK(s2n_protocol_preferences_contain(client_list, &protocol, &match_found), S2N_ERR_BAD_MESSAGE);
+
+        if (match_found) {
+            RESULT_ENSURE_LT(protocol.size, sizeof(conn->application_protocol));
+            RESULT_CHECKED_MEMCPY(conn->application_protocol, protocol.data, protocol.size);
+            conn->application_protocol[protocol.size] = '\0';
+            return S2N_RESULT_OK;
+        }    
+    }
+
+    return S2N_RESULT_OK;   
+}
+
 int s2n_config_set_protocol_preferences(struct s2n_config *config, const char *const *protocols, int protocol_count)
 {
     POSIX_GUARD_RESULT(s2n_protocol_preferences_set(&config->application_protocols, protocols, protocol_count));

diff --git a/tls/s2n_protocol_preferences.h b/tls/s2n_protocol_preferences.h
@@ -21,3 +21,5 @@
 
 S2N_RESULT s2n_protocol_preferences_read(struct s2n_stuffer *protocol_preferences, struct s2n_blob *protocol);
 S2N_RESULT s2n_protocol_preferences_contain(struct s2n_blob *protocol_preferences, struct s2n_blob *protocol, bool *contains);
+S2N_RESULT s2n_select_server_preference_protocol(struct s2n_connection *conn, struct s2n_stuffer *server_list,
+    struct s2n_blob *client_list);