Remove some TLSv1.3 TODOs that are no longer relevant (329114f9) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/ssl_lib.c

+0 −10

Original line number	Diff line number	Diff line
		@@ -1603,11 +1603,6 @@ int SSL_read_early(SSL s, void buf, size_t num, size_t *readbytes)
		return SSL_READ_EARLY_ERROR;
		}

		/*
		* TODO(TLS1.3): Somehow we need to check that we're not receiving too much
		* data
		*/

		switch (s->early_data_state) {
		case SSL_EARLY_DATA_NONE:
		if (!SSL_in_before(s)) {
		@@ -1804,11 +1799,6 @@ int SSL_write_early(SSL s, const void buf, size_t num, size_t *written)
		return 0;
		}

		/*
		* TODO(TLS1.3): Somehow we need to check that we're not sending too much
		* data
		*/

		switch (s->early_data_state) {
		case SSL_EARLY_DATA_NONE:
		if (!SSL_in_before(s)) {

+0 −5

Original line number	Diff line number	Diff line
		@@ -123,11 +123,6 @@ static int ossl_statem_client13_read_transition(SSL *s, int mt)
		{
		OSSL_STATEM *st = &s->statem;

		/*
		* TODO(TLS1.3): This is still based on the TLSv1.2 state machine. Over time
		* we will update this to look more like real TLSv1.3
		*/

		/*
		* Note: There is no case for TLS_ST_CW_CLNT_HELLO, because we haven't
		* yet negotiated TLSv1.3 at that point so that is handled by

+1 −7

Original line number	Diff line number	Diff line
		@@ -483,13 +483,7 @@ size_t tls1_final_finish_mac(SSL s, const char str, size_t slen,
		int tls1_generate_master_secret(SSL s, unsigned char out, unsigned char *p,
		size_t len, size_t *secret_size)
		{
		/*
		* TODO(TLS1.3): We haven't implemented TLS1.3 key derivation yet. For now
		* we will just force no use of EMS (which adds complications around the
		* handshake hash). This will need to be removed later
		*/
		if ((s->session->flags & SSL_SESS_FLAG_EXTMS)
		&& !SSL_IS_TLS13(s)) {
		if (s->session->flags & SSL_SESS_FLAG_EXTMS) {
		unsigned char hash[EVP_MAX_MD_SIZE * 2];
		size_t hashlen;
		/*