1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15 #include "hitls_build.h"
16 #ifdef HITLS_TLS_HOST_CLIENT
17 #include "securec.h"
18 #include "tls_binlog_id.h"
19 #include "bsl_log_internal.h"
20 #include "bsl_log.h"
21 #include "bsl_sal.h"
22 #include "bsl_err_internal.h"
23 #include "bsl_bytes.h"
24 #include "bsl_list.h"
25 #include "hs_ctx.h"
26 #include "hitls_error.h"
27 #include "hitls_cert_type.h"
28 #include "tls.h"
29 #include "hs.h"
30 #include "hs_extensions.h"
31 #include "hs_common.h"
32 #include "rec.h"
33 #include "parse_common.h"
34 #include "parse_extensions.h"
35 #include "custom_extensions.h"
36 // Parses the point format message sent by the server
ParseServerPointFormats(ParsePacket * pkt,ServerHelloMsg * msg)37 static int32_t ParseServerPointFormats(ParsePacket *pkt, ServerHelloMsg *msg)
38 {
39 /* Parsed extensions of the same type */
40 if (msg->havePointFormats == true) {
41 return ParseDupExtProcess(pkt->ctx, BINLOG_ID15193, BINGLOG_STR("ServerPointFormats"));
42 }
43
44 uint8_t pointFormatsSize = 0;
45 int32_t ret = ParseOneByteLengthField(pkt, &pointFormatsSize, &msg->pointFormats);
46 if (ret == HITLS_PARSE_INVALID_MSG_LEN) {
47 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID15194, BINGLOG_STR("ServerPointFormats"));
48 } else if (ret == HITLS_MEMALLOC_FAIL) {
49 return ParseErrorProcess(pkt->ctx, HITLS_MEMALLOC_FAIL, BINLOG_ID15196,
50 BINGLOG_STR("pointFormats malloc fail."), ALERT_UNKNOWN);
51 }
52
53 if ((pkt->bufLen != *pkt->bufOffset) || (pointFormatsSize == 0u)) {
54 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID15195, BINGLOG_STR("ServerPointFormats"));
55 }
56
57 msg->havePointFormats = true;
58 msg->pointFormatsSize = pointFormatsSize;
59
60 return HITLS_SUCCESS;
61 }
62
63 #ifdef HITLS_TLS_PROTO_TLS13
ParseServerPreShareKey(ParsePacket * pkt,ServerHelloMsg * msg)64 static int32_t ParseServerPreShareKey(ParsePacket *pkt, ServerHelloMsg *msg)
65 {
66 if (msg->haveSelectedIdentity == true) {
67 return ParseDupExtProcess(pkt->ctx, BINLOG_ID15156, BINGLOG_STR("pre_shared_key"));
68 }
69 int32_t ret = ParseBytesToUint16(pkt, &msg->selectedIdentity);
70 if (ret != HITLS_SUCCESS || pkt->bufLen != *pkt->bufOffset) {
71 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID15157, BINGLOG_STR("pre_shared_key"));
72 }
73
74 msg->haveSelectedIdentity = true;
75
76 return HITLS_SUCCESS;
77 }
78
ParseServerKeyShare(ParsePacket * pkt,ServerHelloMsg * msg)79 int32_t ParseServerKeyShare(ParsePacket *pkt, ServerHelloMsg *msg)
80 {
81 if (msg->haveKeyShare == true) {
82 return ParseDupExtProcess(pkt->ctx, BINLOG_ID15158, BINGLOG_STR("ServerKeyShare"));
83 }
84
85 int32_t ret = ParseBytesToUint16(pkt, &msg->keyShare.group);
86 if (ret != HITLS_SUCCESS) {
87 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID15159, BINGLOG_STR("ServerKeyShare"));
88 }
89
90 if (pkt->bufLen == *pkt->bufOffset) {
91 msg->haveKeyShare = true;
92 return HITLS_SUCCESS; // If there is no subsequent content, the extension is the keyshare of hrr
93 }
94 uint16_t keyExchangeSize = 0;
95 ret = ParseTwoByteLengthField(pkt, &keyExchangeSize, &msg->keyShare.keyExchange);
96 if (ret == HITLS_PARSE_INVALID_MSG_LEN) {
97 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID16202, BINGLOG_STR("ServerKeyShare"));
98 } else if (ret == HITLS_MEMALLOC_FAIL) {
99 return ParseErrorProcess(pkt->ctx, HITLS_MEMALLOC_FAIL, BINLOG_ID16984,
100 BINGLOG_STR("ServerKeyShare"), ALERT_INTERNAL_ERROR);
101 }
102
103 if ((pkt->bufLen != *pkt->bufOffset) || (keyExchangeSize == 0u)) {
104 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID15160, BINGLOG_STR("ServerKeyShare"));
105 }
106
107 msg->keyShare.keyExchangeSize = keyExchangeSize;
108 msg->haveKeyShare = true;
109 return HITLS_SUCCESS;
110 }
111
ParseServerCookie(ParsePacket * pkt,ServerHelloMsg * msg)112 int32_t ParseServerCookie(ParsePacket *pkt, ServerHelloMsg *msg)
113 {
114 if (msg->haveCookie == true) {
115 return ParseDupExtProcess(pkt->ctx, BINLOG_ID15162, BINGLOG_STR("cookie"));
116 }
117
118 int32_t ret = ParseExCookie(pkt->buf, pkt->bufLen, &msg->cookie, &msg->cookieLen);
119 if (ret != HITLS_SUCCESS) {
120 return ret;
121 }
122 msg->haveCookie = true;
123 return HITLS_SUCCESS;
124 }
125 // Parse the SupportedVersions message.
126
ParseServerSupportedVersions(ParsePacket * pkt,ServerHelloMsg * msg)127 static int32_t ParseServerSupportedVersions(ParsePacket *pkt, ServerHelloMsg *msg)
128 {
129 /* Parsed extensions of the same type */
130 if (msg->haveSupportedVersion == true) {
131 return ParseDupExtProcess(pkt->ctx, BINLOG_ID15164, BINGLOG_STR("ServerSupportedVersions"));
132 }
133 int32_t ret = ParseBytesToUint16(pkt, &msg->supportedVersion);
134 if (ret != HITLS_SUCCESS || pkt->bufLen != *pkt->bufOffset) {
135 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16985, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
136 "ParseBytesToUint16 fail, ret %d", ret, 0, 0, 0);
137 BSL_ERR_PUSH_ERROR(HITLS_PARSE_INVALID_MSG_LEN);
138 return HITLS_PARSE_INVALID_MSG_LEN;
139 }
140
141 msg->haveSupportedVersion = true;
142
143 return HITLS_SUCCESS;
144 }
145 #endif /* HITLS_TLS_PROTO_TLS13 */
146
147 // Parses the extended master secret sent by the serve
ParseServerExtMasterSecret(ParsePacket * pkt,ServerHelloMsg * msg)148 static int32_t ParseServerExtMasterSecret(ParsePacket *pkt, ServerHelloMsg *msg)
149 {
150 /* Parse the empty extended message */
151 return ParseEmptyExtension(pkt->ctx, HS_EX_TYPE_EXTENDED_MASTER_SECRET, pkt->bufLen,
152 &msg->haveExtendedMasterSecret);
153 }
154 #ifdef HITLS_TLS_FEATURE_ALPN
ParseServerSelectedAlpnProtocol(ParsePacket * pkt,bool * haveSelectedAlpn,uint8_t ** alpnSelected,uint16_t * alpnSelectedSize)155 int32_t ParseServerSelectedAlpnProtocol(
156 ParsePacket *pkt, bool *haveSelectedAlpn, uint8_t **alpnSelected, uint16_t *alpnSelectedSize)
157 {
158 /* Parsed extensions of the same type */
159 if (*haveSelectedAlpn == true) {
160 return ParseDupExtProcess(pkt->ctx, BINLOG_ID15197, BINGLOG_STR("selected alpn protocol"));
161 }
162
163 uint16_t selectedAlpnListLen = 0;
164 uint8_t selectedAlpnLen = 0;
165 int32_t ret = ParseBytesToUint16(pkt, &selectedAlpnListLen);
166 if (ret != HITLS_SUCCESS) {
167 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID15198, BINGLOG_STR("alpn"));
168 }
169 uint32_t offset = *pkt->bufOffset;
170 ret = ParseBytesToUint8(pkt, &selectedAlpnLen);
171 if (ret != HITLS_SUCCESS) {
172 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID16253, BINGLOG_STR("alpn"));
173 }
174
175 /* If the length of the packet does not match the extended length, or the length is 0, the handshake message error
176 * is returned */
177 if (((selectedAlpnListLen * sizeof(uint8_t)) != (pkt->bufLen - sizeof(uint16_t))) || (selectedAlpnListLen == 0)) {
178 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID15199, BINGLOG_STR("alpn"));
179 }
180 /* According to the protocol rfc7301, The alpn extension returned by s end is allowed to contain only one protocol
181 * name, and returns a handshake message error */
182 /* Check whether the listsize of the alpn list returned by the server is anpn size + sizeof(uint8_t) */
183 if (selectedAlpnLen != selectedAlpnListLen - sizeof(uint8_t)) {
184 return ParseErrorProcess(pkt->ctx, HITLS_MSG_HANDLE_ALPN_UNRECOGNIZED, BINLOG_ID16121,
185 BINGLOG_STR("the number of Protocol in ALPN extensions is incorrect."), ALERT_DECODE_ERROR);
186 }
187
188 /* The length of bufLen meets: alpnLen | alpn | 0 */
189 *alpnSelected = (uint8_t *)BSL_SAL_Calloc(selectedAlpnLen + 1, sizeof(uint8_t));
190 if (*alpnSelected == NULL) {
191 return ParseErrorProcess(pkt->ctx, HITLS_MEMALLOC_FAIL, BINLOG_ID15200,
192 BINGLOG_STR("selected alpn proto malloc fail."), ALERT_UNKNOWN);
193 }
194
195 (void)memcpy_s(*alpnSelected, selectedAlpnLen + 1, &pkt->buf[offset], selectedAlpnLen + 1);
196
197 *alpnSelectedSize = selectedAlpnLen;
198 *haveSelectedAlpn = true;
199
200 return HITLS_SUCCESS;
201 }
202 #endif /* HITLS_TLS_FEATURE_ALPN */
203 #ifdef HITLS_TLS_FEATURE_SNI
204 /**
205 * @brief server hello ServerName extension item
206 *
207 * @param ctx [IN] TLS context
208 * @param buf [IN] message buffer
209 * @param bufLen [IN] message length
210 * @param msg [OUT] Parsed message
211 *
212 * @retval HITLS_SUCCESS parsed successfully.
213 * @retval HITLS_PARSE_INVALID_MSG_LEN The message length is incorrect.
214 * @retval HITLS_MEMALLOC_FAIL Memory application failed.
215 * @retval HITLS_PARSE_DUPLICATE_EXTENSIVE_MSG Extended message
216 */
ParseServerServerName(ParsePacket * pkt,ServerHelloMsg * msg)217 static int32_t ParseServerServerName(ParsePacket *pkt, ServerHelloMsg *msg)
218 {
219 /* Parsed extensions of the same type */
220 if (msg->haveServerName == true) {
221 return ParseDupExtProcess(pkt->ctx, BINLOG_ID15202, BINGLOG_STR("ServerName"));
222 }
223
224 /* If the message length is incorrect, an error code is returned */
225 /* rfc6066
226 * When the server decides to receive server_name, the server should include an extension of type "server_name" in
227 * the (extended) server hello. The'extension_data' field for this extension should be empty
228 */
229 if (pkt->bufLen != 0) {
230 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID15203, BINGLOG_STR("ServerName"));
231 }
232 msg->haveServerName = true;
233 return HITLS_SUCCESS;
234 }
235 #endif /* HITLS_TLS_FEATURE_SNI */
236 #if defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12)
ParseServerSecRenegoInfo(ParsePacket * pkt,ServerHelloMsg * msg)237 static int32_t ParseServerSecRenegoInfo(ParsePacket *pkt, ServerHelloMsg *msg)
238 {
239 /* Parsed extensions of the same type */
240 if (msg->haveSecRenego == true) {
241 return ParseDupExtProcess(pkt->ctx, BINLOG_ID15204, BINGLOG_STR("renegotiation info"));
242 }
243
244 uint8_t secRenegoInfoSize = 0;
245 uint8_t *secRenegoInfo = NULL;
246 int32_t ret = ParseSecRenegoInfo(pkt->ctx, pkt->buf, pkt->bufLen, &secRenegoInfo, &secRenegoInfoSize);
247 if (ret != HITLS_SUCCESS) {
248 return ret;
249 }
250
251 msg->secRenegoInfo = secRenegoInfo;
252 msg->secRenegoInfoSize = secRenegoInfoSize;
253 msg->haveSecRenego = true;
254 return HITLS_SUCCESS;
255 }
256 #endif /* defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12) */
257 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
ParseServerTicket(ParsePacket * pkt,ServerHelloMsg * msg)258 static int32_t ParseServerTicket(ParsePacket *pkt, ServerHelloMsg *msg)
259 {
260 /* Parsed extensions of the same type */
261 if (msg->haveTicket == true) {
262 return ParseDupExtProcess(pkt->ctx, BINLOG_ID15964, BINGLOG_STR("ticket"));
263 }
264
265 /* The ticket extended data length of server hello can only be empty */
266 if (pkt->bufLen != 0) {
267 return ParseErrorExtLengthProcess(pkt->ctx, BINLOG_ID15965, BINGLOG_STR("tiket"));
268 }
269
270 msg->haveTicket = true;
271 return HITLS_SUCCESS;
272 }
273 #endif /* HITLS_TLS_FEATURE_SESSION_TICKET */
274 #ifdef HITLS_TLS_FEATURE_ETM
ParseServerEncryptThenMac(ParsePacket * pkt,ServerHelloMsg * msg)275 static int32_t ParseServerEncryptThenMac(ParsePacket *pkt, ServerHelloMsg *msg)
276 {
277 return ParseEmptyExtension(pkt->ctx, HS_EX_TYPE_ENCRYPT_THEN_MAC, pkt->bufLen, &msg->haveEncryptThenMac);
278 }
279 #endif /* HITLS_TLS_FEATURE_ETM */
280
281 /**
282 * @brief Parses the extended message from server
283 *
284 * @param ctx [IN] TLS context
285 * @param extMsgType [IN] Extended message type
286 * @param buf [IN] message buffer
287 * @param extMsgLen [IN] Extended message length
288 * @param msg [OUT] Structure of the parsed extended message
289 *
290 * @retval HITLS_SUCCESS parsed successfully.
291 * @retval HITLS_PARSE_INVALID_MSG_LEN The message length is incorrect.
292 * @retval HITLS_MEMALLOC_FAIL Memory application failed.
293 * @retval HITLS_PARSE_DUPLICATE_EXTENSIVE_MSG Extended message
294 * @retval HITLS_PARSE_UNSUPPORTED_EXTENSION: unsupported extended field
295 */
ParseServerExBody(TLS_Ctx * ctx,uint16_t extMsgType,const uint8_t * buf,uint32_t extMsgLen,ServerHelloMsg * msg)296 static int32_t ParseServerExBody(TLS_Ctx *ctx, uint16_t extMsgType, const uint8_t *buf, uint32_t extMsgLen,
297 ServerHelloMsg *msg)
298 {
299 uint32_t bufOffset = 0u;
300 ParsePacket pkt = {.ctx = ctx, .buf = buf, .bufLen = extMsgLen, .bufOffset = &bufOffset};
301 switch (extMsgType) {
302 case HS_EX_TYPE_POINT_FORMATS:
303 return ParseServerPointFormats(&pkt, msg);
304 #ifdef HITLS_TLS_FEATURE_SNI
305 case HS_EX_TYPE_SERVER_NAME:
306 return ParseServerServerName(&pkt, msg);
307 #endif /* HITLS_TLS_FEATURE_SNI */
308 case HS_EX_TYPE_EXTENDED_MASTER_SECRET:
309 return ParseServerExtMasterSecret(&pkt, msg);
310 #ifdef HITLS_TLS_FEATURE_ALPN
311 case HS_EX_TYPE_APP_LAYER_PROTOCOLS:
312 return ParseServerSelectedAlpnProtocol(
313 &pkt, &msg->haveSelectedAlpn, &msg->alpnSelected, &msg->alpnSelectedSize);
314 #endif /* HITLS_TLS_FEATURE_ALPN */
315 #ifdef HITLS_TLS_PROTO_TLS13
316 case HS_EX_TYPE_KEY_SHARE:
317 return ParseServerKeyShare(&pkt, msg);
318 case HS_EX_TYPE_PRE_SHARED_KEY:
319 return ParseServerPreShareKey(&pkt, msg);
320 case HS_EX_TYPE_COOKIE:
321 return ParseServerCookie(&pkt, msg);
322 case HS_EX_TYPE_SUPPORTED_VERSIONS:
323 return ParseServerSupportedVersions(&pkt, msg);
324 #endif /* HITLS_TLS_PROTO_TLS13 */
325 case HS_EX_TYPE_RENEGOTIATION_INFO:
326 #if defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12)
327 return ParseServerSecRenegoInfo(&pkt, msg);
328 #else
329 return HITLS_SUCCESS;
330 #endif /* defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12) */
331 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
332 case HS_EX_TYPE_SESSION_TICKET:
333 return ParseServerTicket(&pkt, msg);
334 #endif /* HITLS_TLS_FEATURE_SESSION_TICKET */
335 #ifdef HITLS_TLS_FEATURE_ETM
336 case HS_EX_TYPE_ENCRYPT_THEN_MAC:
337 return ParseServerEncryptThenMac(&pkt, msg);
338 #endif /* HITLS_TLS_FEATURE_ETM */
339 #ifdef HITLS_TLS_PROTO_TLS13
340 case HS_EX_TYPE_SUPPORTED_GROUPS:
341 return HITLS_SUCCESS;
342 #endif /* HITLS_TLS_PROTO_TLS13 */
343 default:
344 break;
345 }
346 #ifdef HITLS_TLS_FEATURE_CUSTOM_EXTENSION
347 if (IsParseNeedCustomExtensions(CUSTOM_EXT_FROM_CTX(ctx), extMsgType,
348 HITLS_EX_TYPE_TLS1_2_SERVER_HELLO | HITLS_EX_TYPE_TLS1_3_SERVER_HELLO | HITLS_EX_TYPE_HELLO_RETRY_REQUEST)) {
349 return ParseCustomExtensions(pkt.ctx, pkt.buf + *pkt.bufOffset, extMsgType, extMsgLen,
350 HITLS_EX_TYPE_TLS1_2_SERVER_HELLO | HITLS_EX_TYPE_TLS1_3_SERVER_HELLO | HITLS_EX_TYPE_HELLO_RETRY_REQUEST, NULL, 0);
351 }
352 #endif /* HITLS_TLS_FEATURE_CUSTOM_EXTENSION */
353 // You need to send an alert when an unknown extended field is encountered
354 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15205, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
355 "unknown extension message type:%d len:%lu in server hello message.", extMsgType, extMsgLen, 0, 0);
356 return ParseErrorProcess(pkt.ctx, HITLS_PARSE_UNSUPPORTED_EXTENSION, 0, NULL, ALERT_UNSUPPORTED_EXTENSION);
357 }
358
ParseServerExtension(TLS_Ctx * ctx,const uint8_t * buf,uint32_t bufLen,ServerHelloMsg * msg)359 int32_t ParseServerExtension(TLS_Ctx *ctx, const uint8_t *buf, uint32_t bufLen, ServerHelloMsg *msg)
360 {
361 /* Initialize the message parsing length */
362 uint32_t bufOffset = 0u;
363 int32_t ret = HITLS_SUCCESS;
364
365 /* Parse the extended message from server */
366 while (bufOffset < bufLen) {
367 uint32_t extMsgLen = 0u;
368 uint16_t extMsgType = HS_EX_TYPE_END;
369 ret = ParseExHeader(ctx, &buf[bufOffset], bufLen - bufOffset, &extMsgType, &extMsgLen);
370 if (ret != HITLS_SUCCESS) {
371 return ret;
372 }
373 bufOffset += HS_EX_HEADER_LEN;
374
375 uint32_t extensionId = HS_GetExtensionTypeId(extMsgType);
376 ret = CheckForDuplicateExtension(msg->extensionTypeMask, extensionId, ctx);
377 if (ret != HITLS_SUCCESS) {
378 return ret;
379 }
380 if (extensionId != HS_EX_TYPE_ID_UNRECOGNIZED
381 #ifdef HITLS_TLS_FEATURE_CUSTOM_EXTENSION
382 || !IsParseNeedCustomExtensions(CUSTOM_EXT_FROM_CTX(ctx), extMsgType,
383 HITLS_EX_TYPE_TLS1_2_SERVER_HELLO | HITLS_EX_TYPE_TLS1_3_SERVER_HELLO |
384 HITLS_EX_TYPE_HELLO_RETRY_REQUEST)
385 #endif /* HITLS_TLS_FEATURE_CUSTOM_EXTENSION */
386 ) {
387 if (!GetExtensionFlagValue(ctx, extensionId)) {
388 BSL_ERR_PUSH_ERROR(HITLS_MSG_HANDLE_UNSUPPORT_EXTENSION_TYPE);
389 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID17330, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
390 "client did not send but get extension type %u.", extensionId, 0, 0, 0);
391 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_UNSUPPORTED_EXTENSION);
392 return HITLS_MSG_HANDLE_UNSUPPORT_EXTENSION_TYPE;
393 }
394 msg->extensionTypeMask |= 1ULL << extensionId;
395 }
396
397 ret = ParseServerExBody(ctx, extMsgType, &buf[bufOffset], extMsgLen, msg);
398 if (ret != HITLS_SUCCESS) {
399 return ret;
400 }
401 bufOffset += extMsgLen;
402 }
403
404 // The extended content is the last field of the serverHello message. No other data should follow.
405 if (bufOffset != bufLen) {
406 return ParseErrorProcess(ctx, HITLS_PARSE_INVALID_MSG_LEN, BINLOG_ID15206,
407 BINGLOG_STR("parse extension failed."), ALERT_DECODE_ERROR);
408 }
409
410 return HITLS_SUCCESS;
411 }
412
CleanServerHelloExtension(ServerHelloMsg * msg)413 void CleanServerHelloExtension(ServerHelloMsg *msg)
414 {
415 if (msg == NULL) {
416 return;
417 }
418
419 BSL_SAL_FREE(msg->pointFormats);
420 #ifdef HITLS_TLS_FEATURE_ALPN
421 BSL_SAL_FREE(msg->alpnSelected);
422 #endif /* HITLS_TLS_FEATURE_ALPN */
423 #if defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12)
424 BSL_SAL_FREE(msg->secRenegoInfo);
425 #endif /* defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12) */
426 #ifdef HITLS_TLS_PROTO_TLS13
427 BSL_SAL_FREE(msg->cookie);
428 BSL_SAL_FREE(msg->keyShare.keyExchange);
429 #endif /* HITLS_TLS_PROTO_TLS13 */
430 return;
431 }
432 #endif /* HITLS_TLS_HOST_CLIENT */
433