diff options
Diffstat (limited to 'src/ssl/tls13_server.cc')
-rw-r--r-- | src/ssl/tls13_server.cc | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/src/ssl/tls13_server.cc b/src/ssl/tls13_server.cc index 2b802c47..894fa87d 100644 --- a/src/ssl/tls13_server.cc +++ b/src/ssl/tls13_server.cc @@ -380,6 +380,8 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) { hs->early_data_offered && /* Channel ID is incompatible with 0-RTT. */ !ssl->s3->tlsext_channel_id_valid && + /* Custom extensions is incompatible with 0-RTT. */ + hs->custom_extensions.received == 0 && /* The negotiated ALPN must match the one in the ticket. */ ssl->s3->alpn_selected_len == session->early_alpn_len && OPENSSL_memcmp(ssl->s3->alpn_selected, session->early_alpn, @@ -920,6 +922,10 @@ enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs) { break; } + if (hs->state != state) { + ssl_do_info_callback(hs->ssl, SSL_CB_ACCEPT_LOOP, 1); + } + if (ret != ssl_hs_ok) { return ret; } @@ -928,4 +934,45 @@ enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs) { return ssl_hs_ok; } +const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs) { + enum server_hs_state_t state = + static_cast<enum server_hs_state_t>(hs->tls13_state); + switch (state) { + case state_select_parameters: + return "TLS 1.3 server select_parameters"; + case state_select_session: + return "TLS 1.3 server select_session"; + case state_send_hello_retry_request: + return "TLS 1.3 server send_hello_retry_request"; + case state_read_second_client_hello: + return "TLS 1.3 server read_second_client_hello"; + case state_send_server_hello: + return "TLS 1.3 server send_server_hello"; + case state_send_server_certificate_verify: + return "TLS 1.3 server send_server_certificate_verify"; + case state_send_server_finished: + return "TLS 1.3 server send_server_finished"; + case state_read_second_client_flight: + return "TLS 1.3 server read_second_client_flight"; + case state_process_change_cipher_spec: + return "TLS 1.3 server process_change_cipher_spec"; + case state_process_end_of_early_data: + return "TLS 1.3 server process_end_of_early_data"; + case state_read_client_certificate: + return "TLS 1.3 server read_client_certificate"; + case state_read_client_certificate_verify: + return "TLS 1.3 server read_client_certificate_verify"; + case state_read_channel_id: + return "TLS 1.3 server read_channel_id"; + case state_read_client_finished: + return "TLS 1.3 server read_client_finished"; + case state_send_new_session_ticket: + return "TLS 1.3 server send_new_session_ticket"; + case state_done: + return "TLS 1.3 server done"; + } + + return "TLS 1.3 server unknown"; +} + } // namespace bssl |