summaryrefslogtreecommitdiff
path: root/src/ssl/tls13_server.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/tls13_server.cc')
-rw-r--r--src/ssl/tls13_server.cc47
1 files changed, 47 insertions, 0 deletions
diff --git a/src/ssl/tls13_server.cc b/src/ssl/tls13_server.cc
index 2b802c47..894fa87d 100644
--- a/src/ssl/tls13_server.cc
+++ b/src/ssl/tls13_server.cc
@@ -380,6 +380,8 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) {
hs->early_data_offered &&
/* Channel ID is incompatible with 0-RTT. */
!ssl->s3->tlsext_channel_id_valid &&
+ /* Custom extensions is incompatible with 0-RTT. */
+ hs->custom_extensions.received == 0 &&
/* The negotiated ALPN must match the one in the ticket. */
ssl->s3->alpn_selected_len == session->early_alpn_len &&
OPENSSL_memcmp(ssl->s3->alpn_selected, session->early_alpn,
@@ -920,6 +922,10 @@ enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs) {
break;
}
+ if (hs->state != state) {
+ ssl_do_info_callback(hs->ssl, SSL_CB_ACCEPT_LOOP, 1);
+ }
+
if (ret != ssl_hs_ok) {
return ret;
}
@@ -928,4 +934,45 @@ enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs) {
return ssl_hs_ok;
}
+const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs) {
+ enum server_hs_state_t state =
+ static_cast<enum server_hs_state_t>(hs->tls13_state);
+ switch (state) {
+ case state_select_parameters:
+ return "TLS 1.3 server select_parameters";
+ case state_select_session:
+ return "TLS 1.3 server select_session";
+ case state_send_hello_retry_request:
+ return "TLS 1.3 server send_hello_retry_request";
+ case state_read_second_client_hello:
+ return "TLS 1.3 server read_second_client_hello";
+ case state_send_server_hello:
+ return "TLS 1.3 server send_server_hello";
+ case state_send_server_certificate_verify:
+ return "TLS 1.3 server send_server_certificate_verify";
+ case state_send_server_finished:
+ return "TLS 1.3 server send_server_finished";
+ case state_read_second_client_flight:
+ return "TLS 1.3 server read_second_client_flight";
+ case state_process_change_cipher_spec:
+ return "TLS 1.3 server process_change_cipher_spec";
+ case state_process_end_of_early_data:
+ return "TLS 1.3 server process_end_of_early_data";
+ case state_read_client_certificate:
+ return "TLS 1.3 server read_client_certificate";
+ case state_read_client_certificate_verify:
+ return "TLS 1.3 server read_client_certificate_verify";
+ case state_read_channel_id:
+ return "TLS 1.3 server read_channel_id";
+ case state_read_client_finished:
+ return "TLS 1.3 server read_client_finished";
+ case state_send_new_session_ticket:
+ return "TLS 1.3 server send_new_session_ticket";
+ case state_done:
+ return "TLS 1.3 server done";
+ }
+
+ return "TLS 1.3 server unknown";
+}
+
} // namespace bssl
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 10:24:27 +0000