mirrors/XTLS_REALITY
0
0
Fork 0
mirror of https://github.com/XTLS/REALITY.git synced 2025-08-22 14:38:35 +00:00
Code

crypto/tls: apply QUIC session event flag to QUICResumeSession events

Browse Source 
Go 1.23 adds two new events to QUICConns: QUICStoreSessionEvent and
QUICResumeSessionEvent. We added a QUICConfig.EnableStoreSessionEvent
flag to control whether the store-session event is provided or not,
because receiving this event requires additional action from the caller:
the session must be explicitly stored with QUICConn.StoreSession.

We did not add a control for whether the resume-session event is
provided, because this event requires no action and the caller is
expected to ignore unknown events.

However, we never documented the expectation that callers ignore
unknown events, and quic-go produces an error when receiving an
unexpected event. So change the EnableStoreSessionEvent flag to
apply to both new events.

Fixes #68124
For #63691

Change-Id: I84af487e52b3815f7b648e09884608f8915cd645
Reviewed-on: https://go-review.googlesource.com/c/go/+/594475
Reviewed-by: Marten Seemann <martenseemann@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
This commit is contained in:
yuhan6665 2024-08-25 11:19:24 -04:00
parent c7274fa497
commit 1c613789ca
4 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
handshake_client.go
View File

@ -480,7 +480,9 @@ func (c *Conn) loadSession(hello *clientHelloMsg) (
} }
if c.quic != nil { if c.quic != nil {
c.quicResumeSession(session) if c.quic.enableSessionEvents {
c.quicResumeSession(session)
}
// For 0-RTT, the cipher suite has to match exactly, and we need to be // For 0-RTT, the cipher suite has to match exactly, and we need to be
// offering the same ALPN. // offering the same ALPN.

2
handshake_client_tls13.go
View File

@ -900,7 +900,7 @@ func (c *Conn) handleNewSessionTicket(msg *newSessionTicketMsgTLS13) error {
session.ageAdd = msg.ageAdd session.ageAdd = msg.ageAdd
session.EarlyData = c.quic != nil && msg.maxEarlyData == 0xffffffff // RFC 9001, Section 4.6.1 session.EarlyData = c.quic != nil && msg.maxEarlyData == 0xffffffff // RFC 9001, Section 4.6.1
session.ticket = msg.label session.ticket = msg.label
if c.quic != nil && c.quic.enableStoreSessionEvent { if c.quic != nil && c.quic.enableSessionEvents {
c.quicStoreSession(session) c.quicStoreSession(session)
return nil return nil
} }

2
handshake_server_tls13.go
View File

@ -430,7 +430,7 @@ func (hs *serverHandshakeStateTLS13) checkForResumption() error {
continue continue
} }
if c.quic != nil { if c.quic != nil && c.quic.enableSessionEvents {
if err := c.quicResumeSession(sessionState); err != nil { if err := c.quicResumeSession(sessionState); err != nil {
return err return err
} }

16
quic.go
View File

@ -50,12 +50,12 @@ type QUICConn struct {
type QUICConfig struct { type QUICConfig struct {
TLSConfig *Config TLSConfig *Config
// EnableStoreSessionEvent may be set to true to enable the // EnableSessionEvents may be set to true to enable the
// [QUICStoreSession] event for client connections. // [QUICStoreSession] and [QUICResumeSession] events for client connections.
// When this event is enabled, sessions are not automatically // When this event is enabled, sessions are not automatically
// stored in the client session cache. // stored in the client session cache.
// The application should use [QUICConn.StoreSession] to store sessions. // The application should use [QUICConn.StoreSession] to store sessions.
EnableStoreSessionEvent bool EnableSessionEvents bool
} }
// A QUICEventKind is a type of operation on a QUIC connection. // A QUICEventKind is a type of operation on a QUIC connection.
@ -113,7 +113,7 @@ const (
// QUICStoreSession indicates that the server has provided state permitting // QUICStoreSession indicates that the server has provided state permitting
// the client to resume the session. // the client to resume the session.
// [QUICEvent.SessionState] is set. // [QUICEvent.SessionState] is set.
// The application should use [QUICConn.Store] session to store the [SessionState]. // The application should use [QUICConn.StoreSession] session to store the [SessionState].
// The application may modify the [SessionState] before storing it. // The application may modify the [SessionState] before storing it.
// This event only occurs on client connections. // This event only occurs on client connections.
QUICStoreSession QUICStoreSession
@ -165,7 +165,7 @@ type quicState struct {
transportParams []byte // to send to the peer transportParams []byte // to send to the peer
enableStoreSessionEvent bool enableSessionEvents bool
} }
// QUICClient returns a new TLS client side connection using QUICTransport as the // QUICClient returns a new TLS client side connection using QUICTransport as the
@ -187,9 +187,9 @@ func QUICServer(config *QUICConfig) *QUICConn {
func newQUICConn(conn *Conn, config *QUICConfig) *QUICConn { func newQUICConn(conn *Conn, config *QUICConfig) *QUICConn {
conn.quic = &quicState{ conn.quic = &quicState{
signalc: make(chan struct{}), signalc: make(chan struct{}),
blockedc: make(chan struct{}), blockedc: make(chan struct{}),
enableStoreSessionEvent: config.EnableStoreSessionEvent, enableSessionEvents: config.EnableSessionEvents,
} }
conn.quic.events = conn.quic.eventArr[:0] conn.quic.events = conn.quic.eventArr[:0]
return &QUICConn{ return &QUICConn{