Flush TLS 1.3 NewSessionTicket messages together.

There's no sense in flushing twice in one flight. This means when writing a message is finally synchronous, we don't need the intermediate state at all. Change-Id: Iaca60d64917f82dce0456a8b15de4ee00f2d557b Reviewed-on: https://boringssl-review.googlesource.com/12103 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
2016-11-03 17:19:16 -04:00 · 2016-11-03 17:19:16 -04:00 · 0a011fc49f
commit 0a011fc49f
parent 8e816eb7b6
1 changed files with 15 additions and 15 deletions
--- a/ssl/tls13_server.c
+++ b/ssl/tls13_server.c
@ -47,7 +47,7 @@ enum server_hs_state_t {
  state_process_channel_id,
  state_process_client_finished,
  state_send_new_session_ticket,
-  state_flush_new_session_ticket,
+  state_flush_new_session_tickets,
  state_done,
 };

@ -601,6 +601,10 @@ static enum ssl_hs_wait_t do_process_client_finished(SSL *ssl,
  return ssl_hs_ok;
 }

+/* TLS 1.3 recommends single-use tickets, so issue multiple tickets in case the
+ * client makes several connections before getting a renewal. */
+static const int kNumTickets = 2;
+
 static enum ssl_hs_wait_t do_send_new_session_ticket(SSL *ssl,
                                                     SSL_HANDSHAKE *hs) {
  SSL_SESSION *session = ssl->s3->new_session;
@ -635,8 +639,12 @@ static enum ssl_hs_wait_t do_send_new_session_ticket(SSL *ssl,
  }

  hs->session_tickets_sent++;
+  if (hs->session_tickets_sent >= kNumTickets) {
+    hs->state = state_flush_new_session_tickets;
+  } else {
+    hs->state = state_send_new_session_ticket;
+  }

-  hs->state = state_flush_new_session_ticket;
  return ssl_hs_write_message;

 err:
@ -644,17 +652,9 @@ err:
  return ssl_hs_error;
 }

-/* TLS 1.3 recommends single-use tickets, so issue multiple tickets in case the
- * client makes several connections before getting a renewal. */
-static const int kNumTickets = 2;
-
-static enum ssl_hs_wait_t do_flush_new_session_ticket(SSL *ssl,
+static enum ssl_hs_wait_t do_flush_new_session_tickets(SSL *ssl,
                                                       SSL_HANDSHAKE *hs) {
-  if (hs->session_tickets_sent >= kNumTickets) {
  hs->state = state_done;
-  } else {
-    hs->state = state_send_new_session_ticket;
-  }
  return ssl_hs_flush;
 }

@ -719,8 +719,8 @@ enum ssl_hs_wait_t tls13_server_handshake(SSL *ssl) {
      case state_send_new_session_ticket:
        ret = do_send_new_session_ticket(ssl, hs);
        break;
-      case state_flush_new_session_ticket:
-        ret = do_flush_new_session_ticket(ssl, hs);
+      case state_flush_new_session_tickets:
+        ret = do_flush_new_session_tickets(ssl, hs);
        break;
      case state_done:
        ret = ssl_hs_ok;