From 211a06afefb91fdf8d170e2e6d5dc11fc76b176c Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Tue, 1 Aug 2017 19:13:25 -0400 Subject: [PATCH] Rephrase documentation on early data reset. There was a typo (then => the), but I think this is clearer, albeit longer. Change-Id: Ic95368a1bea1feba9d6a00029bbfb5b8ffd260ec Reviewed-on: https://boringssl-review.googlesource.com/18747 Reviewed-by: David Benjamin Commit-Queue: David Benjamin CQ-Verified: CQ bot account: commit-bot@chromium.org --- include/openssl/ssl.h | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 6341fa92..a5ac3251 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -2894,14 +2894,14 @@ OPENSSL_EXPORT const char *SSL_get_psk_identity(const SSL *ssl); * * Early data as a client is more complex. If the offered session (see * |SSL_set_session|) is 0-RTT-capable, the handshake will return after sending - * the ClientHello. The predicted peer certificate and ALPN protocol will be + * the ClientHello. The predicted peer certificates and ALPN protocol will be * available via the usual APIs. |SSL_write| will write early data, up to the * session's limit. Writes past this limit and |SSL_read| will complete the * handshake before continuing. Callers may also call |SSL_do_handshake| again * to complete the handshake sooner. * * If the server accepts early data, the handshake will succeed. |SSL_read| and - * |SSL_write| will then act as in a 1-RTT handshake. The peer certificate and + * |SSL_write| will then act as in a 1-RTT handshake. The peer certificates and * ALPN protocol will be as predicted and need not be re-queried. * * If the server rejects early data, |SSL_do_handshake| (and thus |SSL_read| and @@ -2911,10 +2911,12 @@ OPENSSL_EXPORT const char *SSL_get_psk_identity(const SSL *ssl); * have processed the early data due to attacker replays. * * To then continue the handshake on the original connection, use - * |SSL_reset_early_data_reject|. This allows a faster retry than making a fresh - * connection. |SSL_do_handshake| will the complete the full handshake as in a - * fresh connection. Once reset, the peer certificate, ALPN protocol, and other - * properties may change so the caller must query them again. + * |SSL_reset_early_data_reject|. The connection will then behave as one which + * had not yet completed the handshake. This allows a faster retry than making a + * fresh connection. |SSL_do_handshake| will complete the full handshake, + * possibly resulting in different peer certificates, ALPN protocol, and other + * properties. The caller must disregard any values from before the reset and + * query again. * * Finally, to implement the fallback described in draft-ietf-tls-tls13-18 * appendix C.3, retry on a fresh connection without 0-RTT if the handshake