Don't test |initial_handshake_complete| for dummy PQ padding status.
Checking |initial_handshake_complete| was a mistake—it's not true for False Start connections at the time when Chrome wants to measure whether PQ padding was used or not. Change-Id: I51757e00f3e02129666ee1ce31c30d63f1bcbe74 Reviewed-on: https://boringssl-review.googlesource.com/26444 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
parent
ec55dc15d3
commit
40cdb3b5da
@ -2954,7 +2954,7 @@ OPENSSL_EXPORT int SSL_set_dummy_pq_padding_size(SSL *ssl, size_t num_bytes);
|
|||||||
|
|
||||||
// SSL_dummy_pq_padding_used returns one if the server echoed a dummy PQ padding
|
// SSL_dummy_pq_padding_used returns one if the server echoed a dummy PQ padding
|
||||||
// extension and zero otherwise. It may only be called on a client connection
|
// extension and zero otherwise. It may only be called on a client connection
|
||||||
// once the handshake has completed, otherwise it'll return zero.
|
// once the ServerHello has been processed, otherwise it'll return zero.
|
||||||
OPENSSL_EXPORT int SSL_dummy_pq_padding_used(SSL *ssl);
|
OPENSSL_EXPORT int SSL_dummy_pq_padding_used(SSL *ssl);
|
||||||
|
|
||||||
|
|
||||||
|
@ -2441,7 +2441,7 @@ int SSL_set_dummy_pq_padding_size(SSL *ssl, size_t num_bytes) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
int SSL_dummy_pq_padding_used(SSL *ssl) {
|
int SSL_dummy_pq_padding_used(SSL *ssl) {
|
||||||
if (ssl->server || !ssl->s3->initial_handshake_complete) {
|
if (ssl->server) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user