From 9b94b65b7bf18e3498febc7d32f1df387f9c0185 Mon Sep 17 00:00:00 2001 From: Filippo Valsorda Date: Mon, 30 Jan 2017 18:03:46 +0000 Subject: [PATCH] crypto/tls: send two session tickets to TLS 1.3 clients --- 13.go | 34 ++++++++++++++++++++-------------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/13.go b/13.go index 9698e70..cdb5ea2 100644 --- a/13.go +++ b/13.go @@ -24,6 +24,10 @@ import ( "golang_org/x/crypto/curve25519" ) +// numSessionTickets is the number of different session tickets the +// server sends to a TLS 1.3 client, whom will use each only once. +const numSessionTickets = 2 + func (hs *serverHandshakeState) doTLS13Handshake() error { config := hs.c.config c := hs.c @@ -544,20 +548,22 @@ func (hs *serverHandshakeState) sendSessionTicket13() error { maxEarlyDataLen: c.config.Max0RTTDataSize, } - ticket, err := c.encryptTicket(sessionState.marshal()) - if err != nil { - c.sendAlert(alertInternalError) - return err - } - ticketMsg := &newSessionTicketMsg13{ - lifetime: 24 * 3600, // TODO(filippo) - maxEarlyDataLength: c.config.Max0RTTDataSize, - withEarlyDataInfo: c.config.Max0RTTDataSize > 0, - ageAdd: sessionState.ageAdd, - ticket: ticket, - } - if _, err := c.writeRecord(recordTypeHandshake, ticketMsg.marshal()); err != nil { - return err + for i := 0; i < numSessionTickets; i++ { + ticket, err := c.encryptTicket(sessionState.marshal()) + if err != nil { + c.sendAlert(alertInternalError) + return err + } + ticketMsg := &newSessionTicketMsg13{ + lifetime: 24 * 3600, // TODO(filippo) + maxEarlyDataLength: c.config.Max0RTTDataSize, + withEarlyDataInfo: c.config.Max0RTTDataSize > 0, + ageAdd: sessionState.ageAdd, + ticket: ticket, + } + if _, err := c.writeRecord(recordTypeHandshake, ticketMsg.marshal()); err != nil { + return err + } } return nil