crypto/tls: send two session tickets to TLS 1.3 clients
这个提交包含在:
父节点
44df381ccb
当前提交
9b94b65b7b
34
13.go
34
13.go
@ -24,6 +24,10 @@ import (
|
||||
"golang_org/x/crypto/curve25519"
|
||||
)
|
||||
|
||||
// numSessionTickets is the number of different session tickets the
|
||||
// server sends to a TLS 1.3 client, whom will use each only once.
|
||||
const numSessionTickets = 2
|
||||
|
||||
func (hs *serverHandshakeState) doTLS13Handshake() error {
|
||||
config := hs.c.config
|
||||
c := hs.c
|
||||
@ -544,20 +548,22 @@ func (hs *serverHandshakeState) sendSessionTicket13() error {
|
||||
maxEarlyDataLen: c.config.Max0RTTDataSize,
|
||||
}
|
||||
|
||||
ticket, err := c.encryptTicket(sessionState.marshal())
|
||||
if err != nil {
|
||||
c.sendAlert(alertInternalError)
|
||||
return err
|
||||
}
|
||||
ticketMsg := &newSessionTicketMsg13{
|
||||
lifetime: 24 * 3600, // TODO(filippo)
|
||||
maxEarlyDataLength: c.config.Max0RTTDataSize,
|
||||
withEarlyDataInfo: c.config.Max0RTTDataSize > 0,
|
||||
ageAdd: sessionState.ageAdd,
|
||||
ticket: ticket,
|
||||
}
|
||||
if _, err := c.writeRecord(recordTypeHandshake, ticketMsg.marshal()); err != nil {
|
||||
return err
|
||||
for i := 0; i < numSessionTickets; i++ {
|
||||
ticket, err := c.encryptTicket(sessionState.marshal())
|
||||
if err != nil {
|
||||
c.sendAlert(alertInternalError)
|
||||
return err
|
||||
}
|
||||
ticketMsg := &newSessionTicketMsg13{
|
||||
lifetime: 24 * 3600, // TODO(filippo)
|
||||
maxEarlyDataLength: c.config.Max0RTTDataSize,
|
||||
withEarlyDataInfo: c.config.Max0RTTDataSize > 0,
|
||||
ageAdd: sessionState.ageAdd,
|
||||
ticket: ticket,
|
||||
}
|
||||
if _, err := c.writeRecord(recordTypeHandshake, ticketMsg.marshal()); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
|
正在加载...
在新工单中引用
屏蔽一个用户