fixup! nghttpx: Send nghttpx-0rtt-uniq header if request is replayable
This commit is contained in:
parent
abcdca91ba
commit
66eba46c8e
|
@ -442,7 +442,7 @@ int Connection::tls_handshake() {
|
||||||
|
|
||||||
rv = SSL_read_early_data(tls.ssl, buf.data(), buf.size(), &nread);
|
rv = SSL_read_early_data(tls.ssl, buf.data(), buf.size(), &nread);
|
||||||
if (rv == SSL_READ_EARLY_DATA_ERROR) {
|
if (rv == SSL_READ_EARLY_DATA_ERROR) {
|
||||||
if (SSL_get_error(tls.ssl, rv) == SSL_ERROR_WANT_EARLY) {
|
if (SSL_get_error(tls.ssl, rv) == SSL_ERROR_WANT_CLIENT_HELLO_CB) {
|
||||||
if (LOG_ENABLED(INFO)) {
|
if (LOG_ENABLED(INFO)) {
|
||||||
LOG(INFO)
|
LOG(INFO)
|
||||||
<< "tls: early_cb returns negative return value; handshake "
|
<< "tls: early_cb returns negative return value; handshake "
|
||||||
|
@ -510,7 +510,7 @@ int Connection::tls_handshake() {
|
||||||
break;
|
break;
|
||||||
case SSL_ERROR_WANT_WRITE:
|
case SSL_ERROR_WANT_WRITE:
|
||||||
#if OPENSSL_1_1_1_API
|
#if OPENSSL_1_1_1_API
|
||||||
case SSL_ERROR_WANT_EARLY:
|
case SSL_ERROR_WANT_CLIENT_HELLO_CB:
|
||||||
#endif // OPENSSL_1_1_1_API
|
#endif // OPENSSL_1_1_1_API
|
||||||
break;
|
break;
|
||||||
case SSL_ERROR_SSL:
|
case SSL_ERROR_SSL:
|
||||||
|
|
|
@ -550,7 +550,7 @@ int early_cb(SSL *ssl, int *al, void *arg) {
|
||||||
const unsigned char *ext;
|
const unsigned char *ext;
|
||||||
size_t extlen;
|
size_t extlen;
|
||||||
|
|
||||||
if (!SSL_early_get0_ext(conn->tls.ssl, TLSEXT_TYPE_early_data, &ext,
|
if (!SSL_client_hello_get0_ext(conn->tls.ssl, TLSEXT_TYPE_early_data, &ext,
|
||||||
&extlen)) {
|
&extlen)) {
|
||||||
if (LOG_ENABLED(INFO)) {
|
if (LOG_ENABLED(INFO)) {
|
||||||
LOG(INFO) << "early_data extension does not exist";
|
LOG(INFO) << "early_data extension does not exist";
|
||||||
|
@ -558,7 +558,8 @@ int early_cb(SSL *ssl, int *al, void *arg) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!SSL_early_get0_ext(conn->tls.ssl, TLSEXT_TYPE_psk, &ext, &extlen)) {
|
if (!SSL_client_hello_get0_ext(conn->tls.ssl, TLSEXT_TYPE_psk, &ext,
|
||||||
|
&extlen)) {
|
||||||
if (LOG_ENABLED(INFO)) {
|
if (LOG_ENABLED(INFO)) {
|
||||||
LOG(INFO) << "pre_shared_key extension does not exist";
|
LOG(INFO) << "pre_shared_key extension does not exist";
|
||||||
}
|
}
|
||||||
|
@ -1019,7 +1020,7 @@ SSL_CTX *create_ssl_context(const char *private_key_file, const char *cert_file,
|
||||||
SSL_CTX_set_info_callback(ssl_ctx, info_callback);
|
SSL_CTX_set_info_callback(ssl_ctx, info_callback);
|
||||||
|
|
||||||
#if OPENSSL_1_1_1_API
|
#if OPENSSL_1_1_1_API
|
||||||
SSL_CTX_set_early_cb(ssl_ctx, early_cb, nullptr);
|
SSL_CTX_set_client_hello_cb(ssl_ctx, early_cb, nullptr);
|
||||||
#endif // OPENSSL_1_1_1_API
|
#endif // OPENSSL_1_1_1_API
|
||||||
|
|
||||||
#ifdef OPENSSL_IS_BORINGSSL
|
#ifdef OPENSSL_IS_BORINGSSL
|
||||||
|
|
Loading…
Reference in New Issue