fixup! nghttpx: Send nghttpx-0rtt-uniq header if request is replayable

This commit is contained in:
Tatsuhiro Tsujikawa 2017-11-24 21:20:27 +09:00
parent abcdca91ba
commit 66eba46c8e
2 changed files with 7 additions and 6 deletions

View File

@ -442,7 +442,7 @@ int Connection::tls_handshake() {
rv = SSL_read_early_data(tls.ssl, buf.data(), buf.size(), &nread); rv = SSL_read_early_data(tls.ssl, buf.data(), buf.size(), &nread);
if (rv == SSL_READ_EARLY_DATA_ERROR) { if (rv == SSL_READ_EARLY_DATA_ERROR) {
if (SSL_get_error(tls.ssl, rv) == SSL_ERROR_WANT_EARLY) { if (SSL_get_error(tls.ssl, rv) == SSL_ERROR_WANT_CLIENT_HELLO_CB) {
if (LOG_ENABLED(INFO)) { if (LOG_ENABLED(INFO)) {
LOG(INFO) LOG(INFO)
<< "tls: early_cb returns negative return value; handshake " << "tls: early_cb returns negative return value; handshake "
@ -510,7 +510,7 @@ int Connection::tls_handshake() {
break; break;
case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_WRITE:
#if OPENSSL_1_1_1_API #if OPENSSL_1_1_1_API
case SSL_ERROR_WANT_EARLY: case SSL_ERROR_WANT_CLIENT_HELLO_CB:
#endif // OPENSSL_1_1_1_API #endif // OPENSSL_1_1_1_API
break; break;
case SSL_ERROR_SSL: case SSL_ERROR_SSL:

View File

@ -550,7 +550,7 @@ int early_cb(SSL *ssl, int *al, void *arg) {
const unsigned char *ext; const unsigned char *ext;
size_t extlen; size_t extlen;
if (!SSL_early_get0_ext(conn->tls.ssl, TLSEXT_TYPE_early_data, &ext, if (!SSL_client_hello_get0_ext(conn->tls.ssl, TLSEXT_TYPE_early_data, &ext,
&extlen)) { &extlen)) {
if (LOG_ENABLED(INFO)) { if (LOG_ENABLED(INFO)) {
LOG(INFO) << "early_data extension does not exist"; LOG(INFO) << "early_data extension does not exist";
@ -558,7 +558,8 @@ int early_cb(SSL *ssl, int *al, void *arg) {
return 1; return 1;
} }
if (!SSL_early_get0_ext(conn->tls.ssl, TLSEXT_TYPE_psk, &ext, &extlen)) { if (!SSL_client_hello_get0_ext(conn->tls.ssl, TLSEXT_TYPE_psk, &ext,
&extlen)) {
if (LOG_ENABLED(INFO)) { if (LOG_ENABLED(INFO)) {
LOG(INFO) << "pre_shared_key extension does not exist"; LOG(INFO) << "pre_shared_key extension does not exist";
} }
@ -1019,7 +1020,7 @@ SSL_CTX *create_ssl_context(const char *private_key_file, const char *cert_file,
SSL_CTX_set_info_callback(ssl_ctx, info_callback); SSL_CTX_set_info_callback(ssl_ctx, info_callback);
#if OPENSSL_1_1_1_API #if OPENSSL_1_1_1_API
SSL_CTX_set_early_cb(ssl_ctx, early_cb, nullptr); SSL_CTX_set_client_hello_cb(ssl_ctx, early_cb, nullptr);
#endif // OPENSSL_1_1_1_API #endif // OPENSSL_1_1_1_API
#ifdef OPENSSL_IS_BORINGSSL #ifdef OPENSSL_IS_BORINGSSL