fixup! nghttpx: Send nghttpx-0rtt-uniq header if request is replayable
This commit is contained in:
parent
abcdca91ba
commit
66eba46c8e
|
@ -442,7 +442,7 @@ int Connection::tls_handshake() {
|
|||
|
||||
rv = SSL_read_early_data(tls.ssl, buf.data(), buf.size(), &nread);
|
||||
if (rv == SSL_READ_EARLY_DATA_ERROR) {
|
||||
if (SSL_get_error(tls.ssl, rv) == SSL_ERROR_WANT_EARLY) {
|
||||
if (SSL_get_error(tls.ssl, rv) == SSL_ERROR_WANT_CLIENT_HELLO_CB) {
|
||||
if (LOG_ENABLED(INFO)) {
|
||||
LOG(INFO)
|
||||
<< "tls: early_cb returns negative return value; handshake "
|
||||
|
@ -510,7 +510,7 @@ int Connection::tls_handshake() {
|
|||
break;
|
||||
case SSL_ERROR_WANT_WRITE:
|
||||
#if OPENSSL_1_1_1_API
|
||||
case SSL_ERROR_WANT_EARLY:
|
||||
case SSL_ERROR_WANT_CLIENT_HELLO_CB:
|
||||
#endif // OPENSSL_1_1_1_API
|
||||
break;
|
||||
case SSL_ERROR_SSL:
|
||||
|
|
|
@ -550,7 +550,7 @@ int early_cb(SSL *ssl, int *al, void *arg) {
|
|||
const unsigned char *ext;
|
||||
size_t extlen;
|
||||
|
||||
if (!SSL_early_get0_ext(conn->tls.ssl, TLSEXT_TYPE_early_data, &ext,
|
||||
if (!SSL_client_hello_get0_ext(conn->tls.ssl, TLSEXT_TYPE_early_data, &ext,
|
||||
&extlen)) {
|
||||
if (LOG_ENABLED(INFO)) {
|
||||
LOG(INFO) << "early_data extension does not exist";
|
||||
|
@ -558,7 +558,8 @@ int early_cb(SSL *ssl, int *al, void *arg) {
|
|||
return 1;
|
||||
}
|
||||
|
||||
if (!SSL_early_get0_ext(conn->tls.ssl, TLSEXT_TYPE_psk, &ext, &extlen)) {
|
||||
if (!SSL_client_hello_get0_ext(conn->tls.ssl, TLSEXT_TYPE_psk, &ext,
|
||||
&extlen)) {
|
||||
if (LOG_ENABLED(INFO)) {
|
||||
LOG(INFO) << "pre_shared_key extension does not exist";
|
||||
}
|
||||
|
@ -1019,7 +1020,7 @@ SSL_CTX *create_ssl_context(const char *private_key_file, const char *cert_file,
|
|||
SSL_CTX_set_info_callback(ssl_ctx, info_callback);
|
||||
|
||||
#if OPENSSL_1_1_1_API
|
||||
SSL_CTX_set_early_cb(ssl_ctx, early_cb, nullptr);
|
||||
SSL_CTX_set_client_hello_cb(ssl_ctx, early_cb, nullptr);
|
||||
#endif // OPENSSL_1_1_1_API
|
||||
|
||||
#ifdef OPENSSL_IS_BORINGSSL
|
||||
|
|
Loading…
Reference in New Issue