From 80a827f133efa25076c0e8b946cf31a7df8cca40 Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Thu, 7 Dec 2017 13:49:45 +0700
Subject: [PATCH] fix the crypto setup so that it works with the recent mint
 changes

mint now supports stateless retries, and requires that the cookie
protector is set in the mint.Config and returns a new alert when a
retry is performed.
---
 internal/handshake/crypto_setup_tls.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/internal/handshake/crypto_setup_tls.go b/internal/handshake/crypto_setup_tls.go
index e14e7ada8..abaee16b5 100644
--- a/internal/handshake/crypto_setup_tls.go
+++ b/internal/handshake/crypto_setup_tls.go
@@ -54,6 +54,10 @@ func NewCryptoSetupTLSServer(
 	if err != nil {
 		return nil, err
 	}
+	mintConf.CookieProtector, err = mint.NewDefaultCookieProtector()
+	if err != nil {
+		return nil, err
+	}
 	conn := &fakeConn{
 		stream:     cryptoStream,
 		pers:       protocol.PerspectiveServer,
@@ -128,6 +132,7 @@ func (h *cryptoSetupTLS) HandleCryptoStream() error {
 handshakeLoop:
 	for {
 		switch alert := h.tls.Handshake(); alert {
+		case mint.AlertStatelessRetry:
 		case mint.AlertNoAlert: // handshake complete
 			break handshakeLoop
 		case mint.AlertWouldBlock: