gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

make sure the same session ticket key is used if none is configured

Browse Source
This commit is contained in:
Marten Seemann
2019-03-29 08:53:22 +01:00
parent 2adf923ee6
commit a6d1917417
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/handshake/qtls.go
View File

@@ -70,6 +70,9 @@ func tlsConfigToQtlsConfig(
if c == nil {
c = &tls.Config{}
}
// Clone the config first. This executes the tls.Config.serverInit().
// This sets the SessionTicketKey, if the user didn't supply one.
c = c.Clone()
// QUIC requires TLS 1.3 or newer
minVersion := c.MinVersion
if minVersion < qtls.VersionTLS13 {

8
internal/handshake/qtls_test.go
View File

@@ -63,6 +63,14 @@ var _ = Describe("qtls.Config generation", func() {
Expect(extHandler.received).To(BeTrue())
})
It("initializes such that the session ticket key remains constant", func() {
tlsConf := &tls.Config{}
qtlsConf1 := tlsConfigToQtlsConfig(tlsConf, nil, &mockExtensionHandler{})
qtlsConf2 := tlsConfigToQtlsConfig(tlsConf, nil, &mockExtensionHandler{})
Expect(qtlsConf1.SessionTicketKey).ToNot(BeZero()) // should now contain a random value
Expect(qtlsConf1.SessionTicketKey).To(Equal(qtlsConf2.SessionTicketKey))
})
Context("GetConfigForClient callback", func() {
It("doesn't set it if absent", func() {
qtlsConf := tlsConfigToQtlsConfig(&tls.Config{}, nil, &mockExtensionHandler{})