From 2adf923ee6c00ed0df9813692ddc784386d13dc5 Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Thu, 28 Mar 2019 11:07:40 +0100
Subject: [PATCH] process the NewSessionTicket TLS message

---
 crypto_stream_manager.go           |  6 ++++--
 crypto_stream_manager_test.go      | 21 ++++++++++++++-------
 go.mod                             |  2 +-
 go.sum                             |  4 ++--
 internal/handshake/crypto_setup.go |  9 +++++++++
 session.go                         |  4 ++--
 6 files changed, 32 insertions(+), 14 deletions(-)

diff --git a/crypto_stream_manager.go b/crypto_stream_manager.go
index 64e78781..489b306a 100644
--- a/crypto_stream_manager.go
+++ b/crypto_stream_manager.go
@@ -16,17 +16,20 @@ type cryptoStreamManager struct {
 
 	initialStream   cryptoStream
 	handshakeStream cryptoStream
+	oneRTTStream    cryptoStream
 }
 
 func newCryptoStreamManager(
 	cryptoHandler cryptoDataHandler,
 	initialStream cryptoStream,
 	handshakeStream cryptoStream,
+	oneRTTStream cryptoStream,
 ) *cryptoStreamManager {
 	return &cryptoStreamManager{
 		cryptoHandler:   cryptoHandler,
 		initialStream:   initialStream,
 		handshakeStream: handshakeStream,
+		oneRTTStream:    oneRTTStream,
 	}
 }
 
@@ -38,8 +41,7 @@ func (m *cryptoStreamManager) HandleCryptoFrame(frame *wire.CryptoFrame, encLeve
 	case protocol.EncryptionHandshake:
 		str = m.handshakeStream
 	case protocol.Encryption1RTT:
-		// TODO(#981): process session tickets
-		return false, nil
+		str = m.oneRTTStream
 	default:
 		return false, fmt.Errorf("received CRYPTO frame with unexpected encryption level: %s", encLevel)
 	}
diff --git a/crypto_stream_manager_test.go b/crypto_stream_manager_test.go
index 0c331cb4..62a031a3 100644
--- a/crypto_stream_manager_test.go
+++ b/crypto_stream_manager_test.go
@@ -18,13 +18,15 @@ var _ = Describe("Crypto Stream Manager", func() {
 
 		initialStream   *MockCryptoStream
 		handshakeStream *MockCryptoStream
+		oneRTTStream    *MockCryptoStream
 	)
 
 	BeforeEach(func() {
 		initialStream = NewMockCryptoStream(mockCtrl)
 		handshakeStream = NewMockCryptoStream(mockCtrl)
+		oneRTTStream = NewMockCryptoStream(mockCtrl)
 		cs = NewMockCryptoDataHandler(mockCtrl)
-		csm = newCryptoStreamManager(cs, initialStream, handshakeStream)
+		csm = newCryptoStreamManager(cs, initialStream, handshakeStream, oneRTTStream)
 	})
 
 	It("passes messages to the initial stream", func() {
@@ -49,6 +51,17 @@ var _ = Describe("Crypto Stream Manager", func() {
 		Expect(encLevelChanged).To(BeFalse())
 	})
 
+	It("passes messages to the 1-RTT stream", func() {
+		cf := &wire.CryptoFrame{Data: []byte("foobar")}
+		oneRTTStream.EXPECT().HandleCryptoFrame(cf)
+		oneRTTStream.EXPECT().GetCryptoData().Return([]byte("foobar"))
+		oneRTTStream.EXPECT().GetCryptoData()
+		cs.EXPECT().HandleMessage([]byte("foobar"), protocol.Encryption1RTT)
+		encLevelChanged, err := csm.HandleCryptoFrame(cf, protocol.Encryption1RTT)
+		Expect(err).ToNot(HaveOccurred())
+		Expect(encLevelChanged).To(BeFalse())
+	})
+
 	It("doesn't call the message handler, if there's no message", func() {
 		cf := &wire.CryptoFrame{Data: []byte("foobar")}
 		handshakeStream.EXPECT().HandleCryptoFrame(cf)
@@ -98,12 +111,6 @@ var _ = Describe("Crypto Stream Manager", func() {
 		Expect(err).To(MatchError(err))
 	})
 
-	It("ignores post-handshake crypto data", func() {
-		changed, err := csm.HandleCryptoFrame(&wire.CryptoFrame{}, protocol.Encryption1RTT)
-		Expect(err).ToNot(HaveOccurred())
-		Expect(changed).To(BeFalse())
-	})
-
 	It("errors for unknown encryption levels", func() {
 		_, err := csm.HandleCryptoFrame(&wire.CryptoFrame{}, 42)
 		Expect(err).To(HaveOccurred())
diff --git a/go.mod b/go.mod
index d5d22a97..63d9d89b 100644
--- a/go.mod
+++ b/go.mod
@@ -5,7 +5,7 @@ go 1.12
 require (
 	github.com/cheekybits/genny v1.0.0
 	github.com/golang/mock v1.2.0
-	github.com/marten-seemann/qtls v0.2.2
+	github.com/marten-seemann/qtls v0.2.3
 	github.com/onsi/ginkgo v1.7.0
 	github.com/onsi/gomega v1.4.3
 	golang.org/x/crypto v0.0.0-20190228161510-8dd112bcdc25
diff --git a/go.sum b/go.sum
index e52e5910..c5efe853 100644
--- a/go.sum
+++ b/go.sum
@@ -8,8 +8,8 @@ github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
-github.com/marten-seemann/qtls v0.2.2 h1:QcmNbsYmV0ByHRkBRhSik8rxmB3S/SPzd+LMlXTgyJM=
-github.com/marten-seemann/qtls v0.2.2/go.mod h1:xzjG7avBwGGbdZ8dTGxlBnLArsVKLvwmjgmPuiQEcYk=
+github.com/marten-seemann/qtls v0.2.3 h1:0yWJ43C62LsZt08vuQJDK1uC1czUc3FJeCLPoNAI4vA=
+github.com/marten-seemann/qtls v0.2.3/go.mod h1:xzjG7avBwGGbdZ8dTGxlBnLArsVKLvwmjgmPuiQEcYk=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.7.0 h1:WSHQ+IS43OoUrWtD1/bbclrwK8TTH5hzp+umCiuxHgs=
 github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
diff --git a/internal/handshake/crypto_setup.go b/internal/handshake/crypto_setup.go
index fff9133b..c9d37f71 100644
--- a/internal/handshake/crypto_setup.go
+++ b/internal/handshake/crypto_setup.go
@@ -21,6 +21,7 @@ type messageType uint8
 const (
 	typeClientHello         messageType = 1
 	typeServerHello         messageType = 2
+	typeNewSessionTicket    messageType = 4
 	typeEncryptedExtensions messageType = 8
 	typeCertificate         messageType = 11
 	typeCertificateRequest  messageType = 13
@@ -34,6 +35,8 @@ func (m messageType) String() string {
 		return "ClientHello"
 	case typeServerHello:
 		return "ServerHello"
+	case typeNewSessionTicket:
+		return "NewSessionTicket"
 	case typeEncryptedExtensions:
 		return "EncryptedExtensions"
 	case typeCertificate:
@@ -294,6 +297,8 @@ func (h *cryptoSetup) checkEncryptionLevel(msgType messageType, encLevel protoco
 		typeCertificateVerify,
 		typeFinished:
 		expected = protocol.EncryptionHandshake
+	case typeNewSessionTicket:
+		expected = protocol.Encryption1RTT
 	default:
 		return fmt.Errorf("unexpected handshake message: %d", msgType)
 	}
@@ -399,6 +404,10 @@ func (h *cryptoSetup) handleMessageForClient(msgType messageType) bool {
 			return false
 		}
 		return true
+	case typeNewSessionTicket:
+		<-h.handshakeDone // don't process session tickets before the handshake has completed
+		h.conn.HandlePostHandshakeMessage()
+		return false
 	default:
 		panic("unexpected handshake message: ")
 	}
diff --git a/session.go b/session.go
index 5bba17b3..eb74541d 100644
--- a/session.go
+++ b/session.go
@@ -219,7 +219,7 @@ var newSession = func(
 		s.perspective,
 		s.version,
 	)
-	s.cryptoStreamManager = newCryptoStreamManager(cs, initialStream, handshakeStream)
+	s.cryptoStreamManager = newCryptoStreamManager(cs, initialStream, handshakeStream, oneRTTStream)
 
 	if err := s.postSetup(); err != nil {
 		return nil, err
@@ -275,7 +275,7 @@ var newClientSession = func(
 	}
 	s.clientHelloWritten = clientHelloWritten
 	s.cryptoStreamHandler = cs
-	s.cryptoStreamManager = newCryptoStreamManager(cs, initialStream, handshakeStream)
+	s.cryptoStreamManager = newCryptoStreamManager(cs, initialStream, handshakeStream, oneRTTStream)
 	s.unpacker = newPacketUnpacker(cs, s.version)
 	s.streamsMap = newStreamsMap(
 		s,