mirror of
https://github.com/refraction-networking/uquic.git
synced 2025-04-05 13:17:36 +03:00
return an error when handling the NewSessionTicket failed
This commit is contained in:
Marten Seemann
parent
4e709efa2f
commit
6888eb8593
2 changed files with 76 additions and 1 deletions
|
|
@ -434,7 +434,7 @@ func (h *cryptoSetup) handleMessageForClient(msgType messageType) bool {
|
||||||
return true
|
return true
|
||||||
case typeNewSessionTicket:
|
case typeNewSessionTicket:
|
||||||
<-h.handshakeDone // don't process session tickets before the handshake has completed
|
<-h.handshakeDone // don't process session tickets before the handshake has completed
|
||||||
h.conn.HandlePostHandshakeMessage()
|
h.handleNewSessionTicket()
|
||||||
return false
|
return false
|
||||||
default:
|
default:
|
||||||
h.messageErrChan <- qerr.CryptoError(alertUnexpectedMessage, fmt.Sprintf("unexpected handshake message: %d", msgType))
|
h.messageErrChan <- qerr.CryptoError(alertUnexpectedMessage, fmt.Sprintf("unexpected handshake message: %d", msgType))
|
||||||
|
|
@ -442,6 +442,28 @@ func (h *cryptoSetup) handleMessageForClient(msgType messageType) bool {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (h *cryptoSetup) handleNewSessionTicket() {
|
||||||
|
done := make(chan struct{})
|
||||||
|
defer close(done)
|
||||||
|
|
||||||
|
// h.alertChan is an unbuffered channel.
|
||||||
|
// If an error occurs during conn.HandlePostHandshakeMessage,
|
||||||
|
// it will be sent on this channel.
|
||||||
|
// Read it from a go-routine so that HandlePostHandshakeMessage doesn't deadlock.
|
||||||
|
alertChan := make(chan uint8, 1)
|
||||||
|
go func() {
|
||||||
|
select {
|
||||||
|
case alert := <-h.alertChan:
|
||||||
|
alertChan <- alert
|
||||||
|
case <-done:
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
|
if err := h.conn.HandlePostHandshakeMessage(); err != nil {
|
||||||
|
h.runner.OnError(qerr.CryptoError(<-alertChan, err.Error()))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// ReadHandshakeMessage is called by TLS.
|
// ReadHandshakeMessage is called by TLS.
|
||||||
// It blocks until a new handshake message is available.
|
// It blocks until a new handshake message is available.
|
||||||
func (h *cryptoSetup) ReadHandshakeMessage() ([]byte, error) {
|
func (h *cryptoSetup) ReadHandshakeMessage() ([]byte, error) {
|
||||||
|
|
|
||||||
|
|
@ -466,5 +466,58 @@ var _ = Describe("Crypto Setup TLS", func() {
|
||||||
Expect(srvTP.Unmarshal(sTransportParametersRcvd, protocol.PerspectiveServer)).To(Succeed())
|
Expect(srvTP.Unmarshal(sTransportParametersRcvd, protocol.PerspectiveServer)).To(Succeed())
|
||||||
Expect(srvTP.IdleTimeout).To(Equal(sTransportParameters.IdleTimeout))
|
Expect(srvTP.IdleTimeout).To(Equal(sTransportParameters.IdleTimeout))
|
||||||
})
|
})
|
||||||
|
|
||||||
|
It("errors when handling the NewSessionTicket fails", func() {
|
||||||
|
cChunkChan, cInitialStream, cHandshakeStream := initStreams()
|
||||||
|
cRunner := NewMockHandshakeRunner(mockCtrl)
|
||||||
|
cRunner.EXPECT().OnReceivedParams(gomock.Any())
|
||||||
|
cRunner.EXPECT().OnHandshakeComplete()
|
||||||
|
client, _, err := NewCryptoSetupClient(
|
||||||
|
cInitialStream,
|
||||||
|
cHandshakeStream,
|
||||||
|
ioutil.Discard,
|
||||||
|
protocol.ConnectionID{},
|
||||||
|
nil,
|
||||||
|
&TransportParameters{},
|
||||||
|
cRunner,
|
||||||
|
clientConf,
|
||||||
|
utils.DefaultLogger.WithPrefix("client"),
|
||||||
|
)
|
||||||
|
Expect(err).ToNot(HaveOccurred())
|
||||||
|
|
||||||
|
sChunkChan, sInitialStream, sHandshakeStream := initStreams()
|
||||||
|
sRunner := NewMockHandshakeRunner(mockCtrl)
|
||||||
|
sRunner.EXPECT().OnReceivedParams(gomock.Any())
|
||||||
|
sRunner.EXPECT().OnHandshakeComplete()
|
||||||
|
server, err := NewCryptoSetupServer(
|
||||||
|
sInitialStream,
|
||||||
|
sHandshakeStream,
|
||||||
|
ioutil.Discard,
|
||||||
|
protocol.ConnectionID{},
|
||||||
|
nil,
|
||||||
|
&TransportParameters{},
|
||||||
|
sRunner,
|
||||||
|
testdata.GetTLSConfig(),
|
||||||
|
utils.DefaultLogger.WithPrefix("server"),
|
||||||
|
)
|
||||||
|
Expect(err).ToNot(HaveOccurred())
|
||||||
|
|
||||||
|
done := make(chan struct{})
|
||||||
|
go func() {
|
||||||
|
defer GinkgoRecover()
|
||||||
|
handshake(client, cChunkChan, server, sChunkChan)
|
||||||
|
close(done)
|
||||||
|
}()
|
||||||
|
Eventually(done).Should(BeClosed())
|
||||||
|
|
||||||
|
// inject an invalid session ticket
|
||||||
|
cRunner.EXPECT().OnError(gomock.Any()).Do(func(err error) {
|
||||||
|
Expect(err).To(BeAssignableToTypeOf(&qerr.QuicError{}))
|
||||||
|
qerr := err.(*qerr.QuicError)
|
||||||
|
Expect(qerr.IsCryptoError()).To(BeTrue())
|
||||||
|
})
|
||||||
|
b := append([]byte{uint8(typeNewSessionTicket), 0, 0, 6}, []byte("foobar")...)
|
||||||
|
client.HandleMessage(b, protocol.Encryption1RTT)
|
||||||
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue