mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-05 04:57:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

fix: clear/revise comments

Browse source
This commit is contained in:
Gaukas Wang 2023-03-09 14:44:27 -07:00
parent a16cd34be9
commit 5da02cccbe
No known key found for this signature in database
GPG key ID: 9E2F8986D76F8B5D
3 changed files with 7 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

4
handshake_client.go
View file

@ -230,7 +230,7 @@ func (c *Conn) clientHandshake(ctx context.Context) (err error) {
} }
// In TLS 1.3, session tickets are delivered after the handshake. // In TLS 1.3, session tickets are delivered after the handshake.
return hs.handshake() // UTLSTODO: returned error return hs.handshake()
} }
hs := &clientHandshakeState{ hs := &clientHandshakeState{
@ -523,7 +523,7 @@ func (hs *clientHandshakeState) doFullHandshake() error {
c.ocspResponse = cs.response c.ocspResponse = cs.response
msg, err = c.readHandshake(&hs.finishedHash) // UTLSTODO: note this added transcriptHash. msg, err = c.readHandshake(&hs.finishedHash)
if err != nil { if err != nil {
return err return err
} }

11
handshake_client_tls13.go
View file

@ -361,9 +361,6 @@ func (hs *clientHandshakeStateTLS13) processHelloRetryRequest() error {
} }
// [uTLS SECTION ENDS] // [uTLS SECTION ENDS]
// UTLSTODO: delete comment
// hs.transcript.Write(hs.hello.marshal())
// if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
if _, err := hs.c.writeHandshakeRecord(hs.hello, hs.transcript); err != nil { if _, err := hs.c.writeHandshakeRecord(hs.hello, hs.transcript); err != nil {
return err return err
} }
@ -536,8 +533,10 @@ func (hs *clientHandshakeStateTLS13) readServerCertificate() error {
return nil return nil
} }
// [UTLS SECTION BEGINS]
// msg, err := c.readHandshake(hs.transcript) // msg, err := c.readHandshake(hs.transcript)
msg, err := c.readHandshake(nil) // [UTLS] we don't write to transcript until make sure it is not compressed cert msg, err := c.readHandshake(nil) // hold writing to transcript until we know it is not compressed cert
// [UTLS SECTION ENDS]
if err != nil { if err != nil {
return err return err
} }
@ -578,9 +577,7 @@ func (hs *clientHandshakeStateTLS13) readServerCertificate() error {
return errors.New("tls: received empty certificates message") return errors.New("tls: received empty certificates message")
} }
// [UTLS SECTION BEGINS] // [UTLS SECTION BEGINS]
// Previously, this was simply 'hs.transcript.Write(certMsg.marshal())' (without the if). if !skipWritingCertToTranscript { // write to transcript only if it is not compressedCert (i.e. if not processed by extension)
if !skipWritingCertToTranscript { // utlsReadServerCertificate didn't call transcriptMsg()
// hs.transcript.Write(certMsg.marshal()) // deprecated since Go 1.19.6
if err = transcriptMsg(certMsg, hs.transcript); err != nil { if err = transcriptMsg(certMsg, hs.transcript); err != nil {
return err return err
} }

3
u_handshake_client.go
View file

@ -25,8 +25,7 @@ func (hs *clientHandshakeStateTLS13) utlsReadServerCertificate(msg any) (process
if len(hs.uconn.certCompressionAlgs) > 0 { if len(hs.uconn.certCompressionAlgs) > 0 {
compressedCertMsg, ok := msg.(*utlsCompressedCertificateMsg) compressedCertMsg, ok := msg.(*utlsCompressedCertificateMsg)
if ok { if ok {
// hs.transcript.Write(compressedCertMsg.marshal()) // deprecated since Go 1.19.6 if err = transcriptMsg(compressedCertMsg, hs.transcript); err != nil {
if err = transcriptMsg(compressedCertMsg, hs.transcript); err != nil { // UTLSTODO: debug
return nil, err return nil, err
} }
msg, err = hs.decompressCert(*compressedCertMsg) msg, err = hs.decompressCert(*compressedCertMsg)