commit 1682126fd81ca12089323b936484e17285c36602
author Steven Valdez <svaldez@google.com> Fri Sep 08 17:03:42 2017 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Mon Sep 11 16:53:16 2017 +0000
tree d6acbeb11a9494bdc5ca96cfc8e1c05443d40258
parent 54c259dec395bd991cce5691723214ffe588e51d

Add Experiment 2

Change-Id: If240cbeb133a23331cb6ca59eaacde7733592278
Reviewed-on: https://boringssl-review.googlesource.com/20144
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/ssl_versions.cc

diff --git a/ssl/ssl_versions.cc b/ssl/ssl_versions.cc
index 184eb44..f6dea8c 100644
--- a/ssl/ssl_versions.cc
+++ b/ssl/ssl_versions.cc
@@ -36,6 +36,7 @@
 
     case TLS1_3_DRAFT_VERSION:
     case TLS1_3_EXPERIMENT_VERSION:
+    case TLS1_3_EXPERIMENT2_VERSION:
     case TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION:
       *out = TLS1_3_VERSION;
       return 1;
@@ -58,6 +59,7 @@
 // decreasing preference.
 
 static const uint16_t kTLSVersions[] = {
+    TLS1_3_EXPERIMENT2_VERSION,
     TLS1_3_EXPERIMENT_VERSION,
     TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION,
     TLS1_3_DRAFT_VERSION,
@@ -103,6 +105,7 @@
   // map it to some representative TLS 1.3 draft version.
   if (version == TLS1_3_DRAFT_VERSION ||
       version == TLS1_3_EXPERIMENT_VERSION ||
+      version == TLS1_3_EXPERIMENT2_VERSION ||
       version == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_SSL_VERSION);
     return 0;
@@ -229,6 +232,7 @@
     // Report TLS 1.3 draft version as TLS 1.3 in the public API.
     case TLS1_3_DRAFT_VERSION:
     case TLS1_3_EXPERIMENT_VERSION:
+    case TLS1_3_EXPERIMENT2_VERSION:
     case TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION:
       return "TLSv1.3";
 
@@ -275,6 +279,7 @@
   if (ssl->server) {
     if (ssl->tls13_variant == tls13_default &&
         (version == TLS1_3_EXPERIMENT_VERSION ||
+         version == TLS1_3_EXPERIMENT2_VERSION ||
          version == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION)) {
       return 0;
     }
@@ -282,6 +287,8 @@
     if ((ssl->tls13_variant != tls13_experiment &&
          ssl->tls13_variant != tls13_no_session_id_experiment &&
          version == TLS1_3_EXPERIMENT_VERSION) ||
+        (ssl->tls13_variant != tls13_experiment2 &&
+         version == TLS1_3_EXPERIMENT2_VERSION) ||
         (ssl->tls13_variant != tls13_record_type_experiment &&
          version == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION) ||
         (ssl->tls13_variant != tls13_default &&
@@ -341,6 +348,11 @@
   return 0;
 }
 
+bool ssl_is_resumption_experiment(uint16_t version) {
+  return version == TLS1_3_EXPERIMENT_VERSION ||
+         version == TLS1_3_EXPERIMENT2_VERSION;
+}
+
 }  // namespace bssl
 
 using namespace bssl;
@@ -364,7 +376,9 @@
 int SSL_version(const SSL *ssl) {
   uint16_t ret = ssl_version(ssl);
   // Report TLS 1.3 draft version as TLS 1.3 in the public API.
-  if (ret == TLS1_3_DRAFT_VERSION || ret == TLS1_3_EXPERIMENT_VERSION ||
+  if (ret == TLS1_3_DRAFT_VERSION ||
+      ret == TLS1_3_EXPERIMENT_VERSION ||
+      ret == TLS1_3_EXPERIMENT2_VERSION ||
       ret == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION) {
     return TLS1_3_VERSION;
   }