Adding ALPN to session. 0-RTT requires matching the selected ALPN parameters against those in the session. Stash the ALPN value in the session in TLS 1.3, so we can recover it. BUG=76 Change-Id: I8668b287651ae4deb0bf540c0885a02d189adee0 Reviewed-on: https://boringssl-review.googlesource.com/13845 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: 27a9e6ae1bc472230388efb73e3e4242c162be24 [log] [tgz]
author: Steven Valdez <svaldez@google.com> Tue Feb 14 13:20:40 2017 -0500
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Thu Feb 16 17:33:23 2017 +0000
tree: eb8aa3669940d5e47be0cc936b062946c202258d
parent: f6d64efd1985d4668e084cabe03e41c3574b494f [diff] [blame]
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 5f39754..96e76ea 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -3806,6 +3806,12 @@
    * early data. If zero, 0-RTT is disallowed. */
   uint32_t ticket_max_early_data;
 
+  /* early_alpn is the ALPN protocol from the initial handshake. This is only
+   * stored for TLS 1.3 and above in order to enforce ALPN matching for 0-RTT
+   * resumptions. */
+  uint8_t *early_alpn;
+  size_t early_alpn_len;
+
   /* extended_master_secret is true if the master secret in this session was
    * generated using EMS and thus isn't vulnerable to the Triple Handshake
    * attack. */
commit	27a9e6ae1bc472230388efb73e3e4242c162be24	[log] [tgz]
author	Steven Valdez <svaldez@google.com>	Tue Feb 14 13:20:40 2017 -0500
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Thu Feb 16 17:33:23 2017 +0000
tree	eb8aa3669940d5e47be0cc936b062946c202258d
parent	f6d64efd1985d4668e084cabe03e41c3574b494f [diff] [blame]