Add SSL_ech_accepted API and ech_is_required alerts. The first thing any deployment will want to monitor is whether ECH was actually used. Also it's useful if the command-line tool can output this. (The alert is how the client signals it discarded the connection due to ECH reject.) This also disables ECH with the handoff mechanism for now. (The immediate cause being that ech_accept isn't serialized.) We'll probably need to make some decisions around the ordering here, since ECH affects where the true ClientHello is available. Bug: 275 Change-Id: Ie4559733290e653a514fcd94431090bf86bc3172 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47911 Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/ssl_stat.cc b/ssl/ssl_stat.cc index 5770aac..f7e1675 100644 --- a/ssl/ssl_stat.cc +++ b/ssl/ssl_stat.cc
@@ -224,6 +224,9 @@ case TLS1_AD_NO_APPLICATION_PROTOCOL: return "no application protocol"; + case TLS1_AD_ECH_REQUIRED: + return "ECH required"; + default: return "unknown"; }