commit a1d3bfb64fd7ef2cb178b5b515522ffd75d7b8c5
author David Benjamin <davidben@google.com> Tue Jun 01 12:12:44 2021 -0400
committer Adam Langley <agl@google.com> Wed Jun 02 16:20:26 2021 +0000
tree 6d2490ed60e98d6dc40886766a238bfd87c2c674
parent cf816d08252a63ed41c788d4a263b4e88aa9aa2b

Cite an RFC over 9000 (draft-ietf-quic-tls is now RFC 9001).

Also now that it's finalized, flip the default for
SSL_set_quic_use_legacy_codepoint.

Update-Note: QUIC APIs now default to the standard code point rather
than the draft one. QUICHE has already been calling
SSL_set_quic_use_legacy_codepoint, so this should not affect them. Once
callers implementing the draft versions cycle out, we can then drop
SSL_set_quic_use_legacy_codepoint altogether. I've also bumped
BORINGSSL_API_VERSION in case we end up needing an ifdef.

Change-Id: Id2cab66215f4ad4c1e31503d329c0febfdb4603e
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47864
Reviewed-by: David Schinazi <dschinazi@google.com>
Reviewed-by: Adam Langley <agl@google.com>

ssl/tls13_client.cc

diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc
index d23cf6c..8ba6b4d 100644
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc
@@ -713,8 +713,7 @@
   SSL *const ssl = hs->ssl;
 
   if (ssl->s3->early_data_accepted) {
-    // QUIC omits the EndOfEarlyData message. See draft-ietf-quic-tls-22,
-    // section 8.3.
+    // QUIC omits the EndOfEarlyData message. See RFC 9001, section 8.3.
     if (ssl->quic_method == nullptr) {
       ScopedCBB cbb;
       CBB body;
@@ -1044,7 +1043,7 @@
     }
 
     // QUIC does not use the max_early_data_size parameter and always sets it to
-    // a fixed value. See draft-ietf-quic-tls-22, section 4.5.
+    // a fixed value. See RFC 9001, section 4.6.1.
     if (ssl->quic_method != nullptr &&
         session->ticket_max_early_data != 0xffffffff) {
       ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);