Google Git
Sign in
boringssl/boringssl.git/b571e77773ef875f7ba9f1d2bba81f305152703e^!/./ssl/ssl_lib.cc
commit
b571e77773ef875f7ba9f1d2bba81f305152703e
[log]
author
David Benjamin <davidben@google.com>
Thu Mar 25 19:42:16 2021 -0400
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Thu Apr 15 22:43:57 2021 +0000
tree
49b55fd2626c4ff01cf112a3b9c9b81bce0397d6
parent
666f2ab65e677bccc3db7063ae1f8706417341e1 [diff] [blame]
Add experimental handshake hints API.

See go/handshake-hints (internal).

CL originally by Bin Wu <wub@google.com>. I just reworked the tests and
tidied it up a bit. This is the start of a replacement for the split
handshakes API. For now, only TLS 1.3 is supported. It starts with an
initial set of hints, but we can add more later. (In particular, we
should probably apply the remote handshaker's extension order to avoid
needing to capability protect such changes.)

Change-Id: I7b6a6dfaa84c6c6e3436d2a4026c3652b8a79f0f
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46535
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index 522c09e..260d3cd7 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc

@@ -1378,6 +1378,7 @@
     case SSL_ERROR_EARLY_DATA_REJECTED:
     case SSL_ERROR_WANT_CERTIFICATE_VERIFY:
     case SSL_ERROR_WANT_RENEGOTIATE:
+    case SSL_ERROR_HANDSHAKE_HINTS_READY:
       return ssl->s3->rwstate;
 
     case SSL_ERROR_WANT_READ: {
@@ -1463,6 +1464,8 @@
       return "HANDOFF";
     case SSL_ERROR_HANDBACK:
       return "HANDBACK";
+    case SSL_ERROR_HANDSHAKE_HINTS_READY:
+      return "HANDSHAKE_HINTS_READY";
     default:
       return nullptr;
   }