Rename cutthrough to False Start.
False Start is the name it's known by now. Deprecate the old API and expose new
ones with the new name.
Change-Id: I32d307027e178fd7d9c0069686cc046f75fdbf6f
Reviewed-on: https://boringssl-review.googlesource.com/3481
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index c6752eb..c51ba6d 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -450,12 +450,12 @@
goto end;
}
}
- if ((SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) &&
- ssl3_can_cutthrough(s) &&
- /* no cutthrough on renegotiation (would complicate the state
- * machine) */
+ if ((SSL_get_mode(s) & SSL_MODE_ENABLE_FALSE_START) &&
+ ssl3_can_false_start(s) &&
+ /* No False Start on renegotiation (would complicate the state
+ * machine). */
s->s3->previous_server_finished_len == 0) {
- s->s3->tmp.next_state = SSL3_ST_CUTTHROUGH_COMPLETE;
+ s->s3->tmp.next_state = SSL3_ST_FALSE_START;
} else {
/* Allow NewSessionTicket if ticket expected */
if (s->tlsext_ticket_expected) {
@@ -524,14 +524,14 @@
s->state = s->s3->tmp.next_state;
break;
- case SSL3_ST_CUTTHROUGH_COMPLETE:
+ case SSL3_ST_FALSE_START:
/* Allow NewSessionTicket if ticket expected */
if (s->tlsext_ticket_expected) {
s->state = SSL3_ST_CR_SESSION_TICKET_A;
} else {
s->state = SSL3_ST_CR_CHANGE;
}
- s->s3->tmp.cutthrough_complete = 1;
+ s->s3->tmp.in_false_start = 1;
ssl_free_wbio_buffer(s);
ret = 1;
@@ -552,7 +552,7 @@
s->init_num = 0;
s->renegotiate = 0;
s->new_session = 0;
- s->s3->tmp.cutthrough_complete = 0;
+ s->s3->tmp.in_false_start = 0;
ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
if (s->hit) {
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 57bb54b..52ab5c0 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -427,7 +427,7 @@
tot = s->s3->wnum;
s->s3->wnum = 0;
- if (!s->in_handshake && SSL_in_init(s) && !SSL_cutthrough_complete(s)) {
+ if (!s->in_handshake && SSL_in_init(s) && !SSL_in_false_start(s)) {
i = s->handshake_func(s);
if (i < 0) {
return i;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index a4c94dc..348e2a5 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2887,8 +2887,12 @@
return ret;
}
+int SSL_in_false_start(const SSL *s) {
+ return s->s3->tmp.in_false_start;
+}
+
int SSL_cutthrough_complete(const SSL *s) {
- return s->s3->tmp.cutthrough_complete;
+ return SSL_in_false_start(s);
}
void SSL_get_structure_sizes(size_t *ssl_size, size_t *ssl_ctx_size,
@@ -2898,7 +2902,7 @@
*ssl_session_size = sizeof(SSL_SESSION);
}
-int ssl3_can_cutthrough(const SSL *s) {
+int ssl3_can_false_start(const SSL *s) {
const SSL_CIPHER *c;
/* require a strong enough cipher */
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 7019540..d63ddda 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -974,7 +974,9 @@
size_t client_random_len, const uint8_t *master,
size_t master_len);
-int ssl3_can_cutthrough(const SSL *s);
+/* ssl3_can_false_start returns one if |s| is allowed to False Start and zero
+ * otherwise. */
+int ssl3_can_false_start(const SSL *s);
/* ssl3_get_enc_method returns the SSL3_ENC_METHOD corresponding to
* |version|. */
diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc
index 6ec3aff..90d142a 100644
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@@ -415,7 +415,7 @@
SkipVerify);
}
if (config->false_start) {
- SSL_set_mode(ssl.get(), SSL_MODE_HANDSHAKE_CUTTHROUGH);
+ SSL_set_mode(ssl.get(), SSL_MODE_ENABLE_FALSE_START);
}
if (config->cbc_record_splitting) {
SSL_set_mode(ssl.get(), SSL_MODE_CBC_RECORD_SPLITTING);