Add SSL_early_data_reason_string.
QUICHE has a switch-case converting ssl_early_data_reason_t to a string
for logging. This causes a lot of churn when we add a new value.
Instead, add a function for this. Bump BORINGSSL_API_VERSION so we can
easily land a CL in QUICHE to start using the function without
coordinating repositories.
Change-Id: I176ca07b4f75a3ea7153a387219459665062aad9
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/43724
Reviewed-by: Nick Harper <nharper@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/include/openssl/base.h b/include/openssl/base.h
index 0bdb1db..474bb8b 100644
--- a/include/openssl/base.h
+++ b/include/openssl/base.h
@@ -187,7 +187,7 @@
// A consumer may use this symbol in the preprocessor to temporarily build
// against multiple revisions of BoringSSL at the same time. It is not
// recommended to do so for longer than is necessary.
-#define BORINGSSL_API_VERSION 11
+#define BORINGSSL_API_VERSION 12
#if defined(BORINGSSL_SHARED_LIBRARY)
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 4db6afc..c12aa0e 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -3549,6 +3549,11 @@
OPENSSL_EXPORT enum ssl_early_data_reason_t SSL_get_early_data_reason(
const SSL *ssl);
+// SSL_early_data_reason_string returns a string representation for |reason|, or
+// NULL if |reason| is unknown. This function may be used for logging.
+OPENSSL_EXPORT const char *SSL_early_data_reason_string(
+ enum ssl_early_data_reason_t reason);
+
// Alerts.
//
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index 33b9f2f..a52f1fa 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -1294,6 +1294,43 @@
return ssl->s3->early_data_reason;
}
+const char *SSL_early_data_reason_string(enum ssl_early_data_reason_t reason) {
+ switch (reason) {
+ case ssl_early_data_unknown:
+ return "unknown";
+ case ssl_early_data_disabled:
+ return "disabled";
+ case ssl_early_data_accepted:
+ return "accepted";
+ case ssl_early_data_protocol_version:
+ return "protocol_version";
+ case ssl_early_data_peer_declined:
+ return "peer_declined";
+ case ssl_early_data_no_session_offered:
+ return "no_session_offered";
+ case ssl_early_data_session_not_resumed:
+ return "session_not_resumed";
+ case ssl_early_data_unsupported_for_session:
+ return "unsupported_for_session";
+ case ssl_early_data_hello_retry_request:
+ return "hello_retry_request";
+ case ssl_early_data_alpn_mismatch:
+ return "alpn_mismatch";
+ case ssl_early_data_channel_id:
+ return "channel_id";
+ case ssl_early_data_token_binding:
+ return "token_binding";
+ case ssl_early_data_ticket_age_skew:
+ return "ticket_age_skew";
+ case ssl_early_data_quic_parameter_mismatch:
+ return "quic_parameter_mismatch";
+ case ssl_early_data_alps_mismatch:
+ return "alps_mismatch";
+ }
+
+ return nullptr;
+}
+
static int bio_retry_reason_to_error(int reason) {
switch (reason) {
case BIO_RR_CONNECT:
diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc
index 3df861b..b04f089 100644
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@@ -396,50 +396,6 @@
return true;
}
-static const char *EarlyDataReasonToString(ssl_early_data_reason_t reason) {
- if (reason > ssl_early_data_reason_max_value) {
- fprintf(stderr, "ssl_early_data_reason_max_value is out of date.\n");
- abort();
- }
-
- switch (reason) {
- case ssl_early_data_unknown:
- return "unknown";
- case ssl_early_data_disabled:
- return "disabled";
- case ssl_early_data_accepted:
- return "accepted";
- case ssl_early_data_protocol_version:
- return "protocol_version";
- case ssl_early_data_peer_declined:
- return "peer_declined";
- case ssl_early_data_no_session_offered:
- return "no_session_offered";
- case ssl_early_data_session_not_resumed:
- return "session_not_resumed";
- case ssl_early_data_unsupported_for_session:
- return "unsupported_for_session";
- case ssl_early_data_hello_retry_request:
- return "hello_retry_request";
- case ssl_early_data_alpn_mismatch:
- return "alpn_mismatch";
- case ssl_early_data_channel_id:
- return "channel_id";
- case ssl_early_data_token_binding:
- return "token_binding";
- case ssl_early_data_ticket_age_skew:
- return "ticket_age_skew";
- case ssl_early_data_quic_parameter_mismatch:
- return "quic_parameter_mismatch";
- case ssl_early_data_alps_mismatch:
- return "alps_mismatch";
- }
-
- fprintf(stderr, "Unknown ssl_early_data_reason_t value %d.\n",
- static_cast<int>(reason));
- abort();
-}
-
// CheckHandshakeProperties checks, immediately after |ssl| completes its
// initial handshake (or False Starts), whether all the properties are
// consistent with the test configuration and invariants.
@@ -677,7 +633,7 @@
}
const char *early_data_reason =
- EarlyDataReasonToString(SSL_get_early_data_reason(ssl));
+ SSL_early_data_reason_string(SSL_get_early_data_reason(ssl));
if (!config->expect_early_data_reason.empty() &&
config->expect_early_data_reason != early_data_reason) {
fprintf(stderr, "Early data reason was \"%s\", expected \"%s\"\n",
