diff options
author | Martin Thomson <mt@lowentropy.net> | 2021-12-17 13:21:28 +0000 |
---|---|---|
committer | Martin Thomson <mt@lowentropy.net> | 2021-12-17 13:21:28 +0000 |
commit | ac636f9b54d6d8d71a68d650f468ab7fce3d3c9c (patch) | |
tree | 57214ec380d5f1b96a6022479eb714838e848407 /gtests/ssl_gtest | |
parent | 44c9efeac3b36fde75effefb21724e75507856de (diff) | |
download | nss-hg-ac636f9b54d6d8d71a68d650f468ab7fce3d3c9c.tar.gz |
Bug 1712647 - Split custom extension handling for ECH. r=bbeurdouche,mt
A new function SSL_CallExtensionWriterOnEchInner() allows applications to have
custom extension handlers called separately for CHInner and CHOuter.
This is a little tricky as ECH needs to construct two versions of CHInner: one
compressed and one not. This just calls the write handler twice in that case.
The other complication is that a handler might make different choices for
CHInner and CHOuter. This forces us to stop compressing that extension and any
that follow it when that occurs. In order to ensure that extensions are
consistently placed, we need to track what can be compressed during both
invocations.
I've retained the quirk where the extensions are built twice. That might be
something that can be removed in future, but for now it creates a negative
externality that I've noted in documentation.
Differential Revision: https://phabricator.services.mozilla.com/D115852
Diffstat (limited to 'gtests/ssl_gtest')
-rw-r--r-- | gtests/ssl_gtest/ssl_custext_unittest.cc | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/gtests/ssl_gtest/ssl_custext_unittest.cc b/gtests/ssl_gtest/ssl_custext_unittest.cc index bb322430c..2f9649b08 100644 --- a/gtests/ssl_gtest/ssl_custext_unittest.cc +++ b/gtests/ssl_gtest/ssl_custext_unittest.cc @@ -23,21 +23,21 @@ static void IncrementCounterArg(void *arg) { } } -PRBool NoopExtensionWriter(PRFileDesc *fd, SSLHandshakeType message, +static PRBool NoopExtensionWriter(PRFileDesc *fd, SSLHandshakeType message, PRUint8 *data, unsigned int *len, unsigned int maxLen, void *arg) { IncrementCounterArg(arg); return PR_FALSE; } -PRBool EmptyExtensionWriter(PRFileDesc *fd, SSLHandshakeType message, +static PRBool EmptyExtensionWriter(PRFileDesc *fd, SSLHandshakeType message, PRUint8 *data, unsigned int *len, unsigned int maxLen, void *arg) { IncrementCounterArg(arg); return PR_TRUE; } -SECStatus NoopExtensionHandler(PRFileDesc *fd, SSLHandshakeType message, +static SECStatus NoopExtensionHandler(PRFileDesc *fd, SSLHandshakeType message, const PRUint8 *data, unsigned int len, SSLAlertDescription *alert, void *arg) { return SECSuccess; |