Bug 1487597 - Improve 0-RTT data delivery, r=ekr

Summary:
This improves the code that delivers 0-RTT.  When the caller provided a read
buffer to small to hold an entire record, the previous code reported errors.
Those errors might cause the connection to be dropped by the caller, but the
socket was still usable.  If the socket was used again, there would be a gap in
the stream.

This fixes that bug and adds a bunch of tests around 0-RTT delivery.  More tests
check the order of operations.

For instance, in TLS, we strictly maintain ordering between 0-RTT data delivery
and handshake completion.  That is not the case for DTLS, where this allows
0-RTT records that arrive before the handshake completes to be read afterwards.
We do drop keys as soon as we see EndOfEarlyData (this is going away for DTLS,
so I assume Certificate/Finished will be the trigger eventually).  The tests
added here confirm that late arrival causes 0-RTT to be dropped.  Another test
confirms that any early arrival that is only read late will be delivered.

Reviewers: ekr

Subscribers: mt, ekr

Tags: #secure-revision, PHID-PROJ-ffhf7tdvqze7zrdn6dh3

Bug #: 1487597

Differential Revision: https://phabricator.services.mozilla.com/D4736

0 files changed, 0 insertions, 0 deletions