Merge e91cae7 into bdaf35b

rustls · Apr 10, 2020 · d04463e · d04463e
2 parents bdaf35b + e91cae7
commit d04463e
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 1 deletion.
diff --git a/rustls/src/client/hs.rs b/rustls/src/client/hs.rs
@@ -8,6 +8,7 @@ use crate::msgs::handshake::{ClientExtension, HasServerExtensions};
 use crate::msgs::handshake::{ECPointFormatList, SupportedPointFormats};
 use crate::msgs::handshake::{ProtocolNameList, ConvertProtocolNameList};
 use crate::msgs::handshake::HelloRetryRequest;
+use crate::msgs::handshake::GreaseExt;
 use crate::msgs::handshake::{CertificateStatusRequest, SCTList};
 use crate::msgs::enums::{PSKKeyExchangeMode, ECPointFormat};
 use crate::msgs::codec::{Codec, Reader};
@@ -234,6 +235,7 @@ fn emit_client_hello_for_retry(sess: &mut ClientSessionImpl,
     exts.push(ClientExtension::SignatureAlgorithms(verify::supported_verify_schemes().to_vec()));
     exts.push(ClientExtension::ExtendedMasterSecretRequest);
     exts.push(ClientExtension::CertificateStatusRequest(CertificateStatusRequest::build_ocsp()));
+    exts.push(ClientExtension::Grease(GreaseExt::new()));
 
     if sess.config.ct_logs.is_some() {
         exts.push(ClientExtension::SignedCertificateTimestampRequest);

diff --git a/rustls/src/msgs/enums.rs b/rustls/src/msgs/enums.rs
@@ -235,7 +235,8 @@ enum_builder! {
         NextProtocolNegotiation => 0x3374,
         ChannelId => 0x754f,
         RenegotiationInfo => 0xff01,
-        TransportParameters => 0xffa5
+        TransportParameters => 0xffa5,
+        Grease => 0x9a9a
     }
 }
 

diff --git a/rustls/src/msgs/handshake.rs b/rustls/src/msgs/handshake.rs
@@ -8,6 +8,7 @@ use crate::msgs::enums::PSKKeyExchangeMode;
 use crate::msgs::base::{Payload, PayloadU8, PayloadU16, PayloadU24};
 use crate::msgs::codec;
 use crate::msgs::codec::{Codec, Reader};
+use crate::rand;
 use crate::key;
 
 #[cfg(feature = "logging")]
@@ -575,9 +576,35 @@ pub enum ClientExtension {
     SignedCertificateTimestampRequest,
     TransportParameters(Vec<u8>),
     EarlyData,
+    Grease(GreaseExt),
     Unknown(UnknownExtension),
 }
 
+#[derive(Clone, Debug)]
+pub struct GreaseExt {
+    inner: [u8; 4],
+}
+
+impl GreaseExt {
+    pub fn new() -> Self {
+        let mut arr = [0u8; 4];
+        rand::fill_random(&mut arr);
+        GreaseExt {
+            inner: arr,
+        }
+    }
+}
+
+impl Codec for GreaseExt {
+    fn encode(&self, bytes: &mut Vec<u8>) {
+        bytes.extend_from_slice(&self.inner);
+    }
+
+    fn read(r: &mut Reader) -> Option<Self> {
+        None
+    }
+}
+
 impl ClientExtension {
     pub fn get_type(&self) -> ExtensionType {
         match *self {
@@ -598,6 +625,7 @@ impl ClientExtension {
             ClientExtension::SignedCertificateTimestampRequest => ExtensionType::SCT,
             ClientExtension::TransportParameters(_) => ExtensionType::TransportParameters,
             ClientExtension::EarlyData => ExtensionType::EarlyData,
+            ClientExtension::Grease(_) => ExtensionType::Grease,
             ClientExtension::Unknown(ref r) => r.typ,
         }
     }
@@ -626,6 +654,7 @@ impl Codec for ClientExtension {
             ClientExtension::Cookie(ref r) => r.encode(&mut sub),
             ClientExtension::CertificateStatusRequest(ref r) => r.encode(&mut sub),
             ClientExtension::TransportParameters(ref r) => sub.extend_from_slice(r),
+            ClientExtension::Grease(ref r) => r.encode(&mut sub),
             ClientExtension::Unknown(ref r) => r.encode(&mut sub),
         }