Echo session_id in HRR

[ctz]

On the server, we should've been echoing the session_id in HelloRetryRequest messages (we already did for ServerHellos).

On the client, there's a requirement that we detect this and fail the connection with an illegal_parameter alert.

fixes #1373

[codecov]

Codecov Report

Merging #1374 (5f9dcde) into main (304116b) will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##             main    #1374   +/-   ##
=======================================
  Coverage   96.35%   96.35%           
=======================================
  Files          62       62           
  Lines       14554    14581   +27     
=======================================
+ Hits        14023    14050   +27     
  Misses        531      531           

Files Changed	Coverage Δ
rustls/src/error.rs	97.33% <ø> (ø)
rustls/src/client/hs.rs	97.05% <100.00%> (+0.10%)	⬆️
rustls/src/server/tls13.rs	96.96% <100.00%> (+<0.01%)	⬆️
rustls/src/verify.rs	93.12% <100.00%> (+0.04%)	⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[djc]

I wonder if this is something I regressed in the 0.20 times...

[ctz]

I wonder if this is something I regressed in the 0.20 times...

It's not, but was a late addition in TLS1.3 (introduced in draft 22) so got overlooked.

[cpu]

It's not, but was a late addition in TLS1.3 (introduced in draft 22) so got overlooked.

Maybe that helps explain why BoGo doesn't have coverage for this too? 🤕

[davidben]

Maybe that helps explain why BoGo doesn't have coverage for this too? 🤕

No, just an oversight / didn't occur to us that someone might mess this up. (If you think about what a TLS-1.2-expecting middlebox might do, any workarounds naturally need to equally apply to ServerHello and HelloRetryRequest. When implementing the compat mode, you need to keep this in mind.)

I'll see about adding a test.