New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
0rtt garbage resumption #423
Conversation
7e58104
to
5b10e9d
Compare
73d15cd
to
cbf2e72
Compare
up till now, the only way to change the record version, was to pass it as a parameter to Connect() class, this extends the abilities to allow changing it in the middle of connection negotiation necessary for sending fake 0-RTT data
even if server does not support the 0-RTT negotiation, the client may have previously connected to a server that did support it and provided the client with a ticket that allowed it. This simulates a resumption from such past session with use of 0-RTT.
in TLS 1.3, the CCS does not change the encryption status of the record layer, so allow skipping that part
cbf2e72
to
85b58f0
Compare
scripts/test-tls13-0rtt-garbage.py
Outdated
node = node.add_child(ExpectServerHelloDone()) | ||
# section D.3 of draft 28 states that client that receives TLS 1.2 | ||
# ServerHello as a reply to 0-RTT Client Hello MUST fail a connection | ||
# consequently, it server does not need to be able to ignore early data |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typo: it server
node = node.add_child(ExpectServerHello(version=(3, 3))) | ||
node = node.add_child(ExpectCertificate()) | ||
node = node.add_child(ExpectServerHelloDone()) | ||
# section D.3 of draft 28 states that client that receives TLS 1.2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't this assume that TLS1.4 will not support 1-rtt? Maybe use a much larger version?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
when TLS 1.4 comes, the test cases will have to be updated, just like they had/have to be updated with TLS 1.3 introduction
the point is to test that if TLS 1.4 comes and includes 1-rtt, that the server will still handle TLS 1.4 clients correctly
85b58f0
to
5514813
Compare
@nmav typo fixed |
Thanks for review! |
Description
test if server is 0-RTT resumption tolerant, even if it does not support 0-RTT (section 4.2.10 of draft-28)
Motivation and Context
server can turn 0-rtt support at-will, but client will not know when server does it, so the server needs to be able to process 0-rtt handshake always
fixes #422
blocked on tlsfuzzer/tlslite-ng#290
Checklist
tlslite-ng.json
andtlslite-ng-random-subset.json
This change is