-
Notifications
You must be signed in to change notification settings - Fork 87
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stateless handshaker #430
Stateless handshaker #430
Conversation
It's ok to simplify the API even more, but here it seems you remove too much. If the server does not call |
You are right. I forgot the pending action. Could you suggest how to stop |
I think the cleanest solution would be not to kill the thread but inject locally Maybe the same can be done on the client side after HandshakeDone. |
@ocheron The situation is much simpler than I expected. The pending actions are used only for 0RTT. That's why 0RTT test passed in my QUIC test cases. The server processes Client Finished and returns NewSessionTicket in To behave the same for the second 0RTT connection, we can use the same logic. See 9e4ff97. |
I would prefer to wait more to be sure this is stable and you have all you need.
|
Good point. I noticed that
I don't understand this. |
Instead of |
Thanks. I understand. But I'm planning to pass |
9e4ff97
to
3727b12
Compare
Avoids retaining a second context.
There is no EncryptedExtensions message but they can be sent in ServerHello directly.
To show that it applies only to the Hello sequence and not other extensions like certificate requests, session tickets, etc.
I agree there's a need to use the TLS context to query the handshake status. It's even possible to use the context to find handshake mode and ALPN instead of adding this information to I continued this approach here:
Changes:
You can include some of this if you find it useful. |
Nice idea. I did not notice this.
Thank you for this improvement! |
Are we ready for merging? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, no need to wait any longer.
I merge with one more commit disabling PostHandshakeAuth extension in QUIC mode.
The client doesn't need to send it because it's not legal for the server to use PHA.
@ocheron I wrote a blog: https://kazu-yamamoto.hatenablog.jp/entry/2020/09/16/150801 |
The old implementation of QUIC early data is just specifying wire data (
ByteString
) to the configuration. This is good for HTTP/1.1 whose protocol is based on text. But for HTTP/3, it's hard to generate early data in advance since multiple threads generate frames.The current implementation of QUIC early data is just specifying
Bool
(use0RTT) to the configuration. IfTrue
, the client controller MUST return after sending Client Hello so that QUIC applications can send streams and internal code encrypted them with client early secret.If
False
, the client controller MUST return after sending Client Finished. Unfortunately, the old two-phase approach cannot implements this two modes.This PR removes the controls and the exported states. The handshakers purely synchronize with QUIC threands through callbacks. The result of interoperability tests is very good.