Skip to content

Commit

Permalink
Fixes session ticket / PSK not set (refraction-networking#302)
Browse files Browse the repository at this point in the history
* Add setters for SessionState fields createdAt, UseBy, and AgeAdd

* chore: remove accidental comments from code

* fix: incorrect clientHelloBuildStatus after BuildHandshakeStateWithoutSession

Reviewed-by: Gaukas Wang <[email protected]>

* chore: add empty lines between functions

Signed-off-by: Gaukas Wang <[email protected]>

---------

Signed-off-by: Gaukas Wang <[email protected]>
Co-authored-by: Gaukas Wang <[email protected]>
  • Loading branch information
adotkhan and gaukas authored Jul 16, 2024
1 parent 9cf9f66 commit 7b5248d
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 4 deletions.
2 changes: 1 addition & 1 deletion u_conn.go
Original file line number Diff line number Diff line change
Expand Up @@ -154,9 +154,9 @@ func (uconn *UConn) buildHandshakeState(loadSession bool) error {
if loadSession {
uconn.uApplyPatch()
uconn.sessionController.finalCheck()
uconn.clientHelloBuildStatus = BuildByUtls
}

uconn.clientHelloBuildStatus = BuildByUtls
}
return nil
}
Expand Down
30 changes: 27 additions & 3 deletions u_public.go
Original file line number Diff line number Diff line change
Expand Up @@ -617,9 +617,6 @@ func (PSS PskIdentities) ToPrivate() []pskIdentity {

// ClientSessionState is public, but all its fields are private. Let's add setters, getters and constructor

// TODO! can we change this enought (or export SessionState),
// such that we wouldn't need to fork crypto/tls?

// ClientSessionState contains the state needed by clients to resume TLS sessions.
func MakeClientSessionState(
SessionTicket []uint8,
Expand Down Expand Up @@ -679,43 +676,70 @@ func (css *ClientSessionState) VerifiedChains() [][]*x509.Certificate {
func (css *ClientSessionState) SetSessionTicket(SessionTicket []uint8) {
css.ticket = SessionTicket
}

func (css *ClientSessionState) SetVers(Vers uint16) {
if css.session == nil {
css.session = &SessionState{}
}
css.session.version = Vers
}

func (css *ClientSessionState) SetCipherSuite(CipherSuite uint16) {
if css.session == nil {
css.session = &SessionState{}
}
css.session.cipherSuite = CipherSuite
}

func (css *ClientSessionState) SetCreatedAt(createdAt uint64) {
if css.session == nil {
css.session = &SessionState{}
}
css.session.createdAt = createdAt
}

func (css *ClientSessionState) SetMasterSecret(MasterSecret []byte) {
if css.session == nil {
css.session = &SessionState{}
}
css.session.secret = MasterSecret
}

func (css *ClientSessionState) SetEMS(ems bool) {
if css.session == nil {
css.session = &SessionState{}
}
css.session.extMasterSecret = ems
}

func (css *ClientSessionState) SetServerCertificates(ServerCertificates []*x509.Certificate) {
if css.session == nil {
css.session = &SessionState{}
}
css.session.peerCertificates = ServerCertificates
}

func (css *ClientSessionState) SetVerifiedChains(VerifiedChains [][]*x509.Certificate) {
if css.session == nil {
css.session = &SessionState{}
}
css.session.verifiedChains = VerifiedChains
}

func (css *ClientSessionState) SetUseBy(useBy uint64) {
if css.session == nil {
css.session = &SessionState{}
}
css.session.useBy = useBy
}

func (css *ClientSessionState) SetAgeAdd(ageAdd uint32) {
if css.session == nil {
css.session = &SessionState{}
}
css.session.ageAdd = ageAdd
}

// TicketKey is the internal representation of a session ticket key.
type TicketKey struct {
AesKey [16]byte
Expand Down

0 comments on commit 7b5248d

Please sign in to comment.