Send ECH acceptance signal from backend server.

This CL implements the backend server behavior described in Section 7.2 of draft-ietf-tls-esni-09. Bug: 275 Change-Id: I2e162673ce564db0cb75fc9b71ef11ed15037f4b Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/43924 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>
author: Dan McArdle <dmcardle@google.com> 2020-10-29 14:31:31 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> 2021-01-12 20:41:51 +0000
commit: c295935a9bf345acb597ffefb69f7e095c3eee72 (patch)
tree: 7c9b197e2c21aa5281df841d55f044f1a069e432 /ssl/handshake_server.cc
parent: 5d54832f1a35ea4f3c7da1e92c205bb4591341d1 (diff)
download: boringssl-c295935a9bf345acb597ffefb69f7e095c3eee72.zip
boringssl-c295935a9bf345acb597ffefb69f7e095c3eee72.tar.gz
boringssl-c295935a9bf345acb597ffefb69f7e095c3eee72.tar.bz2
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
index 22fa6a1..bc0a0d1 100644
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc
@@ -644,6 +644,12 @@ static enum ssl_hs_wait_t do_read_client_hello(SSL_HANDSHAKE *hs) {
     return ssl_hs_error;
   }
 
+  if (hs->ech_present && hs->ech_is_inner_present) {
+    OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
+    ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
+    return ssl_hs_error;
+  }
+
   hs->state = state12_select_certificate;
   return ssl_hs_ok;
 }
author	Dan McArdle <dmcardle@google.com>	2020-10-29 14:31:31 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	2021-01-12 20:41:51 +0000
commit	c295935a9bf345acb597ffefb69f7e095c3eee72 (patch)
tree	7c9b197e2c21aa5281df841d55f044f1a069e432 /ssl/handshake_server.cc
parent	5d54832f1a35ea4f3c7da1e92c205bb4591341d1 (diff)
download	boringssl-c295935a9bf345acb597ffefb69f7e095c3eee72.zip boringssl-c295935a9bf345acb597ffefb69f7e095c3eee72.tar.gz boringssl-c295935a9bf345acb597ffefb69f7e095c3eee72.tar.bz2