handlePostHandshakeMessage processes a handshake message arrived after the handshake is complete. Up to TLS 1.2, it indicates the start of a renegotiation.
()
| 1370 | // handlePostHandshakeMessage processes a handshake message arrived after the |
| 1371 | // handshake is complete. Up to TLS 1.2, it indicates the start of a renegotiation. |
| 1372 | func (c *Conn) handlePostHandshakeMessage() error { |
| 1373 | if c.vers != VersionTLS13 { |
| 1374 | return c.handleRenegotiation() |
| 1375 | } |
| 1376 | |
| 1377 | msg, err := c.readHandshake(nil) |
| 1378 | if err != nil { |
| 1379 | return err |
| 1380 | } |
| 1381 | c.retryCount++ |
| 1382 | if c.retryCount > c.MaxUselessRecords { |
| 1383 | c.sendAlert(alertUnexpectedMessage) |
| 1384 | return c.in.setErrorLocked(errors.New("tls: too many non-advancing records")) |
| 1385 | } |
| 1386 | |
| 1387 | switch msg := msg.(type) { |
| 1388 | case *newSessionTicketMsgTLS13: |
| 1389 | return c.handleNewSessionTicket(msg) |
| 1390 | case *keyUpdateMsg: |
| 1391 | return c.handleKeyUpdate(msg) |
| 1392 | } |
| 1393 | // The QUIC layer is supposed to treat an unexpected post-handshake CertificateRequest |
| 1394 | // as a QUIC-level PROTOCOL_VIOLATION error (RFC 9001, Section 4.4). Returning an |
| 1395 | // unexpected_message alert here doesn't provide it with enough information to distinguish |
| 1396 | // this condition from other unexpected messages. This is probably fine. |
| 1397 | c.sendAlert(alertUnexpectedMessage) |
| 1398 | return fmt.Errorf("tls: received unexpected handshake message of type %T", msg) |
| 1399 | } |
| 1400 | |
| 1401 | func (c *Conn) handleKeyUpdate(keyUpdate *keyUpdateMsg) error { |
| 1402 | if c.quic != nil { |
no test coverage detected