MCPcopy
hub / github.com/XTLS/REALITY / clientHandshake

Method clientHandshake

handshake_client.go:259–386  ·  view source on GitHub ↗
(ctx context.Context)

Source from the content-addressed store, hash-verified

257}
258
259func (c *Conn) clientHandshake(ctx context.Context) (err error) {
260 if c.config == nil {
261 c.config = defaultConfig()
262 }
263
264 // This may be a renegotiation handshake, in which case some fields
265 // need to be reset.
266 c.didResume = false
267 c.curveID = 0
268
269 hello, keyShareKeys, ech, err := c.makeClientHello()
270 if err != nil {
271 return err
272 }
273 c.serverName = hello.serverName
274
275 session, earlySecret, binderKey, err := c.loadSession(hello)
276 if err != nil {
277 return err
278 }
279 if session != nil {
280 defer func() {
281 // If we got a handshake failure when resuming a session, throw away
282 // the session ticket. See RFC 5077, Section 3.2.
283 //
284 // RFC 8446 makes no mention of dropping tickets on failure, but it
285 // does require servers to abort on invalid binders, so we need to
286 // delete tickets to recover from a corrupted PSK.
287 if err != nil {
288 if cacheKey := c.clientSessionCacheKey(); cacheKey != "" {
289 c.config.ClientSessionCache.Put(cacheKey, nil)
290 }
291 }
292 }()
293 }
294
295 if ech != nil {
296 // Split hello into inner and outer
297 ech.innerHello = hello.clone()
298
299 // Overwrite the server name in the outer hello with the public facing
300 // name.
301 hello.serverName = string(ech.config.PublicName)
302 // Generate a new random for the outer hello.
303 hello.random = make([]byte, 32)
304 _, err = io.ReadFull(c.config.rand(), hello.random)
305 if err != nil {
306 return errors.New("tls: short read from Rand: " + err.Error())
307 }
308
309 // NOTE: we don't do PSK GREASE, in line with boringssl, it's meant to
310 // work around _possibly_ broken middleboxes, but there is little-to-no
311 // evidence that this is actually a problem.
312
313 if err := computeAndUpdateOuterECHExtension(hello, ech.innerHello, ech, true); err != nil {
314 return err
315 }
316 }

Callers 1

handleRenegotiationMethod · 0.95

Calls 15

makeClientHelloMethod · 0.95
loadSessionMethod · 0.95
clientSessionCacheKeyMethod · 0.95
writeHandshakeRecordMethod · 0.95
quicSetWriteSecretMethod · 0.95
readHandshakeMethod · 0.95
sendAlertMethod · 0.95
pickTLSVersionMethod · 0.95
handshakeMethod · 0.95
defaultConfigFunction · 0.85
cipherSuiteTLS13ByIDFunction · 0.85

Tested by

no test coverage detected