MCPcopy
hub / github.com/XTLS/REALITY / makeClientHello

Method makeClientHello

handshake_client.go:46–245  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

44var testingOnlyForceClientHelloSignatureAlgorithms []SignatureScheme
45
46func (c *Conn) makeClientHello() (*clientHelloMsg, *keySharePrivateKeys, *echClientContext, error) {
47 config := c.config
48 if len(config.ServerName) == 0 && !config.InsecureSkipVerify {
49 return nil, nil, nil, errors.New("tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config")
50 }
51
52 nextProtosLength := 0
53 for _, proto := range config.NextProtos {
54 if l := len(proto); l == 0 || l > 255 {
55 return nil, nil, nil, errors.New("tls: invalid NextProtos value")
56 } else {
57 nextProtosLength += 1 + l
58 }
59 }
60 if nextProtosLength > 0xffff {
61 return nil, nil, nil, errors.New("tls: NextProtos values too large")
62 }
63
64 supportedVersions := config.supportedVersions(roleClient)
65 if len(supportedVersions) == 0 {
66 return nil, nil, nil, errors.New("tls: no supported versions satisfy MinVersion and MaxVersion")
67 }
68
69 // Since supportedVersions is sorted in descending order, the first element
70 // is the maximum version and the last element is the minimum version.
71 maxVersion := supportedVersions[0]
72 minVersion := supportedVersions[len(supportedVersions)-1]
73
74 hello := &clientHelloMsg{
75 vers: maxVersion,
76 compressionMethods: []uint8{compressionNone},
77 random: make([]byte, 32),
78 extendedMasterSecret: true,
79 ocspStapling: true,
80 scts: true,
81 serverName: hostnameInSNI(config.ServerName),
82 supportedCurves: config.curvePreferences(maxVersion),
83 supportedPoints: []uint8{pointFormatUncompressed},
84 secureRenegotiationSupported: true,
85 alpnProtocols: config.NextProtos,
86 supportedVersions: supportedVersions,
87 }
88
89 // The version at the beginning of the ClientHello was capped at TLS 1.2
90 // for compatibility reasons. The supported_versions extension is used
91 // to negotiate versions now. See RFC 8446, Section 4.2.1.
92 if hello.vers > VersionTLS12 {
93 hello.vers = VersionTLS12
94 }
95
96 if c.handshakes > 0 {
97 hello.secureRenegotiation = c.clientFinished[:]
98 }
99
100 hello.cipherSuites = config.cipherSuites(hasAESGCMHardwareSupport)
101 // Don't advertise TLS 1.2-only cipher suites unless we're attempting TLS 1.2.
102 if maxVersion < VersionTLS12 {
103 hello.cipherSuites = slices.DeleteFunc(hello.cipherSuites, func(id uint16) bool {

Callers 1

clientHandshakeMethod · 0.95

Calls 15

RequiredFunction · 0.92
ParseHPKEPublicKeyFunction · 0.92
SetupSenderFunction · 0.92
hostnameInSNIFunction · 0.85
cipherSuiteByIDFunction · 0.85
generateECDHEKeyFunction · 0.85
curveForCurveIDFunction · 0.85
parseECHConfigListFunction · 0.85
pickECHConfigFunction · 0.85

Tested by

no test coverage detected