MCPcopy Index your code
hub / github.com/XTLS/REALITY / readServerParameters

Method readServerParameters

handshake_client_tls13.go:546–611  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

544}
545
546func (hs *clientHandshakeStateTLS13) readServerParameters() error {
547 c := hs.c
548
549 msg, err := c.readHandshake(hs.transcript)
550 if err != nil {
551 return err
552 }
553
554 encryptedExtensions, ok := msg.(*encryptedExtensionsMsg)
555 if !ok {
556 c.sendAlert(alertUnexpectedMessage)
557 return unexpectedMessageError(encryptedExtensions, msg)
558 }
559
560 if err := checkALPN(hs.hello.alpnProtocols, encryptedExtensions.alpnProtocol, c.quic != nil); err != nil {
561 // RFC 8446 specifies that no_application_protocol is sent by servers, but
562 // does not specify how clients handle the selection of an incompatible protocol.
563 // RFC 9001 Section 8.1 specifies that QUIC clients send no_application_protocol
564 // in this case. Always sending no_application_protocol seems reasonable.
565 c.sendAlert(alertNoApplicationProtocol)
566 return err
567 }
568 c.clientProtocol = encryptedExtensions.alpnProtocol
569
570 if c.quic != nil {
571 if encryptedExtensions.quicTransportParameters == nil {
572 // RFC 9001 Section 8.2.
573 c.sendAlert(alertMissingExtension)
574 return errors.New("tls: server did not send a quic_transport_parameters extension")
575 }
576 c.quicSetTransportParameters(encryptedExtensions.quicTransportParameters)
577 } else {
578 if encryptedExtensions.quicTransportParameters != nil {
579 c.sendAlert(alertUnsupportedExtension)
580 return errors.New("tls: server sent an unexpected quic_transport_parameters extension")
581 }
582 }
583
584 if !hs.hello.earlyData && encryptedExtensions.earlyData {
585 c.sendAlert(alertUnsupportedExtension)
586 return errors.New("tls: server sent an unexpected early_data extension")
587 }
588 if hs.hello.earlyData && !encryptedExtensions.earlyData {
589 c.quicRejectedEarlyData()
590 }
591 if encryptedExtensions.earlyData {
592 if hs.session.cipherSuite != c.cipherSuite {
593 c.sendAlert(alertHandshakeFailure)
594 return errors.New("tls: server accepted 0-RTT with the wrong cipher suite")
595 }
596 if hs.session.alpnProtocol != c.clientProtocol {
597 c.sendAlert(alertHandshakeFailure)
598 return errors.New("tls: server accepted 0-RTT with the wrong ALPN")
599 }
600 }
601 if hs.echContext != nil {
602 if hs.echContext.echRejected {
603 hs.echContext.retryConfigs = encryptedExtensions.echRetryConfigs

Callers 1

handshakeMethod · 0.95

Calls 6

unexpectedMessageErrorFunction · 0.85
checkALPNFunction · 0.85
readHandshakeMethod · 0.80
sendAlertMethod · 0.80
quicRejectedEarlyDataMethod · 0.80

Tested by

no test coverage detected