MCPcopy
hub / github.com/XTLS/REALITY / checkForResumption

Method checkForResumption

handshake_server.go:442–543  ·  view source on GitHub ↗

checkForResumption reports whether we should perform resumption on this connection.

()

Source from the content-addressed store, hash-verified

440
441// checkForResumption reports whether we should perform resumption on this connection.
442func (hs *serverHandshakeState) checkForResumption() error {
443 c := hs.c
444
445 if c.config.SessionTicketsDisabled {
446 return nil
447 }
448
449 var sessionState *SessionState
450 if c.config.UnwrapSession != nil {
451 ss, err := c.config.UnwrapSession(hs.clientHello.sessionTicket, c.connectionStateLocked())
452 if err != nil {
453 return err
454 }
455 if ss == nil {
456 return nil
457 }
458 sessionState = ss
459 } else {
460 plaintext := c.config.decryptTicket(hs.clientHello.sessionTicket, c.ticketKeys)
461 if plaintext == nil {
462 return nil
463 }
464 ss, err := ParseSessionState(plaintext)
465 if err != nil {
466 return nil
467 }
468 sessionState = ss
469 }
470
471 // TLS 1.2 tickets don't natively have a lifetime, but we want to avoid
472 // re-wrapping the same master secret in different tickets over and over for
473 // too long, weakening forward secrecy.
474 createdAt := time.Unix(int64(sessionState.createdAt), 0)
475 if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
476 return nil
477 }
478
479 // Never resume a session for a different TLS version.
480 if c.vers != sessionState.version {
481 return nil
482 }
483
484 cipherSuiteOk := false
485 // Check that the client is still offering the ciphersuite in the session.
486 for _, id := range hs.clientHello.cipherSuites {
487 if id == sessionState.cipherSuite {
488 cipherSuiteOk = true
489 break
490 }
491 }
492 if !cipherSuiteOk {
493 return nil
494 }
495
496 // Check that we also support the ciphersuite from the session.
497 suite := selectCipherSuite([]uint16{sessionState.cipherSuite},
498 c.config.supportedCipherSuites(), hs.cipherSuiteOk)
499 if suite == nil {

Callers 1

handshakeMethod · 0.95

Calls 8

RequiredFunction · 0.92
ParseSessionStateFunction · 0.85
selectCipherSuiteFunction · 0.85
requiresClientCertFunction · 0.85
connectionStateLockedMethod · 0.80
decryptTicketMethod · 0.80
timeMethod · 0.80
supportedCipherSuitesMethod · 0.80

Tested by

no test coverage detected