tttls1.3 0.2.3 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9b99157535ca4f2b06f4fc6d374116fbc6e496a7807184c56b31be11852d6e5f
-  data.tar.gz: 33ff8b94d80529bcabd7c4b3d8fe5ea9ee6513d1d90f4efe307f4edf7bbfb1ac
+  metadata.gz: 26abf6610ea39c5b35e874bab7e1226afee77c3209dd2ddde497d731bb6fc64b
+  data.tar.gz: 13a8a522e126dc29993f6bfef96a59556f043910541decf7224c15db84cfb28d
 SHA512:
-  metadata.gz: 29f4cd4e505e33ef0b6f03265a3ecdc8e988a32a965a9079b8c92ee57e50a6ad7e7864fb24d07a14b0ec956fce6ce1c85d9d8072e908e202393c1bd73ad54c1f
-  data.tar.gz: c5ed00504bbdb7ee0b051a3534ab2c51bbfdbadbd703ca761fb06367b85798217b04ba7b7d1a8003aeff756d3e9b8e7b6f7c375872250de4139e7400760608d4
+  metadata.gz: 879a7c9be73deec93e4eff0ee0a0339c2464ad6c4139d5c8da4ad8da06cf8fcdf9bbd6ecef6baeda2f35483d88c91b61deaed17e7ca7a2d25cc105f339d242ce
+  data.tar.gz: 44ad60dff635a9ac7a980605ab736f52b67b94d806fa186e86ff022ff82bc712abf9ce215714052787188b35617e1f527534115d6fbb2cc880d5b32dce9df591

data/example/https_client.rb

@@ -7,7 +7,10 @@ hostname, port = (ARGV[0] || 'localhost:4433').split(':')
 req = simple_http_request(hostname)
 
 socket = TCPSocket.new(hostname, port)
-settings = { ca_file: __dir__ + '/../tmp/ca.crt' }
+settings = {
+  ca_file: __dir__ + '/../tmp/ca.crt',
+  alpn: ['http/1.1', 'http/1.0']
+}
 client = TTTLS13::Client.new(socket, hostname, settings)
 client.connect
 client.write(req)

data/example/https_client_using_0rtt.rb

@@ -7,7 +7,8 @@ hostname, port = (ARGV[0] || 'localhost:4433').split(':')
 req = simple_http_request(hostname)
 
 settings_2nd = {
-  ca_file: __dir__ + '/../tmp/ca.crt'
+  ca_file: __dir__ + '/../tmp/ca.crt',
+  alpn: ['http/1.1', 'http/1.0']
 }
 process_new_session_ticket = proc do |nst, rms, cs|
   return if Time.now.to_i - nst.timestamp > nst.ticket_lifetime
@@ -21,6 +22,7 @@ process_new_session_ticket = proc do |nst, rms, cs|
 end
 settings_1st = {
   ca_file: __dir__ + '/../tmp/ca.crt',
+  alpn: ['http/1.1', 'http/1.0'],
   process_new_session_ticket: process_new_session_ticket
 }
 

data/example/https_client_using_hrr.rb

@@ -9,7 +9,8 @@ req = simple_http_request(hostname)
 socket = TCPSocket.new(hostname, port)
 settings = {
   ca_file: __dir__ + '/../tmp/ca.crt',
-  key_share_groups: [] # empty KeyShareClientHello.client_shares
+  key_share_groups: [], # empty KeyShareClientHello.client_shares
+  alpn: ['http/1.1', 'http/1.0']
 }
 client = TTTLS13::Client.new(socket, hostname, settings)
 client.connect

data/example/https_client_using_hrr_and_ticket.rb

@@ -7,7 +7,8 @@ hostname, port = (ARGV[0] || 'localhost:4433').split(':')
 req = simple_http_request(hostname)
 
 settings_2nd = {
-  ca_file: __dir__ + '/../tmp/ca.crt'
+  ca_file: __dir__ + '/../tmp/ca.crt',
+  alpn: ['http/1.1', 'http/1.0']
 }
 process_new_session_ticket = proc do |nst, rms, cs|
   return if Time.now.to_i - nst.timestamp > nst.ticket_lifetime
@@ -22,6 +23,7 @@ process_new_session_ticket = proc do |nst, rms, cs|
 end
 settings_1st = {
   ca_file: __dir__ + '/../tmp/ca.crt',
+  alpn: ['http/1.1', 'http/1.0'],
   process_new_session_ticket: process_new_session_ticket
 }
 

data/example/https_client_using_ticket.rb

@@ -7,7 +7,8 @@ hostname, port = (ARGV[0] || 'localhost:4433').split(':')
 req = simple_http_request(hostname)
 
 settings_2nd = {
-  ca_file: __dir__ + '/../tmp/ca.crt'
+  ca_file: __dir__ + '/../tmp/ca.crt',
+  alpn: ['http/1.1', 'http/1.0']
 }
 process_new_session_ticket = proc do |nst, rms, cs|
   return if Time.now.to_i - nst.timestamp > nst.ticket_lifetime
@@ -21,6 +22,7 @@ process_new_session_ticket = proc do |nst, rms, cs|
 end
 settings_1st = {
   ca_file: __dir__ + '/../tmp/ca.crt',
+  alpn: ['http/1.1', 'http/1.0'],
   process_new_session_ticket: process_new_session_ticket
 }
 

data/example/https_server.rb

@@ -6,8 +6,11 @@ require_relative 'helper'
 port = ARGV[0] || 4433
 
 tcpserver = TCPServer.open(port)
-settings = { crt_file: __dir__ + '/../tmp/server.crt',
-             key_file: __dir__ + '/../tmp/server.key' }
+settings = {
+  crt_file: __dir__ + '/../tmp/server.crt',
+  key_file: __dir__ + '/../tmp/server.key',
+  alpn: ['http/1.1', 'http/1.0']
+}
 
 # rubocop: disable Metrics/BlockLength
 loop do

data/interop/server_spec.rb

@@ -149,14 +149,21 @@ RSpec.describe Server do
       '-groups P-256:P-384:P-521 -alpn http/1.1',
       FIXTURES_DIR + '/rsa_rsa.crt',
       FIXTURES_DIR + '/rsa_rsa.key',
-      alpn: 'http/1.1'
+      alpn: ['http/1.1']
+    ],
+    [
+      true,
+      '-groups P-256:P-384:P-521',
+      FIXTURES_DIR + '/rsa_rsa.crt',
+      FIXTURES_DIR + '/rsa_rsa.key',
+      alpn: ['http/1.1']
     ],
     [
       false,
       '-groups P-256:P-384:P-521 -alpn foo',
       FIXTURES_DIR + '/rsa_rsa.crt',
       FIXTURES_DIR + '/rsa_rsa.key',
-      alpn: 'http/1.1'
+      alpn: ['http/1.1']
     ]
     # rubocop: enable Metrics/LineLength
   ].each do |normal, opt, crt, key, settings|

data/lib/tttls1.3/client.rb

@@ -402,11 +402,6 @@ module TTTLS13
       @succeed_early_data
     end
 
-    # @return [String]
-    def negotiated_alpn
-      @alpn
-    end
-
     private
 
     # @return [Boolean]

data/lib/tttls1.3/connection.rb

@@ -23,6 +23,7 @@ module TTTLS13
       @signature_scheme = nil # TTTLS13::SignatureScheme
       @state = 0 # ClientState or ServerState
       @send_record_size = Message::DEFAULT_RECORD_SIZE_LIMIT
+      @alpn = nil # String
     end
 
     # @raise [TTTLS13::Error::ConfigError]
@@ -95,6 +96,11 @@ module TTTLS13
       @signature_scheme
     end
 
+    # @return [String]
+    def negotiated_alpn
+      @alpn
+    end
+
     private
 
     # @param cipher_suite [TTTLS13::CipherSuite]

data/lib/tttls1.3/server.rb

@@ -153,11 +153,12 @@ module TTTLS13
           terminate(:unrecognized_name) unless recognized_server_name?(ch, @crt)
 
           # alpn
-          if !@settings[:alpn].nil? && !@settings[:alpn].empty?
-            pnl = ch.extensions[
-              Message::ExtensionType::APPLICATION_LAYER_PROTOCOL_NEGOTIATION
-            ]&.protocol_name_list || []
-            @alpn = pnl.find { |p| @settings[:alpn].include?(p) }
+          ch_alpn = ch.extensions[
+            Message::ExtensionType::APPLICATION_LAYER_PROTOCOL_NEGOTIATION
+          ]
+          if !@settings[:alpn].nil? && !@settings[:alpn].empty? && !ch_alpn.nil?
+            @alpn = ch_alpn.protocol_name_list
+                           .find { |p| @settings[:alpn].include?(p) }
 
             terminate(:no_application_protocol) if @alpn.nil?
           end

data/lib/tttls1.3/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TTTLS13
-  VERSION = '0.2.3'
+  VERSION = '0.2.4'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tttls1.3
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.2.4
 platform: ruby
 authors:
 - thekuwayama
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-06-11 00:00:00.000000000 Z
+date: 2019-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -191,7 +191,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.1
 signing_key: 
 specification_version: 4
 summary: TLS 1.3 implementation in Ruby