tls1.3: server returns early on handshake when no cert is provided by client

Under TLS1.3 the server knows the negotiated keys early, if no client certificate is sent. In that case, the server is not only able to transmit the session ticket immediately after its finished message, but is also able to transmit data, similarly to false start. Resolves #481 Resolves #457 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-07-19 15:52:26 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-08-03 09:18:17 +0200
commit: d47111032f5b20eed70093d988741da5d0e69952 (patch)
tree: db725ee0bf90d5d500a45c681bb07445574a8b86 /tests/Makefile.am
parent: 5b9c6c93c680fdfa63b2854741d446ff50002510 (diff)
download: gnutls-d47111032f5b20eed70093d988741da5d0e69952.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am
index c870ec3605..c9f62f16f0 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -127,6 +127,8 @@ ctests += tls13/no-psk-exts
 
 ctests += tls13/psk-dumbfw
 
+ctests += tls13-early-start
+
 ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniqueid tls-neg-ext-key \
 	 mpi certificate_set_x509_crl dn parse_ca x509-dn x509-dn-decode record-sizes \
 	 hostname-check cve-2008-4989 pkcs12_s2k chainverify record-sizes-range \
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-07-19 15:52:26 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-08-03 09:18:17 +0200
commit	d47111032f5b20eed70093d988741da5d0e69952 (patch)
tree	db725ee0bf90d5d500a45c681bb07445574a8b86 /tests/Makefile.am
parent	5b9c6c93c680fdfa63b2854741d446ff50002510 (diff)
download	gnutls-d47111032f5b20eed70093d988741da5d0e69952.tar.gz