diff --git a/src/internal.c b/src/internal.c index 9122c43d2..504c79fff 100644 --- a/src/internal.c +++ b/src/internal.c @@ -28401,6 +28401,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return VERSION_ERROR; } else if (ssl->version.minor > it.pv.minor) { + if (IsAtLeastTLSv1_3(it.pv) != IsAtLeastTLSv1_3(ssl->version)) { + ForceZero(&it, sizeof(it)); + WOLFSSL_MSG("Tickets cannot be shared between " + "TLS 1.3 and TLS 1.2 and lower"); + return VERSION_ERROR; + } + if (!ssl->options.downgrade) { ForceZero(&it, sizeof(it)); WOLFSSL_MSG("Ticket has lesser version"); diff --git a/src/tls.c b/src/tls.c index 1afa10b51..811d280bc 100644 --- a/src/tls.c +++ b/src/tls.c @@ -5030,12 +5030,19 @@ static int TLSX_SessionTicket_Parse(WOLFSSL* ssl, byte* input, word16 length, return 0; } - if (length == 0) { + if (length > SESSION_TICKET_LEN) { + ret = BAD_TICKET_MSG_SZ; + } else if (IsAtLeastTLSv1_3(ssl->version)) { + WOLFSSL_MSG("Process client ticket rejected, TLS 1.3 no support"); + ssl->options.rejectTicket = 1; + ret = 0; /* not fatal */ + } else if (length == 0) { /* blank ticket */ ret = TLSX_UseSessionTicket(&ssl->extensions, NULL, ssl->heap); if (ret == WOLFSSL_SUCCESS) { ret = 0; - TLSX_SetResponse(ssl, TLSX_SESSION_TICKET); /* send blank ticket */ + /* send blank ticket */ + TLSX_SetResponse(ssl, TLSX_SESSION_TICKET); ssl->options.createTicket = 1; /* will send ticket msg */ ssl->options.useTicket = 1; ssl->options.resuming = 0; /* no standard resumption */ @@ -5063,6 +5070,10 @@ static int TLSX_SessionTicket_Parse(WOLFSSL* ssl, byte* input, word16 length, WOLFSSL_MSG("Process client ticket rejected, not using"); ssl->options.rejectTicket = 1; ret = 0; /* not fatal */ + } else if (ret == VERSION_ERROR) { + WOLFSSL_MSG("Process client ticket rejected, bad TLS version"); + ssl->options.rejectTicket = 1; + ret = 0; /* not fatal */ } else if (ret == WOLFSSL_TICKET_RET_FATAL || ret < 0) { WOLFSSL_MSG("Process client ticket fatal error, not using"); }