feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Only send session ID in resumed ClientHello from SendTls13ClientHello() if ssl->options.resuming

Browse Source
This commit is contained in:
Chris Conlon
2023-04-10 15:43:31 -06:00
parent 6b862a1440
commit 18e0c28487
1 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/tls13.c
View File

@@ -4084,7 +4084,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
ssl->options.tls13MiddleBoxCompat = 1; ssl->options.tls13MiddleBoxCompat = 1;
} }
#else #else
if (ssl->session->sessionIDSz > 0) if (ssl->options.resuming && ssl->session->sessionIDSz > 0)
args->length += ssl->session->sessionIDSz; args->length += ssl->session->sessionIDSz;
#endif #endif
@@ -4229,11 +4229,17 @@ int SendTls13ClientHello(WOLFSSL* ssl)
if (ssl->session->sessionIDSz > 0) { if (ssl->session->sessionIDSz > 0) {
/* Session resumption for old versions of protocol. */ /* Session resumption for old versions of protocol. */
if (ssl->options.resuming) {
args->output[args->idx++] = ID_LEN; args->output[args->idx++] = ID_LEN;
XMEMCPY(args->output + args->idx, ssl->session->sessionID, XMEMCPY(args->output + args->idx, ssl->session->sessionID,
ssl->session->sessionIDSz); ssl->session->sessionIDSz);
args->idx += ID_LEN; args->idx += ID_LEN;
} }
else {
/* Not resuming, zero length session ID */
args->output[args->idx++] = 0;
}
}
else { else {
#ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
if (ssl->options.tls13MiddleBoxCompat) { if (ssl->options.tls13MiddleBoxCompat) {