feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4509 from dgarske/fix_sesstick

Browse Source 
Fix for session ticket handling with error cases
This commit is contained in:
Sean Parkinson
2021-10-28 08:07:10 +10:00
committed by GitHub
parent f14bd41733 a08b2db692
commit 34095dfd38
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/sniffer.c
View File

@@ -3621,7 +3621,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
inputHelloSz - bindersLen + HANDSHAKE_HEADER_SZ);
/* call to decrypt session ticket */
if (DoClientTicket(ssl, identity, idLen) != 0) {
if (DoClientTicket(ssl, identity, idLen) != WOLFSSL_TICKET_RET_OK) {
/* we aren't decrypting the resumption, since we know the master secret */
/* ignore errors */
}

10
src/tls13.c
View File

@@ -4138,12 +4138,12 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
RefineSuites(ssl, clSuites);
#ifndef WOLFSSL_PSK_ONE_ID
if (!usingPSK)
if (usingPSK == NULL)
return BAD_FUNC_ARG;
if (!ssl->options.useClientOrder) {
/* Server order - server list has only common suites from refining. */
for (i = 0; !*usingPSK && i < ssl->suites->suiteSz; i += 2) {
for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK,
&first);
if (ret != 0) {
@@ -4153,8 +4153,8 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
}
else {
/* Client order */
for (j = 0; !*usingPSK && j < clSuites->suiteSz; j += 2) {
for (i = 0; !*usingPSK && i < ssl->suites->suiteSz; i += 2) {
for (j = 0; !(*usingPSK) && j < clSuites->suiteSz; j += 2) {
for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK,
&first);
if (ret != 0)
@@ -4173,7 +4173,7 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
if (ret != 0)
return ret;
if (usingPSK) {
if (*usingPSK != 0) {
word16 modes;
#ifdef WOLFSSL_EARLY_DATA
TLSX* extEarlyData;