Merge pull request #479 from toddouska/idlen

allow bogus client sessoinID of non 32 bytes with session ticket

src/internal.c

@@ -15646,10 +15646,14 @@ int DoSessionTicket(WOLFSSL* ssl,
 #ifdef HAVE_TLS_EXTENSIONS
         length += TLSX_GetResponseSize(ssl);
     #ifdef HAVE_SESSION_TICKET
-        if (ssl->options.useTicket && ssl->arrays->sessionIDSz == 0) {
+        if (ssl->options.useTicket) {
-            /* no session id */
+            /* echo session id sz can be 0,32 or bogus len inbetween */
-            length  -= ID_LEN;
+            sessIdSz = ssl->arrays->sessionIDSz;
-            sessIdSz = 0;
+            if (sessIdSz > ID_LEN) {
+                WOLFSSL_MSG("Bad bogus session id len");
+                return BUFFER_ERROR;
+            }
+            length -= (ID_LEN - sessIdSz);  /* adjust ID_LEN assumption */
         }
     #endif /* HAVE_SESSION_TICKET */
 #endif
@@ -17307,6 +17311,7 @@ int DoSessionTicket(WOLFSSL* ssl,
                              word32 helloSz)
     {
         byte            b;
+        byte            bogusID = 0;   /* flag for a bogus session id */
         ProtocolVersion pv;
         Suites          clSuites;
         word32          i = *inOutIdx;
@@ -17429,19 +17434,26 @@ int DoSessionTicket(WOLFSSL* ssl,
         /* session id */
         b = input[i++];
 
-        if (b == ID_LEN) {
+#ifdef HAVE_SESSION_TICKET
-            if ((i - begin) + ID_LEN > helloSz)
+        if (b > 0 && b < ID_LEN) {
+            bogusID = 1;
+            WOLFSSL_MSG("Client sent bogus session id, let's allow for echo");
+        }
+#endif
+
+        if (b == ID_LEN || bogusID) {
+            if ((i - begin) + b > helloSz)
                 return BUFFER_ERROR;
 
-            XMEMCPY(ssl->arrays->sessionID, input + i, ID_LEN);
+            XMEMCPY(ssl->arrays->sessionID, input + i, b);
 #ifdef WOLFSSL_DTLS
             if (ssl->options.dtls) {
-                int ret = wc_HmacUpdate(&cookieHmac, input + i - 1, ID_LEN + 1);
+                int ret = wc_HmacUpdate(&cookieHmac, input + i - 1, b + 1);
                 if (ret != 0) return ret;
             }
 #endif /* WOLFSSL_DTLS */
-            ssl->arrays->sessionIDSz = ID_LEN;
+            ssl->arrays->sessionIDSz = b;
-            i += ID_LEN;
+            i += b;
             ssl->options.resuming = 1; /* client wants to resume */
             WOLFSSL_MSG("Client wants to resume session");
         }
@@ -17656,6 +17668,9 @@ int DoSessionTicket(WOLFSSL* ssl,
             #ifdef HAVE_SESSION_TICKET
                 if (ssl->options.useTicket == 1) {
                     session = &ssl->session;
+                } else if (bogusID == 1 && ssl->options.rejectTicket == 0) {
+                    WOLFSSL_MSG("Bogus session ID without session ticket");
+                    return BUFFER_ERROR;
                 }
             #endif
 

src/tls.c

@@ -3181,6 +3181,7 @@ static int TLSX_SessionTicket_Parse(WOLFSSL* ssl, byte* input, word16 length,
                 }
             } else if (ret == WOLFSSL_TICKET_RET_REJECT) {
                 WOLFSSL_MSG("Process client ticket rejected, not using");
+                ssl->options.rejectTicket = 1;
                 ret = 0;  /* not fatal */
             } else if (ret == WOLFSSL_TICKET_RET_FATAL || ret < 0) {
                 WOLFSSL_MSG("Process client ticket fatal error, not using");

wolfssl/internal.h

@@ -2417,6 +2417,7 @@ typedef struct Options {
 #ifdef HAVE_SESSION_TICKET
     word16            createTicket:1;     /* Server to create new Ticket */
     word16            useTicket:1;        /* Use Ticket not session cache */
+    word16            rejectTicket:1;     /* Callback rejected ticket */
 #endif
 #ifdef WOLFSSL_DTLS
     word16            dtlsHsRetain:1;     /* DTLS retaining HS data */