feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix for session ticket handling with error cases. Session ticket callback return code failures were still trying to do resumption. Behavior broken in PR #3827.

Browse Source
This commit is contained in:
David Garske
2021-10-26 11:37:01 -07:00
parent 9c665d7282
commit a08b2db692
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/sniffer.c
View File

@ -3589,7 +3589,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
inputHelloSz - bindersLen + HANDSHAKE_HEADER_SZ);
/* call to decrypt session ticket */
if (DoClientTicket(ssl, identity, idLen) != 0) {
if (DoClientTicket(ssl, identity, idLen) != WOLFSSL_TICKET_RET_OK) {
/* we aren't decrypting the resumption, since we know the master secret */
/* ignore errors */
}

10
src/tls13.c
View File

@ -4202,12 +4202,12 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
RefineSuites(ssl, clSuites);
#ifndef WOLFSSL_PSK_ONE_ID
if (!usingPSK)
if (usingPSK == NULL)
return BAD_FUNC_ARG;
if (!ssl->options.useClientOrder) {
/* Server order - server list has only common suites from refining. */
for (i = 0; !*usingPSK && i < ssl->suites->suiteSz; i += 2) {
for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK,
&first);
if (ret != 0) {
@ -4217,8 +4217,8 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
}
else {
/* Client order */
for (j = 0; !*usingPSK && j < clSuites->suiteSz; j += 2) {
for (i = 0; !*usingPSK && i < ssl->suites->suiteSz; i += 2) {
for (j = 0; !(*usingPSK) && j < clSuites->suiteSz; j += 2) {
for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK,
&first);
if (ret != 0)
@ -4237,7 +4237,7 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
if (ret != 0)
return ret;
if (usingPSK) {
if (*usingPSK != 0) {
word16 modes;
#ifdef WOLFSSL_EARLY_DATA
TLSX* extEarlyData;