feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Support DTLS1.3 downgrade when server sends multiple handshakes in packet

Browse Source 
If the server sends Server Hello, Server Key Exchange and Server Hello Done
in a single DTLS packet, but for DTLS1.2 in response to a client DTLS1.3
request, then FIRST_REPLAY state does not occur until the server re-sends
the packet.  At this point wolfSSLconnect() gets used and all bursts into
life.

When processing handshakes in wolfSSL_connect_TLSv13() for case
HELLO_AGAIN_REPLY, downgrade to using  wolfSSLconnect() to continue
processing the remaining handshakes in the packet.

Found when using Mbed TLS for the server.
This commit is contained in:
Jon Shallow
2024-08-06 16:08:47 +01:00
parent 54370cc51e
commit bcbd701155
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/tls13.c
View File

@ -13086,6 +13086,14 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
case HELLO_AGAIN_REPLY:
/* Get the response/s from the server. */
while (ssl->options.serverState < SERVER_FINISHED_COMPLETE) {
#ifdef WOLFSSL_DTLS13
if (!IsAtLeastTLSv1_3(ssl->version)) {
#ifndef WOLFSSL_NO_TLS12
if (ssl->options.downgrade)
return wolfSSL_connect(ssl);
#endif
}
#endif /* WOLFSSL_DTLS13 */
if ((ssl->error = ProcessReply(ssl)) < 0) {
WOLFSSL_ERROR(ssl->error);
return WOLFSSL_FATAL_ERROR;