feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Announce TLSX_PSK_KEY_EXCHANGE_MODES in non-resuming ClientHello.

Browse Source 
- can be reverted to previous style by defining NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
- QUIC interop testing reveals that at least QUIC stacks refrain from
  issuing session tickets unless the ClientHello shows this extension.
This commit is contained in:
Stefan Eissing
2022-07-21 10:52:45 +02:00
parent da422eb422
commit c8008e29b9
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/tls.c
View File

@@ -11385,7 +11385,15 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
} }
#endif /* !NO_PSK */ #endif /* !NO_PSK */
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
#ifndef NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
/* Some servers do not generate session tickets unless
* the extension is seen in a non-resume client hello */
if (1) {
(void)usingPSK;
#else
if (usingPSK) { if (usingPSK) {
#endif
byte modes; byte modes;
/* Pre-shared key modes: mandatory extension for resumption. */ /* Pre-shared key modes: mandatory extension for resumption. */