Merge pull request #4137 from SparkiDev/tls13_hrr_ch_ems

TLS EMS ext: TLS13 - send in second CH if in first
2021-06-17 07:29:19 -07:00
parent 5751e20bcc 4bba282a70
commit eb7896919b
1 changed files with 6 additions and 1 deletions
--- a/src/tls.c
+++ b/src/tls.c
@ -11625,7 +11625,12 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
    }

 #ifdef HAVE_EXTENDED_MASTER
-    if (!isRequest && ssl->options.haveEMS && !pendingEMS)
+    if (IsAtLeastTLSv1_3(ssl->version) && msgType == hello_retry_request) {
+        /* Don't change EMS status until server_hello received.
+         * Second ClientHello must have same extensions.
+         */
+    }
+    else if (!isRequest && ssl->options.haveEMS && !pendingEMS)
        ssl->options.haveEMS = 0;
 #endif