feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

PSK Alert

Browse Source 
When the server cannot match the client's identity, the server sends a unknown_psk_identity alert to the client.
This commit is contained in:
John Safranek
2020-12-14 16:53:54 -08:00
parent 7fe24daf6c
commit f8e674e45d
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/internal.c
View File

@ -29405,6 +29405,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (ssl->arrays->psk_keySz == 0 || if (ssl->arrays->psk_keySz == 0 ||
ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) { ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) {
#ifdef WOLFSSL_EXTRA_ALERTS
SendAlert(ssl, alert_fatal,
unknown_psk_identity);
#endif
ERROR_OUT(PSK_KEY_ERROR, exit_dcke); ERROR_OUT(PSK_KEY_ERROR, exit_dcke);
} }
@ -30285,6 +30289,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (ssl->arrays->psk_keySz == 0 || if (ssl->arrays->psk_keySz == 0 ||
ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) { ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) {
#ifdef WOLFSSL_EXTRA_ALERTS
SendAlert(ssl, alert_fatal,
unknown_psk_identity);
#endif
ERROR_OUT(PSK_KEY_ERROR, exit_dcke); ERROR_OUT(PSK_KEY_ERROR, exit_dcke);
} }