wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add RFC link to help understand constraints

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2023-02-21 14:17:19 +01:00
parent f2032e8744
commit 06749144d5
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/dtls.c
View File

@@ -693,8 +693,10 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch)
cs.cipherSuite0 = pskInfo.cipherSuite0; cs.cipherSuite0 = pskInfo.cipherSuite0;
cs.cipherSuite = pskInfo.cipherSuite; cs.cipherSuite = pskInfo.cipherSuite;
if (haveSG && !haveKS) { /* https://datatracker.ietf.org/doc/html/rfc8446#section-9.2 */
WOLFSSL_MSG("Client didn't send KeyShare or Supported Groups."); if (haveSG ^ haveKS) {
WOLFSSL_MSG("Client needs to send both or none of KeyShare and "
"SupportedGroups");
ERROR_OUT(INCOMPLETE_DATA, dtls13_cleanup); ERROR_OUT(INCOMPLETE_DATA, dtls13_cleanup);
} }
@@ -711,9 +713,10 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch)
else else
#endif #endif
{ {
/* https://datatracker.ietf.org/doc/html/rfc8446#section-9.2 */
if (!haveKS || !haveSA || !haveSG) { if (!haveKS || !haveSA || !haveSG) {
WOLFSSL_MSG("Client didn't send KeyShare or SigAlgs or " WOLFSSL_MSG("Client didn't send KeyShare or SigAlgs or "
"Supported Groups."); "SupportedGroups.");
ERROR_OUT(INCOMPLETE_DATA, dtls13_cleanup); ERROR_OUT(INCOMPLETE_DATA, dtls13_cleanup);
} }
ret = MatchSuite_ex(ssl, &suites, &cs, parsedExts); ret = MatchSuite_ex(ssl, &suites, &cs, parsedExts);