wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

addressed pre-review comments

Browse Source
This commit is contained in:
Hideki Miyazaki
2021-01-22 15:14:31 +09:00
parent e39477c531
commit 141d07e21b
3 changed files with 16 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
examples/client/client.c
View File

@@ -340,7 +340,7 @@ static void EarlyDataStatus(WOLFSSL* ssl)
switch(earlyData_status) { switch(earlyData_status) {
case WOLFSSL_EARLY_DATA_NOT_SENT: case WOLFSSL_EARLY_DATA_NOT_SENT:
printf("not setn.\n"); printf("not sent.\n");
break; break;
case WOLFSSL_EARLY_DATA_REJECTED: case WOLFSSL_EARLY_DATA_REJECTED:
printf("rejected.\n"); printf("rejected.\n");

18
src/tls.c
View File

@@ -9107,12 +9107,17 @@ static int TLSX_EarlyData_Parse(WOLFSSL* ssl, byte* input, word16 length,
if (length != 0) if (length != 0)
return BUFFER_E; return BUFFER_E;
if (ssl->earlyData == expecting_early_data) if (ssl->earlyData == expecting_early_data) {
if (ssl->options.maxEarlyDataSz != 0)
ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_ACCEPTED;
else
ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_REJECTED;
return TLSX_EarlyData_Use(ssl, 0); return TLSX_EarlyData_Use(ssl, 0);
}
ssl->earlyData = early_data_ext; ssl->earlyData = early_data_ext;
/* client wants to send early data. set this to rejected here. */
/* Later, it is set to accepted if the server accepts the data. */
ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_REJECTED;
return 0; return 0;
} }
if (msgType == encrypted_extensions) { if (msgType == encrypted_extensions) {
@@ -9125,9 +9130,10 @@ static int TLSX_EarlyData_Parse(WOLFSSL* ssl, byte* input, word16 length,
if (ssl->options.pskIdIndex != 1) if (ssl->options.pskIdIndex != 1)
return PSK_KEY_ERROR; return PSK_KEY_ERROR;
if (ssl->options.side == WOLFSSL_CLIENT_END) if (ssl->options.side == WOLFSSL_CLIENT_END) {
/* server could accept early data. */ /* the extension from server comes in */
ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_ACCEPTED; ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_ACCEPTED;
}
return TLSX_EarlyData_Use(ssl, 1); return TLSX_EarlyData_Use(ssl, 1);
} }

7
src/tls13.c
View File

@@ -6497,7 +6497,6 @@ static int DoTls13EndOfEarlyData(WOLFSSL* ssl, const byte* input,
} }
ssl->earlyData = done_early_data; ssl->earlyData = done_early_data;
ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_ACCEPTED;
/* Always encrypted. */ /* Always encrypted. */
*inOutIdx += ssl->keys.padSz; *inOutIdx += ssl->keys.padSz;
@@ -8657,13 +8656,13 @@ int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data, int sz, int* outSz)
ret = wolfSSL_connect_TLSv13(ssl); ret = wolfSSL_connect_TLSv13(ssl);
if (ret != WOLFSSL_SUCCESS) if (ret != WOLFSSL_SUCCESS)
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
/* on client side, status is set to rejected */ /* on client side, status is set to rejected */
/* until sever accepts early data */ /* until sever accepts the early data extension. */
ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_REJECTED; ssl->earlyDataStatus = WOLFSSL_EARLY_DATA_REJECTED;
} }
if (ssl->options.handShakeState == CLIENT_HELLO_COMPLETE) { if (ssl->options.handShakeState == CLIENT_HELLO_COMPLETE) {
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
/* when processed early data exceeds max size */ /* when processed early data exceeds max size */
if (ssl->earlyDataSz + sz > ssl->session.maxEarlyDataSz) { if (ssl->earlyDataSz + sz > ssl->session.maxEarlyDataSz) {
ssl->error = TOO_MUCH_EARLY_DATA; ssl->error = TOO_MUCH_EARLY_DATA;
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;