wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

adjust post auth support with TLS 1.3

Browse Source
This commit is contained in:
JacobBarthelmeh
2022-12-10 06:49:51 -08:00
parent 37adf0ff06
commit 389cf6ed0a
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/tls13.c
View File

@@ -8487,7 +8487,11 @@ int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
} }
else else
#endif #endif
if (!ssl->options.havePeerCert || !ssl->options.havePeerVerify) { if (
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
!ssl->options.verifyPostHandshake &&
#endif
(!ssl->options.havePeerCert || !ssl->options.havePeerVerify)) {
ret = NO_PEER_CERT; /* NO_PEER_VERIFY */ ret = NO_PEER_CERT; /* NO_PEER_VERIFY */
WOLFSSL_MSG("TLS v1.3 client did not present peer cert"); WOLFSSL_MSG("TLS v1.3 client did not present peer cert");
DoCertFatalAlert(ssl, ret); DoCertFatalAlert(ssl, ret);
@@ -9961,6 +9965,9 @@ static int SanityCheckTls13MsgReceived(WOLFSSL* ssl, byte type)
* no certificate available. * no certificate available.
*/ */
if (ssl->options.verifyPeer && if (ssl->options.verifyPeer &&
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
!ssl->options.verifyPostHandshake &&
#endif
!ssl->msgsReceived.got_certificate) { !ssl->msgsReceived.got_certificate) {
WOLFSSL_MSG("Finished received out of order - " WOLFSSL_MSG("Finished received out of order - "
"missing Certificate message"); "missing Certificate message");