wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for session test with TLS v1.3 and session tickets not enabled. Cleanups in AddSession.

Browse Source
This commit is contained in:
David Garske
2020-06-05 13:33:03 -07:00
parent fb5c9e5268
commit 3af4316cfd
2 changed files with 30 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
src/ssl.c
View File

@@ -12626,6 +12626,7 @@ int AddSession(WOLFSSL* ssl)
word32 row = 0;
word32 idx = 0;
int error = 0;
const byte* id = NULL;
#ifdef HAVE_SESSION_TICKET
byte* tmpBuff = NULL;
int ticLen = 0;
@@ -12645,6 +12646,17 @@ int AddSession(WOLFSSL* ssl)
return 0;
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
if (ssl->options.tls1_3)
id = ssl->session.sessionID;
else
#endif
if (ssl->arrays)
id = ssl->arrays->sessionID;
if (id == NULL) {
return BAD_FUNC_ARG;
}
#ifdef HAVE_SESSION_TICKET
ticLen = ssl->session.ticketLen;
/* Alloc Memory here so if Malloc fails can exit outside of lock */
@@ -12675,17 +12687,7 @@ int AddSession(WOLFSSL* ssl)
{
/* Use the session object in the cache for external cache if required.
*/
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
if (ssl->options.tls1_3) {
row = HashSession(ssl->session.sessionID, ID_LEN, &error) %
SESSION_ROWS;
}
else
#endif
{
row = HashSession(ssl->arrays->sessionID, ID_LEN, &error) %
SESSION_ROWS;
}
row = HashSession(id, ID_LEN, &error) % SESSION_ROWS;
if (error != 0) {
WOLFSSL_MSG("Hash session failed");
#ifdef HAVE_SESSION_TICKET
@@ -12702,23 +12704,13 @@ int AddSession(WOLFSSL* ssl)
}
for (i=0; i<SESSIONS_PER_ROW; i++) {
if (ssl->options.tls1_3) {
if (XMEMCMP(ssl->session.sessionID, SessionCache[row].Sessions[i].sessionID, ID_LEN) == 0) {
if (XMEMCMP(id, SessionCache[row].Sessions[i].sessionID, ID_LEN) == 0) {
WOLFSSL_MSG("Session already exists. Overwriting.");
overwrite = 1;
idx = i;
break;
}
}
else {
if (XMEMCMP(ssl->arrays->sessionID, SessionCache[row].Sessions[i].sessionID, ID_LEN) == 0) {
WOLFSSL_MSG("Session already exists. Overwriting.");
overwrite = 1;
idx = i;
break;
}
}
}
if (!overwrite) {
idx = SessionCache[row].nextIdx++;
@@ -12729,22 +12721,19 @@ int AddSession(WOLFSSL* ssl)
session = &SessionCache[row].Sessions[idx];
}
if (!ssl->options.tls1_3)
XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN);
else
XMEMCPY(session->masterSecret, ssl->session.masterSecret, SECRET_LEN);
session->haveEMS = ssl->options.haveEMS;
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
#ifdef WOLFSSL_TLS13
if (ssl->options.tls1_3) {
XMEMCPY(session->sessionID, ssl->session.sessionID, ID_LEN);
XMEMCPY(session->masterSecret, ssl->session.masterSecret, SECRET_LEN);
session->sessionIDSz = ID_LEN;
}
else
#endif
{
XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);
XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN);
session->sessionIDSz = ssl->arrays->sessionIDSz;
}
XMEMCPY(session->sessionID, id, ID_LEN);
session->haveEMS = ssl->options.haveEMS;
#ifdef OPENSSL_EXTRA
/* If using compatibility layer then check for and copy over session context

5
tests/api.c
View File

@@ -25449,7 +25449,12 @@ static void test_wolfSSL_SESSION(void)
char msg[80];
printf(testingFmt, "wolfSSL_SESSION()");
/* TLS v1.3 requires session tickets */
#if defined(WOLFSSL_TLS13) && !defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_TLS12)
AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
#else
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));