From 492603fbd4e1198aa8de2eacaa3403ac6d72aeb0 Mon Sep 17 00:00:00 2001 From: Josh Holtrop Date: Mon, 1 Jun 2026 16:15:43 -0400 Subject: [PATCH] Early-return from TLS 1.2 resumption on SNI/ALPN mismatch --- src/internal.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/internal.c b/src/internal.c index 664c0045b5..d767f9846d 100644 --- a/src/internal.c +++ b/src/internal.c @@ -38097,6 +38097,7 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl) TICKET_BINDING_HASH_SZ) != 0) { WOLFSSL_MSG("Resumed session SNI mismatch, full handshake"); ssl->options.resuming = 0; + return ret; } #endif #ifdef HAVE_ALPN @@ -38106,6 +38107,7 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl) TICKET_BINDING_HASH_SZ) != 0)) { WOLFSSL_MSG("Resumed session ALPN mismatch, full handshake"); ssl->options.resuming = 0; + return ret; } #endif }