mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-30 10:47:28 +02:00
Read cookie extension into separate field
This commit is contained in:
Juliusz Sosinowicz
17
src/dtls.c
17
src/dtls.c
@ -111,6 +111,7 @@ typedef struct WolfSSL_CH {
|
|||||||
WolfSSL_ConstVector cipherSuite;
|
WolfSSL_ConstVector cipherSuite;
|
||||||
WolfSSL_ConstVector compression;
|
WolfSSL_ConstVector compression;
|
||||||
WolfSSL_ConstVector extension;
|
WolfSSL_ConstVector extension;
|
||||||
|
WolfSSL_ConstVector cookieExt;
|
||||||
const byte* raw;
|
const byte* raw;
|
||||||
word32 length;
|
word32 length;
|
||||||
/* Store the DTLS 1.2 cookie since we can just compute it once in dtls.c */
|
/* Store the DTLS 1.2 cookie since we can just compute it once in dtls.c */
|
||||||
@ -184,13 +185,13 @@ static int CheckDtlsCookie(const WOLFSSL* ssl, WolfSSL_CH* ch,
|
|||||||
#ifdef WOLFSSL_DTLS13
|
#ifdef WOLFSSL_DTLS13
|
||||||
if (isTls13) {
|
if (isTls13) {
|
||||||
word16 len;
|
word16 len;
|
||||||
if (ch->cookie.size < OPAQUE16_LEN + 1)
|
if (ch->cookieExt.size < OPAQUE16_LEN + 1)
|
||||||
return BUFFER_E;
|
return BUFFER_E;
|
||||||
ato16(ch->cookie.elements, &len);
|
ato16(ch->cookieExt.elements, &len);
|
||||||
if (ch->cookie.size - OPAQUE16_LEN != len)
|
if (ch->cookieExt.size - OPAQUE16_LEN != len)
|
||||||
return BUFFER_E;
|
return BUFFER_E;
|
||||||
ret = TlsCheckCookie(ssl, ch->cookie.elements + OPAQUE16_LEN,
|
ret = TlsCheckCookie(ssl, ch->cookieExt.elements + OPAQUE16_LEN,
|
||||||
(word16)(ch->cookie.size - OPAQUE16_LEN));
|
(word16)(ch->cookieExt.size - OPAQUE16_LEN));
|
||||||
if (ret < 0 && ret != HRR_COOKIE_ERROR)
|
if (ret < 0 && ret != HRR_COOKIE_ERROR)
|
||||||
return ret;
|
return ret;
|
||||||
*cookieGood = ret > 0;
|
*cookieGood = ret > 0;
|
||||||
@ -484,7 +485,7 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch,
|
|||||||
|
|
||||||
(void)pskInfo;
|
(void)pskInfo;
|
||||||
|
|
||||||
if (ch->cookie.size == 0) {
|
if (ch->cookieExt.size == 0) {
|
||||||
TLSX* parsedExts = NULL;
|
TLSX* parsedExts = NULL;
|
||||||
WolfSSL_ConstVector tlsx;
|
WolfSSL_ConstVector tlsx;
|
||||||
Suites suites;
|
Suites suites;
|
||||||
@ -763,7 +764,7 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
|
|||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
if (isTls13) {
|
if (isTls13) {
|
||||||
ret = TlsxFindByType(&ch.cookie, TLSX_COOKIE, ch.extension);
|
ret = TlsxFindByType(&ch.cookieExt, TLSX_COOKIE, ch.extension);
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
@ -795,7 +796,7 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (ch.cookie.size == 0) {
|
if (ch.cookie.size == 0 && ch.cookieExt.size == 0) {
|
||||||
ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13, &pskInfo);
|
ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13, &pskInfo);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|||||||
Reference in New Issue
Block a user