wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for async post handshake auth. The re-handshake was not resetting the processReply state.

Browse Source
This commit is contained in:
David Garske
2020-12-17 14:58:46 -08:00
parent 420a040774
commit 73a5ee5ffb
2 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/ssl.c
View File

@ -17137,7 +17137,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
ssl->options.acceptState = ACCEPT_BEGIN;
ssl->options.handShakeState = NULL_STATE;
ssl->options.handShakeDone = 0;
/* ssl->options.processReply = doProcessInit; */
ssl->options.processReply = 0; /* doProcessInit */
ssl->keys.encryptionOn = 0;
XMEMSET(&ssl->msgsReceived, 0, sizeof(ssl->msgsReceived));

16
src/tls13.c
View File

@ -7187,7 +7187,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return ret;
if ((ret = DeriveTls13Keys(ssl, handshake_key,
ENCRYPT_AND_DECRYPT_SIDE, 1)) != 0) {
ENCRYPT_AND_DECRYPT_SIDE, 1)) != 0) {
return ret;
}
#ifdef WOLFSSL_EARLY_DATA
@ -7204,13 +7204,13 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return ret;
#ifdef WOLFSSL_EARLY_DATA
if ((ret = DeriveTls13Keys(ssl, traffic_key,
ENCRYPT_AND_DECRYPT_SIDE,
ssl->earlyData == no_early_data)) != 0) {
ENCRYPT_AND_DECRYPT_SIDE,
ssl->earlyData == no_early_data)) != 0) {
return ret;
}
#else
if ((ret = DeriveTls13Keys(ssl, traffic_key,
ENCRYPT_AND_DECRYPT_SIDE, 1)) != 0) {
ENCRYPT_AND_DECRYPT_SIDE, 1)) != 0) {
return ret;
}
#endif
@ -7222,9 +7222,13 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
ssl->options.clientState = CLIENT_HELLO_COMPLETE;
ssl->options.connectState = FIRST_REPLY_DONE;
ssl->options.handShakeState = CLIENT_HELLO_COMPLETE;
ssl->options.processReply = 0; /* doProcessInit */
if (wolfSSL_connect_TLSv13(ssl) != SSL_SUCCESS)
ret = POST_HAND_AUTH_ERROR;
if (wolfSSL_connect_TLSv13(ssl) != WOLFSSL_SUCCESS) {
ret = ssl->error;
if (ret != WC_PENDING_E)
ret = POST_HAND_AUTH_ERROR;
}
}
#endif
}