wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-05-05 13:34:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5593 from rizlik/ticket_nonce_size

Browse Source 
tls13: support ticketNonce with size bigger than MAX_TICKET_NONCE_SZ
This commit is contained in:
Sean Parkinson
2022-09-29 08:11:22 +10:00
committed by GitHub
parent cec6341e23 ae4228f928
commit 754d274d8c
10 changed files with 854 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/ssl.c
+310 -6
View File
@@ -13555,6 +13555,40 @@ static int SslSessionCacheOff(const WOLFSSL* ssl, const WOLFSSL_SESSION* session
;
}
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) && \
defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
/**
* SessionTicketNoncePrealloc() - prealloc a buffer for ticket nonces
* @output: [in] pointer to WOLFSSL_SESSION object that will soon be a
* destination of a session duplication
* @buf: [out] address of the preallocated buf
* @len: [out] len of the preallocated buf
*
* prealloc a buffer that will likely suffice to contain a ticket nonce. It's
* used when copying session under lock, when syscalls need to be avoided. If
* output already has a dynamic buffer, it's reused.
*/
static int SessionTicketNoncePrealloc(byte** buf, byte* len, void *heap)
{
(void)heap;
*buf = (byte*)XMALLOC(PREALLOC_SESSION_TICKET_NONCE_LEN, heap,
DYNAMIC_TYPE_SESSION_TICK);
if (*buf == NULL) {
WOLFSSL_MSG("Failed to preallocate ticket nonce buffer");
*len = 0;
return WOLFSSL_FAILURE;
}
*len = PREALLOC_SESSION_TICKET_NONCE_LEN;
return 0;
}
#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 */
static int wolfSSL_DupSessionEx(const WOLFSSL_SESSION* input,
WOLFSSL_SESSION* output, int avoidSysCalls, byte* ticketNonceBuf,
byte* ticketNonceLen, byte* preallocUsed);
int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
{
@@ -13571,6 +13605,11 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
#else
byte* tmpTicket = NULL;
#endif
#ifdef WOLFSSL_TLS13
byte *preallocNonce = NULL;
byte preallocNonceLen = 0;
byte preallocNonceUsed = 0;
#endif /* WOLFSSL_TLS13 */
byte tmpBufSet = 0;
#endif
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
@@ -13678,6 +13717,30 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
}
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) && \
defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
if (output->ticketNonce.data != output->ticketNonce.dataStatic) {
XFREE(output->ticketNonce.data, output->heap,
DYNAMIC_TYPE_SESSION_TICK);
output->ticketNonce.data = output->ticketNonce.dataStatic;
output->ticketNonce.len = 0;
}
error = SessionTicketNoncePrealloc(&preallocNonce, &preallocNonceLen,
output->heap);
if (error != 0) {
if (tmpBufSet) {
output->ticket = output->staticTicket;
output->ticketLenAlloc = 0;
}
#ifdef WOLFSSL_SMALL_STACK
if (tmpTicket != NULL)
XFREE(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return WOLFSSL_FAILURE;
}
#endif /* WOLFSSL_TLS13 && HAVE_SESSION_TICKET*/
/* lock row */
sessRow = &SessionCache[row];
if (SESSION_ROW_LOCK(sessRow) != 0) {
@@ -13687,6 +13750,10 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
output->ticket = output->staticTicket;
output->ticketLenAlloc = 0;
}
#ifdef WOLFSSL_TLS13
if (preallocNonce != NULL)
XFREE(preallocNonce, output->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif /* WOLFSSL_TLS13 */
#ifdef WOLFSSL_SMALL_STACK
if (tmpTicket != NULL)
XFREE(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -13731,7 +13798,13 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
sess->peer = NULL;
}
#endif
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13)
error = wolfSSL_DupSessionEx(sess, output, 1,
preallocNonce, &preallocNonceLen, &preallocNonceUsed);
#else
error = wolfSSL_DupSession(sess, output, 1);
#endif /* WOLFSSL_TSL */
#ifdef HAVE_EX_DATA
output->ownExData = 0; /* Session cache owns external data */
#endif
@@ -13780,6 +13853,45 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
if (tmpTicket != NULL)
XFREE(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
if (error == WOLFSSL_SUCCESS && preallocNonceUsed) {
if (preallocNonceLen < PREALLOC_SESSION_TICKET_NONCE_LEN) {
/* buffer bigger than needed */
#ifndef XREALLOC
output->ticketNonce.data = (byte*)XMALLOC(preallocNonceLen,
output->heap, DYNAMIC_TYPE_SESSION_TICK);
if (output->ticketNonce.data != NULL)
XMEMCPY(output->ticketNonce.data, preallocNonce,
preallocNonceLen);
XFREE(preallocNonce, output->heap, DYNAMIC_TYPE_SESSION_TICK);
preallocNonce = NULL;
#else
output->ticketNonce.data = XREALLOC(preallocNonce,
preallocNonceLen, output->heap, DYNAMIC_TYPE_SESSION_TICK);
if (output->ticketNonce.data != NULL) {
/* don't free the reallocated pointer */
preallocNonce = NULL;
}
#endif /* !XREALLOC */
if (output->ticketNonce.data == NULL) {
output->ticketNonce.data = output->ticketNonce.dataStatic;
output->ticketNonce.len = 0;
error = WOLFSSL_FAILURE;
/* preallocNonce will be free'd after the if */
}
}
else {
output->ticketNonce.data = preallocNonce;
output->ticketNonce.len = preallocNonceLen;
preallocNonce = NULL;
}
}
if (preallocNonce != NULL)
XFREE(preallocNonce, output->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
#endif
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
@@ -14091,7 +14203,14 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
byte ticBuffUsed = 0;
byte* ticBuff = NULL;
int ticLen = 0;
#endif
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
byte *preallocNonce = NULL;
byte preallocNonceLen = 0;
byte preallocNonceUsed = 0;
byte *toFree = NULL;
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC */
#endif /* HAVE_SESSION_TICKET */
int ret = 0;
int row;
int i;
@@ -14113,7 +14232,6 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
return MEMORY_E;
}
/* Find a position for the new session in cache and use that */
#ifdef HAVE_SESSION_TICKET
ticLen = addSession->ticketLen;
/* Alloc Memory here to avoid syscalls during lock */
@@ -14124,13 +14242,35 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
return MEMORY_E;
}
}
#endif
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
if (addSession->ticketNonce.data != addSession->ticketNonce.dataStatic) {
/* use the AddSession->heap even if the buffer maybe saved in
* CachedSession objects. CachedSession heap and AddSession heap should
* be the same */
preallocNonce = (byte*)XMALLOC(addSession->ticketNonce.len,
addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
if (preallocNonce == NULL) {
if (ticBuff != NULL)
XFREE(ticBuff, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
return MEMORY_E;
}
preallocNonceLen = addSession->ticketNonce.len;
}
#endif /* WOLFSSL_TLS13 && WOLFSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3) */
#endif /* HAVE_SESSION_TICKET */
/* Find a position for the new session in cache and use that */
/* Use the session object in the cache for external cache if required */
row = (int)(HashObject(id, ID_LEN, &ret) % SESSION_ROWS);
if (ret != 0) {
WOLFSSL_MSG("Hash session failed");
#ifdef HAVE_SESSION_TICKET
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
if (preallocNonce != NULL)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif
#endif
return ret;
}
@@ -14139,6 +14279,10 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
if (SESSION_ROW_LOCK(sessRow) != 0) {
#ifdef HAVE_SESSION_TICKET
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
if (preallocNonce != NULL)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif
#endif
WOLFSSL_MSG("Session row lock failed");
return BAD_MUTEX_E;
@@ -14193,6 +14337,19 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
cacheSession->ticket = ticBuff;
cacheSession->ticketLenAlloc = (word16) ticLen;
}
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
/* cache entry never used */
if (cacheSession->ticketNonce.data == NULL)
cacheSession->ticketNonce.data = cacheSession->ticketNonce.dataStatic;
if (cacheSession->ticketNonce.data !=
cacheSession->ticketNonce.dataStatic) {
toFree = cacheSession->ticketNonce.data;
cacheSession->ticketNonce.data = cacheSession->ticketNonce.dataStatic;
cacheSession->ticketNonce.len = 0;
}
#endif /* WOFLSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
#endif
#ifdef SESSION_CERTS
if (overwrite &&
@@ -14206,7 +14363,15 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
#endif /* SESSION_CERTS */
cacheSession->heap = NULL;
/* Copy data into the cache object */
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) && \
defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
ret = wolfSSL_DupSessionEx(addSession, cacheSession, 1, preallocNonce,
&preallocNonceLen, &preallocNonceUsed) == WOLFSSL_FAILURE;
#else
ret = wolfSSL_DupSession(addSession, cacheSession, 1) == WOLFSSL_FAILURE;
#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC
&& FIPS_VERSION_GE(5,3)*/
if (ret == 0) {
/* Increment the totalCount and the nextIdx */
@@ -14226,6 +14391,17 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
cacheSession->rem_sess_cb = ctx->rem_sess_cb;
}
#endif
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) && \
defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
if (preallocNonce != NULL && preallocNonceUsed) {
cacheSession->ticketNonce.data = preallocNonce;
cacheSession->ticketNonce.len = preallocNonceLen;
preallocNonce = NULL;
preallocNonceLen = 0;
}
#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC
* && FIPS_VERSION_GE(5,3)*/
}
#ifdef HAVE_SESSION_TICKET
else if (ticBuffUsed) {
@@ -14253,6 +14429,13 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
if (cacheTicBuff != NULL)
XFREE(cacheTicBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
if (preallocNonce != NULL)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
if (toFree != NULL)
XFREE(toFree, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
#endif
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
@@ -20026,6 +20209,10 @@ WOLFSSL_SESSION* wolfSSL_NewSession(void* heap)
#endif
#ifdef HAVE_SESSION_TICKET
ret->ticket = ret->staticTicket;
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
ret->ticketNonce.data = ret->ticketNonce.dataStatic;
#endif
#endif
#ifdef HAVE_STUNNEL
/* stunnel has this funny mechanism of storing the "is_authenticated"
@@ -20088,11 +20275,16 @@ int wolfSSL_SESSION_up_ref(WOLFSSL_SESSION* session)
* sessions from cache. When a cache row is locked, we
* don't want to block other threads with long running
* system calls.
* @param ticketNonceBuf If not null and @avoidSysCalls is true, the copy of the
* ticketNonce will happen in this pre allocated buffer
* @param ticketNonceLen @ticketNonceBuf len as input, used length on output
* @param ticketNonceUsed if @ticketNonceBuf was used to copy the ticket noncet
* @return WOLFSSL_SUCCESS on success
* WOLFSSL_FAILURE on failure
*/
int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
int avoidSysCalls)
static int wolfSSL_DupSessionEx(const WOLFSSL_SESSION* input,
WOLFSSL_SESSION* output, int avoidSysCalls, byte* ticketNonceBuf,
byte* ticketNonceLen, byte* preallocUsed)
{
#ifdef HAVE_SESSION_TICKET
int ticLenAlloc = 0;
@@ -20102,6 +20294,9 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
int ret = WOLFSSL_SUCCESS;
(void)avoidSysCalls;
(void)ticketNonceBuf;
(void)ticketNonceLen;
(void)preallocUsed;
input = ClientSessionToSession(input);
output = ClientSessionToSession(output);
@@ -20116,7 +20311,27 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
ticBuff = output->ticket;
ticLenAlloc = output->ticketLenAlloc;
}
#endif
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
/* free the data, it would be better to re-use the buffer but this
* maintain the code simpler. A smart allocator should re-use the free'd
* buffer in the next malloc without much performance penalties. */
if (output->ticketNonce.data != output->ticketNonce.dataStatic) {
/* Callers that avoid syscall should never calls this with
* output->tickeNonce.data being a dynamic buffer.*/
if (avoidSysCalls) {
WOLFSSL_MSG("can't avoid syscalls with dynamic TicketNonce buffer");
return WOLFSSL_FAILURE;
}
XFREE(output->ticketNonce.data,
output->heap, DYNAMIC_TYPE_SESSION_TICK);
output->ticketNonce.data = output->ticketNonce.dataStatic;
output->ticketNonce.len = 0;
}
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
#endif /* HAVE_SESSION_TICKET */
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
if (output->peer != NULL) {
@@ -20132,6 +20347,12 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
XMEMCPY((byte*)output + copyOffset, (byte*)input + copyOffset,
sizeof(WOLFSSL_SESSION) - copyOffset);
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) && \
defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
/* fix pointer to static after the copy */
output->ticketNonce.data = output->ticketNonce.dataStatic;
#endif
/* Set sane values for copy */
#ifndef NO_SESSION_CACHE
if (output->type != WOLFSSL_SESSION_TYPE_CACHE)
@@ -20225,10 +20446,74 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
}
}
ticBuff = NULL;
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
if (preallocUsed != NULL)
*preallocUsed = 0;
if (input->ticketNonce.len > MAX_TICKET_NONCE_STATIC_SZ &&
ret == WOLFSSL_SUCCESS) {
/* TicketNonce does not fit in the static buffer */
if (!avoidSysCalls) {
output->ticketNonce.data = (byte*)XMALLOC(input->ticketNonce.len,
output->heap, DYNAMIC_TYPE_SESSION_TICK);
if (output->ticketNonce.data == NULL) {
WOLFSSL_MSG("Failed to allocate space for ticket nonce");
output->ticketNonce.data = output->ticketNonce.dataStatic;
output->ticketNonce.len = 0;
ret = WOLFSSL_FAILURE;
}
else {
output->ticketNonce.len = input->ticketNonce.len;
XMEMCPY(output->ticketNonce.data, input->ticketNonce.data,
input->ticketNonce.len);
ret = WOLFSSL_SUCCESS;
}
}
/* we can't do syscalls. Use prealloc buffers if provided from the
* caller. */
else if (ticketNonceBuf != NULL &&
*ticketNonceLen >= input->ticketNonce.len) {
XMEMCPY(ticketNonceBuf, input->ticketNonce.data,
input->ticketNonce.len);
*ticketNonceLen = input->ticketNonce.len;
if (preallocUsed != NULL)
*preallocUsed = 1;
ret = WOLFSSL_SUCCESS;
}
else {
WOLFSSL_MSG("TicketNonce bigger than static buffer, and we can't "
"do syscalls");
ret = WOLFSSL_FAILURE;
}
}
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
#endif /* HAVE_SESSION_TICKET */
return ret;
}
/**
* Deep copy the contents from input to output.
* @param input The source of the copy.
* @param output The destination of the copy.
* @param avoidSysCalls If true, then system calls will be avoided or an error
* will be returned if it is not possible to proceed
* without a system call. This is useful for fetching
* sessions from cache. When a cache row is locked, we
* don't want to block other threads with long running
* system calls.
* @return WOLFSSL_SUCCESS on success
* WOLFSSL_FAILURE on failure
*/
int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
int avoidSysCalls)
{
return wolfSSL_DupSessionEx(input, output, avoidSysCalls, NULL, NULL, NULL);
}
WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
{
#ifdef HAVE_EXT_CACHE
@@ -20318,6 +20603,13 @@ void wolfSSL_FreeSession(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session)
if (session->ticketLenAlloc > 0) {
XFREE(session->ticket, session->heap, DYNAMIC_TYPE_SESSION_TICK);
}
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
if (session->ticketNonce.data != session->ticketNonce.dataStatic) {
XFREE(session->ticketNonce.data, session->heap,
DYNAMIC_TYPE_SESSION_TICK);
}
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
#endif
#ifdef HAVE_EX_DATA_CLEANUP_HOOKS
@@ -25766,7 +26058,19 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
ret = BUFFER_ERROR;
goto end;
}
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
ret = SessionTicketNoncePopulate(s, data + idx, s->ticketNonce.len);
if (ret != 0)
goto end;
#else
if (s->ticketNonce.len > MAX_TICKET_NONCE_STATIC_SZ) {
ret = BUFFER_ERROR;
goto end;
}
XMEMCPY(s->ticketNonce.data, data + idx, s->ticketNonce.len);
#endif /* defined(WOLFSSL_TICKET_NONCE_MALLOC) && FIPS_VERSION_GE(5,3) */
idx += s->ticketNonce.len;
#endif
#ifdef WOLFSSL_EARLY_DATA