wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for session ticket handling with error cases. Session ticket callback return code failures were still trying to do resumption. Behavior broken in PR #3827.

Browse Source
This commit is contained in:
David Garske
2021-10-26 11:37:01 -07:00
parent 9c665d7282
commit a08b2db692
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/sniffer.c
View File

@ -3589,7 +3589,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
inputHelloSz - bindersLen + HANDSHAKE_HEADER_SZ); inputHelloSz - bindersLen + HANDSHAKE_HEADER_SZ);
/* call to decrypt session ticket */ /* call to decrypt session ticket */
if (DoClientTicket(ssl, identity, idLen) != 0) { if (DoClientTicket(ssl, identity, idLen) != WOLFSSL_TICKET_RET_OK) {
/* we aren't decrypting the resumption, since we know the master secret */ /* we aren't decrypting the resumption, since we know the master secret */
/* ignore errors */ /* ignore errors */
} }

10
src/tls13.c
View File

@ -4202,12 +4202,12 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
RefineSuites(ssl, clSuites); RefineSuites(ssl, clSuites);
#ifndef WOLFSSL_PSK_ONE_ID #ifndef WOLFSSL_PSK_ONE_ID
if (!usingPSK) if (usingPSK == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (!ssl->options.useClientOrder) { if (!ssl->options.useClientOrder) {
/* Server order - server list has only common suites from refining. */ /* Server order - server list has only common suites from refining. */
for (i = 0; !*usingPSK && i < ssl->suites->suiteSz; i += 2) { for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK, ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK,
&first); &first);
if (ret != 0) { if (ret != 0) {
@ -4217,8 +4217,8 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
} }
else { else {
/* Client order */ /* Client order */
for (j = 0; !*usingPSK && j < clSuites->suiteSz; j += 2) { for (j = 0; !(*usingPSK) && j < clSuites->suiteSz; j += 2) {
for (i = 0; !*usingPSK && i < ssl->suites->suiteSz; i += 2) { for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK, ret = DoPreSharedKeys(ssl, ssl->suites->suites + i, usingPSK,
&first); &first);
if (ret != 0) if (ret != 0)
@ -4237,7 +4237,7 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
if (ret != 0) if (ret != 0)
return ret; return ret;
if (usingPSK) { if (*usingPSK != 0) {
word16 modes; word16 modes;
#ifdef WOLFSSL_EARLY_DATA #ifdef WOLFSSL_EARLY_DATA
TLSX* extEarlyData; TLSX* extEarlyData;