mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 16:50:48 +02:00
dtls13: WOLFSSL_DTLS13_5_9_0_COMPAT -> WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID
This commit is contained in:
@@ -744,7 +744,7 @@ WOLFSSL_DRBG_SHA256
|
||||
WOLFSSL_DTLS_DISALLOW_FUTURE
|
||||
WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS
|
||||
WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT
|
||||
WOLFSSL_DTLS13_5_9_0_COMPAT
|
||||
WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID
|
||||
WOLFSSL_DUMP_MEMIO_STREAM
|
||||
WOLFSSL_DUP_CERTPOL
|
||||
WOLFSSL_EARLY_DATA_NO_ANTI_REPLAY
|
||||
|
||||
+1
-1
@@ -860,7 +860,7 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch)
|
||||
nonConstSSL->options.tls1_1 = 1;
|
||||
nonConstSSL->options.tls1_3 = 1;
|
||||
|
||||
#ifdef WOLFSSL_DTLS13_5_9_0_COMPAT
|
||||
#ifdef WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID
|
||||
nonConstSSL->session->sessionIDSz = (byte)ch->sessionId.size;
|
||||
if (ch->sessionId.size > 0)
|
||||
XMEMCPY(nonConstSSL->session->sessionID, ch->sessionId.elements,
|
||||
|
||||
+4
-4
@@ -5776,7 +5776,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
/* RFC 9147 Section 5.3 / RFC 9001 Section 8.4: DTLS 1.3 and QUIC
|
||||
* ServerHello must have empty legacy_session_id_echo. */
|
||||
int requireEmptyEcho = 1;
|
||||
#ifdef WOLFSSL_DTLS13_5_9_0_COMPAT
|
||||
#ifdef WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID
|
||||
/* Compat: a wolfSSL <= 5.9.0 DTLS 1.3 server echoes the client's
|
||||
* legacy_session_id; accept any echo. */
|
||||
if (ssl->options.dtls)
|
||||
@@ -6980,7 +6980,7 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie)
|
||||
|
||||
/* Reconstruct the HelloRetryMessage for handshake hash. */
|
||||
sessIdSz = ssl->session->sessionIDSz;
|
||||
#if defined(WOLFSSL_DTLS13) && !defined(WOLFSSL_DTLS13_5_9_0_COMPAT)
|
||||
#if defined(WOLFSSL_DTLS13) && !defined(WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID)
|
||||
/* RFC 9147 Section 5.3: DTLS 1.3 must use empty legacy_session_id. */
|
||||
if (ssl->options.dtls)
|
||||
sessIdSz = 0;
|
||||
@@ -7460,7 +7460,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
if (sessIdSz + args->idx > helloSz)
|
||||
ERROR_OUT(BUFFER_ERROR, exit_dch);
|
||||
|
||||
#if defined(WOLFSSL_DTLS13) && !defined(WOLFSSL_DTLS13_5_9_0_COMPAT)
|
||||
#if defined(WOLFSSL_DTLS13) && !defined(WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID)
|
||||
/* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty
|
||||
* legacy_session_id_echo. Don't store the client's value so it
|
||||
* won't be echoed in SendTls13ServerHello. */
|
||||
@@ -8065,7 +8065,7 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
|
||||
WOLFSSL_BUFFER(ssl->arrays->serverRandom, RAN_LEN);
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_DTLS13) && !defined(WOLFSSL_DTLS13_5_9_0_COMPAT)
|
||||
#if defined(WOLFSSL_DTLS13) && !defined(WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID)
|
||||
if (ssl->options.dtls) {
|
||||
/* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty
|
||||
* legacy_session_id_echo. */
|
||||
|
||||
@@ -2956,7 +2956,7 @@ int test_dtls13_no_session_id_echo(void)
|
||||
EXPECT_DECLS;
|
||||
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) && \
|
||||
defined(HAVE_SESSION_TICKET) && defined(HAVE_ECC) && \
|
||||
!defined(WOLFSSL_DTLS13_5_9_0_COMPAT)
|
||||
!defined(WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID)
|
||||
struct test_memio_ctx test_ctx;
|
||||
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
|
||||
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
|
||||
@@ -3032,14 +3032,14 @@ int test_dtls13_no_session_id_echo(void)
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
/* Test that a server built with WOLFSSL_DTLS13_5_9_0_COMPAT echoes the
|
||||
/* Test that a server built with WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID echoes the
|
||||
* client's legacy_session_id in both the direct ServerHello path and the
|
||||
* stateless HRR path (which also exercises RestartHandshakeHashWithCookie). */
|
||||
int test_dtls13_5_9_0_compat(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) && \
|
||||
defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_DTLS13_5_9_0_COMPAT) && \
|
||||
defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_DTLS13_ECHO_LEGACY_SESSION_ID) && \
|
||||
defined(HAVE_ECC)
|
||||
struct test_memio_ctx test_ctx;
|
||||
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
|
||||
|
||||
Reference in New Issue
Block a user