wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

stop double-populating the ech extension since that

Browse Source 
blows away the ech and it's current hpke context, causing the hrr handling to fail
This commit is contained in:
John Bland
2023-09-26 18:03:15 -04:00
parent a23edb84d4
commit c0b49ce443
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/tls.c
View File

@ -11359,9 +11359,14 @@ static int TLSX_ECH_Use(WOLFSSL_EchConfig* echConfig, TLSX** extensions,
{ {
int ret = 0; int ret = 0;
int suiteIndex; int suiteIndex;
TLSX* echX;
WOLFSSL_ECH* ech; WOLFSSL_ECH* ech;
if (extensions == NULL) if (extensions == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
/* skip if we already have an ech extension, we will for hrr */
echX = TLSX_Find(*extensions, TLSX_ECH);
if (echX != NULL)
return 0;
/* find a supported cipher suite */ /* find a supported cipher suite */
suiteIndex = EchConfigGetSupportedCipherSuite(echConfig); suiteIndex = EchConfigGetSupportedCipherSuite(echConfig);
if (suiteIndex < 0) if (suiteIndex < 0)