Announce TLSX_PSK_KEY_EXCHANGE_MODES in non-resuming ClientHello.

- can be reverted to previous style by defining NO_TLSX_PSKKEM_PLAIN_ANNOUNCE - QUIC interop testing reveals that at least QUIC stacks refrain from issuing session tickets unless the ClientHello shows this extension.
2025-07-31 19:24:42 +02:00 · 2022-07-21 10:52:45 +02:00
parent da422eb422
commit c8008e29b9
1 changed files with 8 additions and 0 deletions
--- a/src/tls.c
+++ b/src/tls.c
@@ -11385,7 +11385,15 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
            }
    #endif /* !NO_PSK */
        #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
+
+            #ifndef NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
+            /* Some servers do not generate session tickets unless
+             * the extension is seen in a non-resume client hello */
+            if (1) {
+                (void)usingPSK;
+            #else
            if (usingPSK) {
+            #endif
                byte modes;

                /* Pre-shared key modes: mandatory extension for resumption. */