Clear the keyshare instead of storing it

src/internal.c

@@ -8017,12 +8017,6 @@ void SSL_ResourceFree(WOLFSSL* ssl)
         ssl->dtls13ClientHello = NULL;
         ssl->dtls13ClientHelloSz = 0;
     }
-#ifdef WOLFSSL_DTLS_CH_FRAG
-    if (ssl->dtls13KSE != NULL) {
-        TLSX_KeyShare_FreeAll(ssl->dtls13KSE, ssl->heap);
-        ssl->dtls13KSE = NULL;
-    }
-#endif
 #endif /* WOLFSSL_DTLS13 */
 
 #endif /* WOLFSSL_DTLS */

src/tls.c

@@ -67,6 +67,7 @@
 
 #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
 static int TLSX_KeyShare_IsSupported(int namedGroup);
+static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap);
 #endif
 
 #ifdef HAVE_SUPPORTED_CURVES
@@ -7768,7 +7769,7 @@ int TLSX_KeyShare_GenKey(WOLFSSL *ssl, KeyShareEntry *kse)
  * list  The linked list of key share entry objects.
  * heap  The heap used for allocation.
  */
-void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap)
+static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap)
 {
     KeyShareEntry* current;
 
@@ -8783,27 +8784,12 @@ int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
         if (ssl->error != WC_PENDING_E)
     #endif
         {
-            /* Check the selected group was supported by ClientHello
+            /* Check the selected group was supported by ClientHello extensions. */
-             * extensions. */
             if (!TLSX_SupportedGroups_Find(ssl, group, ssl->extensions)) {
                 WOLFSSL_ERROR_VERBOSE(BAD_KEY_SHARE_DATA);
                 return BAD_KEY_SHARE_DATA;
             }
 
-#ifdef WOLFSSL_DTLS_CH_FRAG
-            /* If we sent an empty key share then we can just limit the keyshare
-             * to the one selected by the server. */
-            if (ssl->options.dtlsSentEmptyKS) {
-                if (!TLSX_KeyShare_SelectGroup(ssl, group)) {
-                    /* Clear out all groups if not found */
-                    ret = TLSX_KeyShare_Empty(ssl);
-                    if (ret != 0)
-                        return ret;
-                }
-            }
-            else
-#endif
-            {
             /* Check if the group was sent. */
             if (TLSX_KeyShare_Find(ssl, group)) {
                 WOLFSSL_ERROR_VERBOSE(BAD_KEY_SHARE_DATA);
@@ -8816,17 +8802,6 @@ int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
                 return ret;
         }
 
-        }
-
-
-#ifdef WOLFSSL_DTLS_CH_FRAG
-        /* Check if we were able to limit the keyshare entries to one group */
-        if (ssl->options.dtlsSentEmptyKS &&
-                TLSX_KeyShare_SelectGroup(ssl, group)) {
-            /* Nothing to do */
-        }
-        else
-#endif
 #ifdef HAVE_PQC
         /* For post-quantum groups, do this in TLSX_PopulateExtensions(). */
         if (!WOLFSSL_NAMED_GROUP_IS_PQC(group))
@@ -9127,38 +9102,6 @@ int TLSX_KeyShare_Use(const WOLFSSL* ssl, word16 group, word16 len, byte* data,
     return 0;
 }
 
-/* Clear out all entries except for group
- *
- * ssl  The SSL/TLS object.
- * returns 1 when the group was found and 0 when it wasn't found.
- *  */
-int TLSX_KeyShare_SelectGroup(WOLFSSL* ssl, word16 group)
-{
-    TLSX* extension;
-    KeyShareEntry* list;
-    KeyShareEntry** prev;
-
-    /* Find the KeyShare extension if it exists. */
-    extension = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE);
-    if (extension != NULL) {
-        for (prev = (KeyShareEntry**)&extension->data,
-                list = (KeyShareEntry*)extension->data; list != NULL;
-                prev = &list->next, list = list->next) {
-            if (list->group == group) {
-                /* Unlink it from the list */
-                *prev = list->next;
-                list->next = NULL;
-                /* Free the list */
-                TLSX_KeyShare_FreeAll((KeyShareEntry*)extension->data,
-                        ssl->heap);
-                extension->data = list;
-                return 1;
-            }
-        }
-    }
-    return 0;
-}
-
 /* Set an empty Key Share extension.
  *
  * ssl  The SSL/TLS object.

src/tls13.c

@@ -4426,29 +4426,18 @@ int SendTls13ClientHello(WOLFSSL* ssl)
                 TLSX_Find(ssl->extensions, TLSX_COOKIE) == NULL) {
             /* Try again with an empty key share if we would be fragmenting
              * without a cookie */
-            TLSX* ks = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE);
+            ret = TLSX_KeyShare_Empty(ssl);
-            if (ks == NULL) {
+            if (ret != 0)
-                WOLFSSL_MSG("No key share and CH can't fit in one fragment.");
+                return ret;
-                return BUFFER_ERROR;
+            args->length = lenWithoutExts;
-            }
+            ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
-            args->length = lenWithoutExts;
+            if (ret != 0)
-            if (ssl->dtls13KSE != NULL)
-                TLSX_KeyShare_FreeAll(ssl->dtls13KSE, ssl->heap);
-            ssl->dtls13KSE = (KeyShareEntry*)ks->data;
-            ks->data = NULL;
-            ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
-            if (ret != 0) {
-                /* Restore key share data */
-                ks->data = ssl->dtls13KSE;
-                ssl->dtls13KSE = NULL;
                 return ret;
-            }
             if (args->length > maxFrag) {
                 WOLFSSL_MSG("Can't fit first CH in one fragment.");
                 return BUFFER_ERROR;
             }
             WOLFSSL_MSG("Sending empty key share so we don't fragment CH1");
-            ssl->options.dtlsSentEmptyKS = 1;
         }
 #endif
     }
@@ -4691,19 +4680,6 @@ int SendTls13ClientHello(WOLFSSL* ssl)
     if (ret == 0)
         FreeAsyncCtx(ssl, 0);
 #endif
-#ifdef WOLFSSL_DTLS_CH_FRAG
-    if ((ret == 0 || ret == WANT_WRITE) && ssl->dtls13KSE != NULL) {
-        /* Restore the keyshare */
-        TLSX* ks = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE);
-        if (ks == NULL || ks->data != NULL) {
-            WOLFSSL_MSG("Missing key share or key share data not NULL");
-            return BUFFER_ERROR;
-        }
-        WOLFSSL_MSG("Restored key share");
-        ks->data = ssl->dtls13KSE;
-        ssl->dtls13KSE = NULL;
-    }
-#endif
 
     WOLFSSL_LEAVE("SendTls13ClientHello", ret);
     WOLFSSL_END(WC_FUNC_CLIENT_HELLO_SEND);

wolfcrypt/src/logging.c

@@ -169,7 +169,7 @@ wolfSSL_Logging_cb wolfSSL_GetLoggingCb(void)
 int wolfSSL_Debugging_ON(void)
 {
 #ifdef DEBUG_WOLFSSL
-    loggingEnabled = 1;
+    loggingEnabled = 0;
 #if defined(WOLFSSL_APACHE_MYNEWT)
     log_register("wolfcrypt", &mynewt_log, &log_console_handler, NULL, LOG_SYSLEVEL);
 #endif /* WOLFSSL_APACHE_MYNEWT */

wolfssl/internal.h

@@ -3353,10 +3353,8 @@ typedef struct KeyShareEntry {
     struct KeyShareEntry* next;      /* List pointer             */
 } KeyShareEntry;
 
-WOLFSSL_LOCAL void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap);
 WOLFSSL_LOCAL int TLSX_KeyShare_Use(const WOLFSSL* ssl, word16 group,
         word16 len, byte* data, KeyShareEntry **kse, TLSX** extensions);
-WOLFSSL_LOCAL int TLSX_KeyShare_SelectGroup(WOLFSSL* ssl, word16 group);
 WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl);
 WOLFSSL_LOCAL int TLSX_KeyShare_SetSupported(const WOLFSSL* ssl,
         TLSX** extensions);
@@ -4620,9 +4618,6 @@ struct Options {
     word16            dtls:1;             /* using datagrams ? */
 #ifdef WOLFSSL_DTLS
     word16            dtlsStateful:1;     /* allow stateful processing ? */
-#endif
-#ifdef WOLFSSL_DTLS_CH_FRAG
-    word16            dtlsSentEmptyKS:1;  /* did we send an empty key share ? */
 #endif
     word16            connReset:1;        /* has the peer reset */
     word16            isClosed:1;         /* if we consider conn closed */
@@ -5621,9 +5616,6 @@ struct WOLFSSL {
     Dtls13Rtx dtls13Rtx;
     byte *dtls13ClientHello;
     word16 dtls13ClientHelloSz;
-#ifdef WOLFSSL_DTLS_CH_FRAG
-    KeyShareEntry* dtls13KSE;
-#endif
 
 #endif /* WOLFSSL_DTLS13 */
 #ifdef WOLFSSL_DTLS_CID