wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-04 14:35:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

src/internal.c: in SanityCheckMsgReceived(), gate "TLS 1.2 message order check: certificate before CKE" from 5b6f86bc8e on !WOLFSSL_NO_CLIENT_AUTH.

Browse Source
This commit is contained in:
Daniel Pouzzner
2026-01-30 22:38:44 -06:00
parent 64bdcce08d
commit f2f9d5bbe7
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/internal.c
View File

@@ -18083,12 +18083,14 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
#ifndef WOLFSSL_NO_CLIENT_AUTH
if (!ssl->options.resuming && ssl->options.verifyPeer &&
!ssl->options.usingPSK_cipher &&
!ssl->options.usingAnon_cipher &&
!ssl->msgsReceived.got_certificate) {
return OUT_OF_ORDER_E;
}
#endif
if (ssl->msgsReceived.got_certificate_verify||
ssl->msgsReceived.got_change_cipher ||
ssl->msgsReceived.got_finished) {