mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #6283 from cconlon/tls13resume12

Browse Source 
In SendTls13ClientHello() only send Session ID for sessions being resumed (< TLS 1.3)
This commit is contained in:
Sean Parkinson 2023-04-17 12:21:11 +10:00 committed by GitHub
commit 50e15dbb36
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/tls13.c
View File

@ -4084,7 +4084,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
ssl->options.tls13MiddleBoxCompat = 1;
}
#else
if (ssl->session->sessionIDSz > 0)
if (ssl->options.resuming && ssl->session->sessionIDSz > 0)
args->length += ssl->session->sessionIDSz;
#endif
@ -4229,10 +4229,16 @@ int SendTls13ClientHello(WOLFSSL* ssl)
if (ssl->session->sessionIDSz > 0) {
/* Session resumption for old versions of protocol. */
args->output[args->idx++] = ID_LEN;
XMEMCPY(args->output + args->idx, ssl->session->sessionID,
ssl->session->sessionIDSz);
args->idx += ID_LEN;
if (ssl->options.resuming) {
args->output[args->idx++] = ID_LEN;
XMEMCPY(args->output + args->idx, ssl->session->sessionID,
ssl->session->sessionIDSz);
args->idx += ID_LEN;
}
else {
/* Not resuming, zero length session ID */
args->output[args->idx++] = 0;
}
}
else {
#ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT