diff --git a/cyassl/internal.h b/cyassl/internal.h index e02432dc4..295d8e6b0 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1261,11 +1261,12 @@ CYASSL_LOCAL word16 TLSX_WriteResponse(CYASSL* ssl, byte* output); CYASSL_LOCAL int TLSX_Parse(CYASSL* ssl, byte* input, word16 length, byte isRequest, Suites *suites); -#elif defined(HAVE_SNI) \ - || defined(HAVE_MAX_FRAGMENT) \ - || defined(HAVE_TRUNCATED_HMAC) \ - || defined(HAVE_SUPPORTED_CURVES) \ - || defined(HAVE_SECURE_RENEGOTIATION) +#elif defined(HAVE_SNI) \ + || defined(HAVE_MAX_FRAGMENT) \ + || defined(HAVE_TRUNCATED_HMAC) \ + || defined(HAVE_SUPPORTED_CURVES) \ + || defined(HAVE_SECURE_RENEGOTIATION) \ + || defined(HAVE_SESSION_TICKET) #error Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined. @@ -2069,6 +2070,7 @@ struct CYASSL { This function doesn't free an early ticket, but will erase it's reference inside the extensions. */ + byte expect_session_ticket; SessionTicket* candidate_ticket; SessionTicket* session_ticket; #endif diff --git a/src/internal.c b/src/internal.c index d86f33c61..243d52af7 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1747,6 +1747,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) #endif #ifdef HAVE_SESSION_TICKET #ifndef NO_CYASSL_CLIENT + ssl->expect_session_ticket = 0; ssl->candidate_ticket = NULL; ssl->session_ticket = NULL; #endif diff --git a/src/tls.c b/src/tls.c index 70d34aa8e..b230e56f7 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1802,12 +1802,16 @@ static word16 TLSX_SessionTicket_Write(SessionTicket* ticket, byte* output, static int TLSX_SessionTicket_Parse(CYASSL* ssl, byte* input, word16 length, byte isRequest) { - if (!isRequest) - return length != 0 ? BUFFER_ERROR : 0; - - /* TODO server side */ - (void)ssl; - (void)input; + if (!isRequest) { + if (length != 0) + return BUFFER_ERROR; + + ssl->expect_session_ticket = 1; + } + else { + /* TODO server side */ + (void)input; + } return 0; }