TLS 1.3: ignore "early_data" extension

As 0-RTT is still not implemented in GnuTLS, the server responds with 1-RTT, by skipping decryption failure up to max_early_data_size, as suggested in 4.2.10 Early Data Detection. Resolves #512 Signed-off-by: Daiki Ueno <dueno@redhat.com>
author: Daiki Ueno <dueno@redhat.com> 2018-07-16 11:30:05 +0200
committer: Daiki Ueno <dueno@redhat.com> 2018-08-06 10:51:58 +0200
commit: 68c21a22c45cfe6ea80f542dc8ef3a9b84c1498b (patch)
tree: 8484f7d12bcd431c984e07c6f6b820faf481d371 /lib/hello_ext.c
parent: 8f90d5bd7a79b3e69145c3d2fde583d24372f143 (diff)
download: gnutls-68c21a22c45cfe6ea80f542dc8ef3a9b84c1498b.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/hello_ext.c b/lib/hello_ext.c
index f72afe77fd..ac0fc1ba03 100644
--- a/lib/hello_ext.c
+++ b/lib/hello_ext.c
@@ -51,6 +51,7 @@
 #include <ext/psk_ke_modes.h>
 #include <ext/etm.h>
 #include <ext/cookie.h>
+#include <ext/early_data.h>
 #include "extv.h"
 #include <num.h>
 
@@ -82,6 +83,7 @@ static hello_ext_entry_st const *extfunc[MAX_EXT_TYPES+1] = {
 	[GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS] = &ext_mod_sig,
 	[GNUTLS_EXTENSION_KEY_SHARE] = &ext_mod_key_share,
 	[GNUTLS_EXTENSION_COOKIE] = &ext_mod_cookie,
+	[GNUTLS_EXTENSION_EARLY_DATA] = &ext_mod_early_data,
 #ifdef ENABLE_DTLS_SRTP
 	[GNUTLS_EXTENSION_SRTP] = &ext_mod_srtp,
 #endif
author	Daiki Ueno <dueno@redhat.com>	2018-07-16 11:30:05 +0200
committer	Daiki Ueno <dueno@redhat.com>	2018-08-06 10:51:58 +0200
commit	68c21a22c45cfe6ea80f542dc8ef3a9b84c1498b (patch)
tree	8484f7d12bcd431c984e07c6f6b820faf481d371 /lib/hello_ext.c
parent	8f90d5bd7a79b3e69145c3d2fde583d24372f143 (diff)
download	gnutls-68c21a22c45cfe6ea80f542dc8ef3a9b84c1498b.tar.gz