diff options
author | Daiki Ueno <dueno@redhat.com> | 2018-07-16 11:30:05 +0200 |
---|---|---|
committer | Daiki Ueno <dueno@redhat.com> | 2018-08-06 10:51:58 +0200 |
commit | 68c21a22c45cfe6ea80f542dc8ef3a9b84c1498b (patch) | |
tree | 8484f7d12bcd431c984e07c6f6b820faf481d371 /lib/hello_ext.c | |
parent | 8f90d5bd7a79b3e69145c3d2fde583d24372f143 (diff) | |
download | gnutls-68c21a22c45cfe6ea80f542dc8ef3a9b84c1498b.tar.gz |
TLS 1.3: ignore "early_data" extension
As 0-RTT is still not implemented in GnuTLS, the server responds with
1-RTT, by skipping decryption failure up to max_early_data_size, as
suggested in 4.2.10 Early Data Detection.
Resolves #512
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Diffstat (limited to 'lib/hello_ext.c')
-rw-r--r-- | lib/hello_ext.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/hello_ext.c b/lib/hello_ext.c index f72afe77fd..ac0fc1ba03 100644 --- a/lib/hello_ext.c +++ b/lib/hello_ext.c @@ -51,6 +51,7 @@ #include <ext/psk_ke_modes.h> #include <ext/etm.h> #include <ext/cookie.h> +#include <ext/early_data.h> #include "extv.h" #include <num.h> @@ -82,6 +83,7 @@ static hello_ext_entry_st const *extfunc[MAX_EXT_TYPES+1] = { [GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS] = &ext_mod_sig, [GNUTLS_EXTENSION_KEY_SHARE] = &ext_mod_key_share, [GNUTLS_EXTENSION_COOKIE] = &ext_mod_cookie, + [GNUTLS_EXTENSION_EARLY_DATA] = &ext_mod_early_data, #ifdef ENABLE_DTLS_SRTP [GNUTLS_EXTENSION_SRTP] = &ext_mod_srtp, #endif |