diff options
author | Daiki Ueno <dueno@redhat.com> | 2018-07-16 11:30:05 +0200 |
---|---|---|
committer | Daiki Ueno <dueno@redhat.com> | 2018-08-06 10:51:58 +0200 |
commit | 68c21a22c45cfe6ea80f542dc8ef3a9b84c1498b (patch) | |
tree | 8484f7d12bcd431c984e07c6f6b820faf481d371 /lib/tls13 | |
parent | 8f90d5bd7a79b3e69145c3d2fde583d24372f143 (diff) | |
download | gnutls-68c21a22c45cfe6ea80f542dc8ef3a9b84c1498b.tar.gz |
TLS 1.3: ignore "early_data" extension
As 0-RTT is still not implemented in GnuTLS, the server responds with
1-RTT, by skipping decryption failure up to max_early_data_size, as
suggested in 4.2.10 Early Data Detection.
Resolves #512
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Diffstat (limited to 'lib/tls13')
-rw-r--r-- | lib/tls13/session_ticket.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/lib/tls13/session_ticket.c b/lib/tls13/session_ticket.c index 184c0ac271..8087ba7a8b 100644 --- a/lib/tls13/session_ticket.c +++ b/lib/tls13/session_ticket.c @@ -27,6 +27,7 @@ #include "mbuffers.h" #include "ext/pre_shared_key.h" #include "ext/session_ticket.h" +#include "ext/early_data.h" #include "auth/cert.h" #include "tls13/session_ticket.h" #include "session_pack.h" @@ -329,7 +330,14 @@ cleanup: static int parse_nst_extension(void *ctx, unsigned tls_id, const unsigned char *data, unsigned data_size) { - /* ignore all extensions */ + gnutls_session_t session = ctx; + if (tls_id == ext_mod_early_data.tls_id) { + uint32_t size; + if (data_size < 4) + return gnutls_assert_val(GNUTLS_E_TLS_PACKET_DECODING_ERROR); + size = _gnutls_read_uint32(data); + session->security_parameters.max_early_data_size = size; + } return 0; } @@ -382,7 +390,7 @@ int _gnutls13_recv_session_ticket(gnutls_session_t session, gnutls_buffer_st *bu return gnutls_assert_val(ret); /* Extensions */ - ret = _gnutls_extv_parse(NULL, parse_nst_extension, buf->data, buf->length); + ret = _gnutls_extv_parse(session, parse_nst_extension, buf->data, buf->length); if (ret < 0) return gnutls_assert_val(ret); |