lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-05 19:35:48 +03:00
Code Activity

TLS 1.3: Ignore tickets if disabled at runtime

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
2024-08-27 09:19:40 +02:00
parent bedddd707a
commit b675b2ba5d
1 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
library/ssl_msg.c
View File

@@ -5595,11 +5595,17 @@ static int ssl_tls13_handle_hs_message_post_handshake(mbedtls_ssl_context *ssl)
if (ssl_tls13_is_new_session_ticket(ssl)) { if (ssl_tls13_is_new_session_ticket(ssl)) {
#if defined(MBEDTLS_SSL_SESSION_TICKETS) #if defined(MBEDTLS_SSL_SESSION_TICKETS)
MBEDTLS_SSL_DEBUG_MSG(3, ("NewSessionTicket received")); MBEDTLS_SSL_DEBUG_MSG(3, ("NewSessionTicket received"));
if (ssl->conf->new_session_tickets_enabled ==
MBEDTLS_SSL_ENABLE_NEW_SESSION_TICKETS_ENABLED) {
ssl->keep_current_message = 1; ssl->keep_current_message = 1;
mbedtls_ssl_handshake_set_state(ssl, mbedtls_ssl_handshake_set_state(ssl,
MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET); MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET);
return MBEDTLS_ERR_SSL_WANT_READ; return MBEDTLS_ERR_SSL_WANT_READ;
} else {
MBEDTLS_SSL_DEBUG_MSG(3, ("Ignore NewSessionTicket, disabled."));
return 0;
}
#else #else
MBEDTLS_SSL_DEBUG_MSG(3, ("Ignore NewSessionTicket, not supported.")); MBEDTLS_SSL_DEBUG_MSG(3, ("Ignore NewSessionTicket, not supported."));
return 0; return 0;