lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

TLS 1.3: SRV: Don't select ephemeral mode on resumption

Browse Source 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit is contained in:
Pengyu Lv
2023-01-18 17:32:34 +08:00
parent f8e50a9607
commit dadeb20383
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
library/ssl_tls13_server.c
View File

@ -982,7 +982,8 @@ MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl) static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl)
{ {
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
return mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) && return !ssl->handshake->resume &&
mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) &&
ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(ssl); ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(ssl);
#else #else
((void) ssl); ((void) ssl);