diff options
| author |   jsing <jsing@openbsd.org> | 2020-01-24 04:47:13 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2020-01-24 04:47:13 +0000 |
| commit | 3365064d97206a2c5016d3e3f249b3f2d944e6ff (patch) | |
| tree | 4899020f3521808ee7f36692c4e5cb7b63e87ef7 /lib/libssl/tls13_server.c | |
| parent | mesh(4) is old world and only new world macppc hardware is supported. (diff) | |
| download | wireguard-openbsd-3365064d97206a2c5016d3e3f249b3f2d944e6ff.tar.xz wireguard-openbsd-3365064d97206a2c5016d3e3f249b3f2d944e6ff.zip | |
Store the legacy session identifier from the ClientHello so we can actually
echo it.
ok beck@ tb@
Diffstat (limited to 'lib/libssl/tls13_server.c')
| -rw-r--r-- | lib/libssl/tls13_server.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c index aeeea599bcf..a5a39d092cc 100644 --- a/lib/libssl/tls13_server.c +++ b/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.14 2020/01/24 04:43:09 jsing Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.15 2020/01/24 04:47:13 jsing Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> * Copyright (c) 2020 Bob Beck <beck@openbsd.org> @@ -223,6 +223,15 @@ tls13_client_hello_process(struct tls13_ctx *ctx, CBS *cbs) goto err; } + /* Store legacy session identifier so we can echo it. */ + if (CBS_len(&session_id) > sizeof(ctx->hs->legacy_session_id)) { + ctx->alert = SSL_AD_ILLEGAL_PARAMETER; + goto err; + } + if (!CBS_write_bytes(&session_id, ctx->hs->legacy_session_id, + sizeof(ctx->hs->legacy_session_id), &ctx->hs->legacy_session_id_len)) + goto err; + /* Parse cipher suites list and select preferred cipher. */ if ((ciphers = ssl_bytes_to_cipher_list(s, &cipher_suites)) == NULL) { ctx->alert = SSL_AD_ILLEGAL_PARAMETER; |