Check SNI/ALPN in TLS 1.2/1.3 session resumptions#10489
Check SNI/ALPN in TLS 1.2/1.3 session resumptions#10489holtrop-wolfssl wants to merge 2 commits into
Conversation
|
holtrop-wolfssl
force-pushed
the
zd21798
branch
4 times, most recently
from
e312881 to
9a67c0d
Compare
|
retest this please (build hung) |
julek-wolfssl
left a comment
julek-wolfssl
left a comment
There was a problem hiding this comment.
Does this check get performed for TLS 1.3 already? If you extend it with stateless ticket support then that should also be tested in test_tls.c.
holtrop-wolfssl
force-pushed
the
zd21798
branch
2 times, most recently
from
2f5f6df to
eb7226c
Compare
|
retest this please (Build wolfSSL » PRB-fips-repo-and-harness-test-v3-part2 #10052 completed: FAILURE) |
holtrop-wolfssl
changed the title
|
retest this please (Build wolfSSL » PRB-fips-repo-and-harness-test-v3-part2 #10054 completed: FAILURE) |
wolfSSL-Fenrir-bot
left a comment
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #10489
Scan targets checked: wolfcrypt-rs-bugs, wolfssl-bugs, wolfssl-src
Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
| XMEMCMP(curHash, session->sniHash, | ||
| TICKET_BINDING_HASH_SZ) != 0) { | ||
| WOLFSSL_MSG("Resumed session SNI mismatch, full handshake"); | ||
| ssl->options.resuming = 0; |
There was a problem hiding this comment.
🔴 [High] TLS 1.2 SNI/ALPN mismatch falls through resumption setup · Logic errors
HandleTlsResumption() clears resuming on a stateful SNI/ALPN mismatch but still falls through into the live session branch, which derives keys and marks CLIENT_KEYEXCHANGE_COMPLETE instead of doing a full handshake.
Fix: Return after a binding mismatch or skip the later session-derived key setup when ssl->options.resuming is cleared.
4 participants
Description
Fixes zd#21798
Testing
How did you test?
Checklist