diff options
| author | Daiki Ueno <dueno@redhat.com> | 2018-06-01 15:04:49 +0200 |
|---|---|---|
| committer | Daiki Ueno <dueno@redhat.com> | 2018-06-05 15:01:50 +0200 |
| commit | fd8ea5d9d6c3e3fed5bfce325ac7580761bf7645 (patch) | |
| tree | 6b046f574723883eaed7f45b6c252f3cefa3cfd6 | |
| parent | 12a62dd105208ff5a1bc2e1c52d095c399dc4893 (diff) | |
| download | gnutls-tmp-session-ticket-incompatible.tar.gz | |
tls13/session_ticket: don't send ticket when no common KE modestmp-session-ticket-incompatible
When the server had received psk_key_exchange_modes extension which
doesn't have any overlap with the server configuration, omit to send
NewSessionTicket.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
| -rw-r--r-- | lib/ext/psk_ke_modes.c | 2 | ||||
| -rw-r--r-- | lib/tls13/session_ticket.c | 6 | ||||
| -rw-r--r-- | tests/session-tickets-missing.c | 32 |
3 files changed, 27 insertions, 13 deletions
diff --git a/lib/ext/psk_ke_modes.c b/lib/ext/psk_ke_modes.c index 281ca0a1a6..dacfba7ef6 100644 --- a/lib/ext/psk_ke_modes.c +++ b/lib/ext/psk_ke_modes.c @@ -118,7 +118,7 @@ psk_ke_modes_recv_params(gnutls_session_t session, int cli_dhpsk_pos = MAX_POS; unsigned i; - /* Server doesn't send psk_key_exchange_modes */ + /* Client doesn't receive psk_key_exchange_modes */ if (session->security_parameters.entity == GNUTLS_CLIENT) return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION); diff --git a/lib/tls13/session_ticket.c b/lib/tls13/session_ticket.c index d98475094a..8515b9cb19 100644 --- a/lib/tls13/session_ticket.c +++ b/lib/tls13/session_ticket.c @@ -230,6 +230,12 @@ int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned again) if (session->internals.flags & GNUTLS_NO_TICKETS) return gnutls_assert_val(0); + /* If we received the psk_key_exchange_modes extension which + * does not have overlap with the server configuration, don't + * send a session ticket */ + if (session->internals.hsk_flags & HSK_PSK_KE_MODE_INVALID) + return gnutls_assert_val(0); + if (again == 0) { memset(&ticket, 0, sizeof(tls13_ticket_t)); diff --git a/tests/session-tickets-missing.c b/tests/session-tickets-missing.c index a767cbfd37..9db194904f 100644 --- a/tests/session-tickets-missing.c +++ b/tests/session-tickets-missing.c @@ -94,13 +94,15 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, #define MAX_BUF 1024 -static void client(int fd, const char *prio) +static void client(int fd, const char *prio, unsigned int flags) { int ret; gnutls_certificate_credentials_t x509_cred; gnutls_session_t session; /* Need to enable anonymous KX specifically. */ + flags |= GNUTLS_CLIENT; + gnutls_global_set_time_function(mytime); global_init(); @@ -113,7 +115,7 @@ static void client(int fd, const char *prio) /* Initialize TLS session */ - gnutls_init(&session, GNUTLS_CLIENT|GNUTLS_NO_TICKETS); + gnutls_init(&session, flags); assert(gnutls_priority_set_direct(session, prio, NULL)>=0); @@ -171,17 +173,15 @@ static void terminate(void) exit(1); } -static void server(int fd, const char *prio, unsigned server_no_tickets) +static void server(int fd, const char *prio, unsigned int flags) { int ret; char buffer[MAX_BUF + 1]; gnutls_session_t session; gnutls_certificate_credentials_t x509_cred; gnutls_datum_t skey = {NULL, 0}; - unsigned int flags = GNUTLS_SERVER; - if (server_no_tickets) - flags |= GNUTLS_NO_TICKETS; + flags |= GNUTLS_SERVER; /* this must be called once in the program */ @@ -200,7 +200,7 @@ static void server(int fd, const char *prio, unsigned server_no_tickets) assert(gnutls_init(&session, flags)>=0); - if (!server_no_tickets) { + if (!(flags & GNUTLS_NO_TICKETS)) { assert(gnutls_session_ticket_key_generate(&skey)>=0); assert(gnutls_session_ticket_enable_server(session, &skey) >= 0); } @@ -263,7 +263,7 @@ static void ch_handler(int sig) } static -void start(const char *prio, unsigned server_no_tickets) +void start2(const char *prio, const char *sprio, unsigned int flags, unsigned int sflags) { int fd[2]; int ret, status = 0; @@ -290,24 +290,32 @@ void start(const char *prio, unsigned server_no_tickets) if (child) { /* parent */ close(fd[1]); - server(fd[0], prio, server_no_tickets); + server(fd[0], sprio, sflags); waitpid(child, &status, 0); check_wait_status(status); } else { close(fd[0]); - client(fd[1], prio); + client(fd[1], prio, flags); exit(0); } return; } +static +void start(const char *prio, unsigned int flags) +{ + start2(prio, prio, GNUTLS_NO_TICKETS, flags); +} + void doit(void) { start("NORMAL:-VERS-ALL:+VERS-TLS1.2", 0); /* Under TLS 1.3 session tickets are not negotiated; they are - * "always sent unless server sets GNUTLS_NO_TICKETS */ - start("NORMAL:-VERS-ALL:+VERS-TLS1.3", 1); + * always sent unless server sets GNUTLS_NO_TICKETS... */ + start("NORMAL:-VERS-ALL:+VERS-TLS1.3", GNUTLS_NO_TICKETS); + /* ...or there is no overlap between PSK key exchange modes */ + start2("NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK:-DHE-PSK", "NORMAL:-VERS-ALL:+VERS-TLS1.3", 0, 0); start("NORMAL", 0); } |