diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-07-19 15:52:26 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-08-03 09:18:17 +0200 |
commit | d47111032f5b20eed70093d988741da5d0e69952 (patch) | |
tree | db725ee0bf90d5d500a45c681bb07445574a8b86 /lib/session_pack.c | |
parent | 5b9c6c93c680fdfa63b2854741d446ff50002510 (diff) | |
download | gnutls-d47111032f5b20eed70093d988741da5d0e69952.tar.gz |
tls1.3: server returns early on handshake when no cert is provided by client
Under TLS1.3 the server knows the negotiated keys early, if no client
certificate is sent. In that case, the server is not only able to
transmit the session ticket immediately after its finished message,
but is also able to transmit data, similarly to false start.
Resolves #481
Resolves #457
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/session_pack.c')
-rw-r--r-- | lib/session_pack.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/session_pack.c b/lib/session_pack.c index 615eb6c2a5..2ed04a8eeb 100644 --- a/lib/session_pack.c +++ b/lib/session_pack.c @@ -860,7 +860,8 @@ pack_security_parameters(gnutls_session_t session, gnutls_buffer_st * ps) size_t cur_size; if (session->security_parameters.epoch_read - != session->security_parameters.epoch_write) { + != session->security_parameters.epoch_write && + !(session->internals.hsk_flags & HSK_EARLY_START_USED)) { gnutls_assert(); return GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE; } |