diff options
-rw-r--r-- | lib/record.c | 17 | ||||
-rw-r--r-- | lib/tls13/post_handshake.c | 3 |
2 files changed, 16 insertions, 4 deletions
diff --git a/lib/record.c b/lib/record.c index ce0ecb672a..ed82db20a5 100644 --- a/lib/record.c +++ b/lib/record.c @@ -838,7 +838,7 @@ record_add_to_buffers(gnutls_session_t session, */ gnutls_assert(); ret = GNUTLS_E_WARNING_ALERT_RECEIVED; - if (ver->tls13_sem || bufel->msg.data[0] == GNUTLS_AL_FATAL) { + if ((ver && ver->tls13_sem) || bufel->msg.data[0] == GNUTLS_AL_FATAL) { session_unresumable(session); session_invalidate(session); ret = @@ -875,8 +875,19 @@ record_add_to_buffers(gnutls_session_t session, goto unexpected_packet; } + /* In TLS1.3 post-handshake authentication allow application + * data error code. */ + if ((ver && ver->tls13_sem) && type == GNUTLS_HANDSHAKE && + htype == GNUTLS_HANDSHAKE_CERTIFICATE_PKT && + session->internals.initial_negotiation_completed) { + _gnutls_record_buffer_put(session, recv->type, + seq, bufel); + return + gnutls_assert_val + (GNUTLS_E_GOT_APPLICATION_DATA); + } - /* the got_application data is only returned + /* The got_application data is only returned * if expecting client hello (for rehandshake * reasons). Otherwise it is an unexpected packet */ @@ -944,7 +955,7 @@ record_add_to_buffers(gnutls_session_t session, } /* retrieve async handshake messages */ - if (ver->tls13_sem) { + if (ver && ver->tls13_sem) { gnutls_buffer_st buf; _gnutls_ro_buffer_from_datum(&buf, &bufel->msg); diff --git a/lib/tls13/post_handshake.c b/lib/tls13/post_handshake.c index ddab66f9a3..c550c198a7 100644 --- a/lib/tls13/post_handshake.c +++ b/lib/tls13/post_handshake.c @@ -214,7 +214,8 @@ int _gnutls13_reauth_server(gnutls_session_t session) * * The former two interrupt the authentication procedure due to the transport * layer being interrupted, and the latter because there were pending data prior - * to peer initiating the re-authentication. + * to peer initiating the re-authentication. The server should read/process that + * data as unauthenticated and retry calling gnutls_reauth(). * * When this function is called under TLS1.2 or earlier or the peer didn't * advertise post-handshake auth, it always fails with |