summaryrefslogtreecommitdiff
path: root/lib/ext/pre_shared_key.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/ext/pre_shared_key.c')
-rw-r--r--lib/ext/pre_shared_key.c26
1 files changed, 10 insertions, 16 deletions
diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
index 10e5d0a2e3..8338550389 100644
--- a/lib/ext/pre_shared_key.c
+++ b/lib/ext/pre_shared_key.c
@@ -398,7 +398,7 @@ static int server_recv_params(gnutls_session_t session,
memcpy(identity_str, psk.identity.data, psk.identity.size);
identity_str[psk.identity.size] = 0;
- ret = _gnutls_psk_pwd_find_entry(session, identity_str, &key);
+ ret = _gnutls_psk_pwd_find_entry(session, pskcred, identity_str, &key);
if (ret < 0)
return gnutls_assert_val(ret);
@@ -487,13 +487,6 @@ static int server_recv_params(gnutls_session_t session,
goto fail;
}
- if (session->internals.hsk_flags & HSK_PSK_KE_MODE_DHE_PSK)
- _gnutls_handshake_log("EXT[%p]: Selected DHE-PSK mode\n", session);
- else {
- reset_cand_groups(session);
- _gnutls_handshake_log("EXT[%p]: Selected PSK mode\n", session);
- }
-
/* save the username in psk_auth_info to make it available
* using gnutls_psk_server_get_username() */
if (psk_kind == PSK) {
@@ -589,10 +582,11 @@ static int _gnutls_psk_send_params(gnutls_session_t session,
if (!session->internals.session_ticket_enable && !session->internals.priorities->have_psk)
return 0;
- if (session->internals.hsk_flags & HSK_PSK_KE_MODES_RECEIVED)
- return server_send_params(session, extdata);
- else
+ /* No overlapping key exchange modes */
+ if (session->internals.psk_ke_modes_size == 0)
return 0;
+
+ return server_send_params(session, extdata);
}
}
@@ -625,12 +619,12 @@ static int _gnutls_psk_recv_params(gnutls_session_t session,
return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
}
} else {
- if (session->internals.hsk_flags & HSK_PSK_KE_MODES_RECEIVED) {
- if (session->internals.hsk_flags & HSK_PSK_KE_MODE_INVALID) {
- /* We received a "psk_ke_modes" extension, but with a value we don't support */
- return 0;
- }
+ if (session->internals.hsk_flags & HSK_PSK_KE_MODE_INVALID) {
+ /* We received a "psk_ke_modes" extension, but with a value we don't support */
+ return 0;
+ }
+ if (session->internals.psk_ke_modes_size > 0) {
pskcred = (gnutls_psk_server_credentials_t)
_gnutls_get_cred(session, GNUTLS_CRD_PSK);
View Lorry Controller Status