diff options
Diffstat (limited to 'tests/tls13/hello_retry_request.c')
-rw-r--r-- | tests/tls13/hello_retry_request.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/tests/tls13/hello_retry_request.c b/tests/tls13/hello_retry_request.c index f90d4ad676..dd4506b6f9 100644 --- a/tests/tls13/hello_retry_request.c +++ b/tests/tls13/hello_retry_request.c @@ -69,9 +69,13 @@ static void client_log_func(int level, const char *str) fprintf(stderr, "client|<%d>| %s", level, str); } +#define HANDSHAKE_SESSION_ID_POS 34 + struct ctx_st { unsigned hrr_seen; unsigned hello_counter; + uint8_t session_id[32]; + size_t session_id_len; }; static int hello_callback(gnutls_session_t session, unsigned int htype, @@ -84,12 +88,28 @@ static int hello_callback(gnutls_session_t session, unsigned int htype, ctx->hrr_seen = 1; if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && post == GNUTLS_HOOK_POST) { + size_t session_id_len; + uint8_t *session_id; + + assert(msg->size > HANDSHAKE_SESSION_ID_POS + 1); + session_id_len = msg->data[HANDSHAKE_SESSION_ID_POS]; + session_id = &msg->data[HANDSHAKE_SESSION_ID_POS + 1]; + if (ctx->hello_counter > 0) { assert(msg->size > 4); if (msg->data[0] != 0x03 || msg->data[1] != 0x03) { fail("version is %d.%d expected 3,3\n", (int)msg->data[0], (int)msg->data[1]); } + + if (session_id_len != ctx->session_id_len || + memcmp(session_id, ctx->session_id, session_id_len) != 0) { + fail("different legacy_session_id is sent after HRR\n"); + } } + + ctx->session_id_len = session_id_len; + memcpy(ctx->session_id, session_id, session_id_len); + ctx->hello_counter++; } |