From e28073163a398604311fb5128e54cde46c1b7cfc Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Fri, 17 Aug 2018 14:43:30 +0200 Subject: gnutls_session_resumption_requested: fixed behavior under TLS1.3 This makes gnutls_session_resumption_requested() functional under TLS1.3 and introduces a unit test of the function. Resolves #546 Signed-off-by: Nikos Mavrogiannopoulos --- lib/ext/pre_shared_key.c | 2 ++ lib/gnutls_int.h | 5 ++++- tests/resume.c | 6 ++++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c index b2f24bc3ba..f3bd9c5973 100644 --- a/lib/ext/pre_shared_key.c +++ b/lib/ext/pre_shared_key.c @@ -493,6 +493,8 @@ static int server_recv_params(gnutls_session_t session, (ret = _gnutls13_unpack_session_ticket(session, &psk.identity, &ticket_data)) == 0) { prf = ticket_data.prf; + session->internals.resumption_requested = 1; + /* Check whether ticket is stale or not */ ticket_age = psk.ob_ticket_age - ticket_data.age_add; if (ticket_age < 0) { diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 925759049c..f4dc71bb3c 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -1091,7 +1091,10 @@ typedef struct { /* resumed session */ bool resumed; /* RESUME_TRUE or FALSE - if we are resuming a session */ - bool resumption_requested; /* non-zero if resumption was requested by client */ + + /* server side: non-zero if resumption was requested by client + * client side: non-zero if we set resumption parameters */ + bool resumption_requested; security_parameters_st resumed_security_parameters; gnutls_datum_t resumption_data; /* copy of input to gnutls_session_set_data() */ diff --git a/tests/resume.c b/tests/resume.c index c0217b5dc0..953c017388 100644 --- a/tests/resume.c +++ b/tests/resume.c @@ -355,6 +355,12 @@ static void verify_server_params(gnutls_session_t session, unsigned counter, str } } + if (counter > 0) { + if (gnutls_session_resumption_requested(session) == 0) { + fail("client did not request resumption!\n"); + } + } + if (params->no_early_start) { if (gnutls_session_get_flags(session) & GNUTLS_SFLAGS_EARLY_START) { fail("early start did happen on %d but was not expected!\n", counter); -- cgit v1.2.1