Bug 1790357: ECH client - Discard resumption TLS < 1.3 Session(IDs|Tickets) if ECH configs are setup. r=djackson

Differential Revision: https://phabricator.services.mozilla.com/D157110
author: Leander Schwarz <lschwarz@mozilla.com> 2023-01-16 17:56:45 +0000
committer: Leander Schwarz <lschwarz@mozilla.com> 2023-01-16 17:56:45 +0000
commit: cf55859f44ab6f15a2e0d0c66c29c313e38b3070 (patch)
tree: bda932acea2d8e41c92945cde4b3c463784f6809 /lib
parent: 8fbccd58013ff02d09c796ac1fbdbdf2382747e6 (diff)
download: nss-hg-cf55859f44ab6f15a2e0d0c66c29c313e38b3070.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
index e05dc0612..103e41581 100644
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -5352,6 +5352,14 @@ ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type)
             if (!suite || !ssl3_config_match(suite, ss->ssl3.policy, &vrange, ss)) {
                 sidOK = PR_FALSE;
             }
+
+            /* Check that no (valid) ECHConfigs are setup in combination with a
+             * (resumable) TLS < 1.3 session id. */
+            if (!PR_CLIST_IS_EMPTY(&ss->echConfigs)) {
+                /* If there are ECH configs, the client must not resume but
+                 * offer ECH. */
+                sidOK = PR_FALSE;
+            }
         }
 
         /* Check that we can recover the master secret. */
author	Leander Schwarz <lschwarz@mozilla.com>	2023-01-16 17:56:45 +0000
committer	Leander Schwarz <lschwarz@mozilla.com>	2023-01-16 17:56:45 +0000
commit	cf55859f44ab6f15a2e0d0c66c29c313e38b3070 (patch)
tree	bda932acea2d8e41c92945cde4b3c463784f6809 /lib
parent	8fbccd58013ff02d09c796ac1fbdbdf2382747e6 (diff)
download	nss-hg-cf55859f44ab6f15a2e0d0c66c29c313e38b3070.tar.gz