Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixup! (d)tls13: check if early data is possible in write_early_data

Browse Source
This commit is contained in:
Marco Oliverio
2026-01-07 14:20:35 +01:00
parent 7b9d3748cf
commit 50b39c91da
3 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
doc/dox_comments/header_files/ssl.h
View File

@@ -14430,6 +14430,8 @@ int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
\return BAD_FUNC_ARG if a pointer parameter is NULL, sz is less than 0 or
not using TLSv1.3.
\return SIDE_ERROR if called with a server.
\return BAD_STATE_E if invoked without a valid session or without a valid
PSK cb
\return WOLFSSL_FATAL_ERROR if the connection is not made.
\return the amount of early data written in bytes if successful.

8
src/tls13.c
View File

@@ -14990,8 +14990,9 @@ int wolfSSL_get_max_early_data(WOLFSSL* ssl)
* sz The size of the early data in bytes.
* outSz The number of early data bytes written.
* returns BAD_FUNC_ARG when: ssl, data or outSz is NULL; sz is negative;
* or not using TLS v1.3. SIDE ERROR when not a server. Otherwise the number of
* early data bytes written.
* or not using TLS v1.3. SIDE ERROR when not a server. BAD_STATE_E if invoked
* without a valid session or without a valid PSK CB.
* Otherwise the number of early data bytes written.
*/
int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data, int sz, int* outSz)
{
@@ -15010,8 +15011,7 @@ int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data, int sz, int* outSz)
/* Early data requires PSK or session resumption */
if (!EarlyDataPossible(ssl)) {
ssl->error = BAD_STATE_E;
return WOLFSSL_FATAL_ERROR;
return BAD_STATE_E;
}
if (ssl->options.handShakeState == NULL_STATE) {

3
tests/api/test_tls13.c
View File

@@ -764,8 +764,9 @@ int test_tls13_apis(void)
ExpectIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData,
sizeof(earlyData), &outSz), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif
/* invoking without session or psk cbs */
ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
sizeof(earlyData), &outSz), WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR));
sizeof(earlyData), &outSz), WC_NO_ERR_TRACE(BAD_STATE_E));
#endif
ExpectIntEQ(wolfSSL_read_early_data(NULL, earlyDataBuffer,