Skip to content

Commit 9d11f91

Browse files
julek-wolfssljulek-wolfssl
committed
fixup! DTLS 1.3: don't echo legacy_session_id in ServerHello
1 parent 6f6af91 commit 9d11f91

1 file changed

Lines changed: 8 additions & 0 deletions

File tree

tests/api/test_dtls.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2622,11 +2622,17 @@ int test_dtls13_no_session_id_echo(void)
26222622
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
26232623
WOLFSSL_SESSION *sess = NULL;
26242624
char readBuf[1];
2625+
/* Use traditional groups to avoid HRR from PQ key share mismatch */
2626+
int groups[] = {
2627+
WOLFSSL_ECC_SECP256R1,
2628+
WOLFSSL_ECC_SECP384R1,
2629+
};
26252630

26262631
/* First connection: complete a DTLS 1.3 handshake to get a session */
26272632
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
26282633
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
26292634
wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
2635+
ExpectIntEQ(wolfSSL_set_groups(ssl_c, groups, 2), WOLFSSL_SUCCESS);
26302636
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
26312637

26322638
/* Read to process any NewSessionTicket */
@@ -2655,6 +2661,8 @@ int test_dtls13_no_session_id_echo(void)
26552661
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
26562662
wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
26572663
ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
2664+
/* Use traditional groups to avoid HRR from key share mismatch */
2665+
ExpectIntEQ(wolfSSL_set_groups(ssl_c, groups, 2), WOLFSSL_SUCCESS);
26582666
/* Disable HRR cookie so the server directly sends a ServerHello */
26592667
ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS);
26602668

0 commit comments

Comments
 (0)