harden SSL config and session

JeremiahM37 · JeremiahM37 · commit a766dcb9482f · 2026-04-24T18:23:07.000Z
diff --git a/src/ssl.c b/src/ssl.c
@@ -5798,8 +5798,12 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
         tls13Only = 1;
         if ((ctx != NULL && !IsAtLeastTLSv1_3(ctx->method->version)) ||
                 (ssl != NULL && !IsAtLeastTLSv1_3(ssl->version))) {
-            /* Silently ignore TLS 1.3 ciphers if we don't support it. */
-            return WOLFSSL_SUCCESS;
+            /* The list is exclusively TLS 1.3 suites but the context
+             * cannot negotiate TLS 1.3. Fail so the caller knows the
+             * restriction was not applied and does not proceed with
+             * whatever default suites remain active. */
+            WOLFSSL_MSG("TLS 1.3 cipher list on non-TLS-1.3 context");
+            return WOLFSSL_FAILURE;
         }
     }
 
@@ -10053,9 +10057,9 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
         ssl->options.dtlsStateful = 0;
     #endif
     #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
-        ssl->options.noPskDheKe = 0;
+        ssl->options.noPskDheKe = ssl->ctx->noPskDheKe;
       #ifdef HAVE_SUPPORTED_CURVES
-        ssl->options.onlyPskDheKe = 0;
+        ssl->options.onlyPskDheKe = ssl->ctx->onlyPskDheKe;
       #endif
     #endif
     #ifdef HAVE_SESSION_TICKET
diff --git a/src/ssl_load.c b/src/ssl_load.c
@@ -5451,10 +5451,13 @@ int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX* ctx)
             ret = 1;
         }
     #else
-        /* OpenSSL's implementation of this API does not require loading the
-         * system CA cert directory.  Allow skipping this without erroring out.
-         */
-        ret = 1;
+        /* No source available: SSL_CERT_DIR/SSL_CERT_FILE not set and
+         * WOLFSSL_SYS_CA_CERTS not compiled in. Returning success would be
+         * fail-open since no trust anchors were loaded. */
+        WOLFSSL_MSG("wolfSSL_CTX_set_default_verify_paths: no CA source "
+                    "available (build without WOLFSSL_SYS_CA_CERTS and no "
+                    "SSL_CERT_DIR/SSL_CERT_FILE env)");
+        ret = WOLFSSL_FAILURE;
     #endif
     }
 
diff --git a/src/ssl_sess.c b/src/ssl_sess.c
@@ -1586,8 +1586,12 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
 #if !defined(OPENSSL_EXTRA) || !defined(WOLFSSL_ERROR_CODE_OPENSSL)
         return WOLFSSL_FAILURE;  /* session timed out */
 #else /* defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) */
+        /* Return success for OpenSSL compatibility but do not carry the
+         * expired session's version/cipher into ssl state, which would
+         * otherwise pin the ClientHello to stale values. */
         WOLFSSL_MSG("Session is expired but return success for "
                     "OpenSSL compatibility");
+        return WOLFSSL_SUCCESS;
 #endif
     }
     ssl->options.resuming = 1;
