[gnutls-devel] GnuTLS | update tlsfuzzer scripts to latest version (!774)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Tue Oct 16 11:42:18 CEST 2018
Tom started a new discussion on lib/handshake.c:
> - /* if we are resuming then the KX seen doesn't match the original */
> + /* sanity check:
> + * we see TLS1.3 negotiated but no key share was sent */
> + if (ver->tls13_sem) {
> + if (unlikely(!(session->internals.hsk_flags & HSK_PSK_KE_MODE_PSK) &&
> + !(session->internals.hsk_flags & HSK_KEY_SHARE_RECEIVED))) {
> + return gnutls_assert_val(GNUTLS_E_MISSING_EXTENSION);
> + }
> +
> + /* Under TLS1.3 this returns a KX which matches the negotiated
> + * groups from the key shares; if we are resuming then the KX seen
> + * here doesn't match the original session. */
> if (session->internals.resumed == RESUME_FALSE)
> kx = gnutls_kx_get(session);
> + else
> + kx = 0;
`gnutls_kx_get()` returns a `gnutls_kx_algorithm_t` type. I think it would be more readable to use constants from this type instead of constant literals. In this case `GNUTLS_KX_UNKNOWN` instead of `0`.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/774#note_109084651
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181016/cfc8ae76/attachment-0001.html>
More information about the Gnutls-devel
mailing list