TLS 1.3: SRV: Don't select ephemeral mode on resumption
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit is contained in:
parent
f8e50a9607
commit
dadeb20383
1 changed files with 2 additions and 1 deletions
|
@ -982,7 +982,8 @@ MBEDTLS_CHECK_RETURN_CRITICAL
|
|||
static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl)
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
|
||||
return mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) &&
|
||||
return !ssl->handshake->resume &&
|
||||
mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) &&
|
||||
ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(ssl);
|
||||
#else
|
||||
((void) ssl);
|
||||
|
|
Loading…
Reference in a new issue