WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Add a short caveat to client-tls13-resume.c

pull/288/head
Anthony Hu 2022-02-03 15:59:14 -05:00
parent 84bc92ef8d
commit 94dafcb952
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
tls/client-tls13-resume.c
View File

@ -228,7 +228,22 @@ int main(int argc, char** argv)
wolfSSL_FreeArrays(ssl); wolfSSL_FreeArrays(ssl);
#endif #endif
/* Save the session */ /* Save the session
*
* NOTE: This is not an ideal solution. Please see client-tls-resume.c.
* There you will see that we do not need to call wolfSSL_peek() because
* we have already called wolfSSL_read() before calling
* wolfSSL_get_session() so wolfSSL has already internally stored the
* session ticket. For TLS 1.2 it is fine to put wolfSSL_get_session()
* right after the connection is established because the resumption
* information is part of the TLS 1.2 handshake. This is not the case for
* TLS 1.3. However, if you are migrating from TLS 1.2 and are having a
* hard time moving your call to wolfSSL_get_session(), you can try this
* approach.
*
* This approach can result in issues with I/O and is best used with non-
* blocking mode sockets.
*/
session = wolfSSL_get_session(ssl); session = wolfSSL_get_session(ssl);
if (session == NULL) { if (session == NULL) {
printf("Session not available yet... trying peek\n"); printf("Session not available yet... trying peek\n");
@ -393,6 +408,7 @@ exit:
if (sslRes) if (sslRes)
wolfSSL_free(sslRes); /* Free the wolfSSL object */ wolfSSL_free(sslRes); /* Free the wolfSSL object */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
asdfasdfasdf
if (session) if (session)
wolfSSL_SESSION_free(session); wolfSSL_SESSION_free(session);
#endif #endif