diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 688eb52018..b0a835f4e3 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2484,7 +2484,7 @@ static int ssl_tls13_parse_new_session_ticket_exts( mbedtls_ssl_context *ssl, const unsigned char *p = buf; - handshake->received_extensions = MBEDTLS_SSL_EXT_NONE; + handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE; while( p < end ) { @@ -2500,30 +2500,24 @@ static int ssl_tls13_parse_new_session_ticket_exts( mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, extension_data_len ); ret = mbedtls_ssl_tls13_check_received_extension( - ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, extension_type, - MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CH ); + ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, extension_type, + MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_NST ); if( ret != 0 ) return( ret ); switch( extension_type ) { - case MBEDTLS_TLS_EXT_EARLY_DATA: - MBEDTLS_SSL_DEBUG_MSG( 4, ( "early_data extension received" ) ); - break; - default: - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "NewSessionTicket : received %s(%u) extension ( ignored )", - mbedtls_tls13_get_extension_name( extension_type ), - extension_type ) ); + MBEDTLS_SSL_PRINT_EXT_TYPE( + 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, + extension_type, "( ignored )" ); break; } p += extension_data_len; } - MBEDTLS_SSL_TLS1_3_PRINT_EXTS( - 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, handshake->received_extensions ); + MBEDTLS_SSL_PRINT_RECEIVED_EXTS( 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET ); return( 0 ); } diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 607347d730..f31e7ab89e 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2832,6 +2832,8 @@ static int ssl_tls13_write_new_session_ticket_body( mbedtls_ssl_context *ssl, * Note: We currently don't have any extensions. * Set length to zero. */ + ssl->handshake->sent_extensions = MBEDTLS_SSL_EXT_MASK_NONE; + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); MBEDTLS_PUT_UINT16_BE( 0, p, 0 ); p += 2;