While not clearly motivated by normative language in RFC 8446 it seems
clear that an empty opaque ticket value is non-operable, and so we
should reject it with an appropriate alert/error.
This allows removing the SendEmptySessionTicket-TLS13 BoGo test from the
bogo excluded tests configuration.
Fixes #70513
Updates #72006
Change-Id: I589b34e86fb1eb27a349a230e920c22284597cde
Reviewed-on: https://go-review.googlesource.com/c/go/+/650735
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: Daniel McCarney <daniel@binaryparadox.net>
"PostQuantumNotEnabledByDefaultInClients": "We do enable it by default!",
"*-Kyber-TLS13": "We don't support Kyber, only ML-KEM (BoGo bug ignoring AllCurves?)",
- "SendEmptySessionTicket-TLS13": "https://github.com/golang/go/issues/70513",
-
"*-SignDefault-*": "TODO, partially it encodes BoringSSL defaults, partially we might be missing some implicit behavior of a missing flag",
"V2ClientHello-*": "We don't support SSLv2",
return errors.New("tls: received a session ticket with invalid lifetime")
}
+ if len(msg.label) == 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: received a session ticket with empty opaque ticket label")
+ }
+
// RFC 9001, Section 4.6.1
if c.quic != nil && msg.maxEarlyData != 0 && msg.maxEarlyData != 0xffffffff {
c.sendAlert(alertIllegalParameter)