BUFFER_APPEND_NUM(ps, session->security_parameters.pversion->id);
+ BUFFER_APPEND_NUM(ps, session->security_parameters.client_ctype);
+ BUFFER_APPEND_NUM(ps, session->security_parameters.server_ctype);
+
/* if we are under TLS 1.3 do not pack keys or params negotiated using an extension
* they are not necessary */
if (!session->security_parameters.pversion->tls13_sem) {
BUFFER_APPEND(ps, session->security_parameters.cs->id, 2);
- BUFFER_APPEND_NUM(ps, session->security_parameters.client_ctype);
- BUFFER_APPEND_NUM(ps, session->security_parameters.server_ctype);
-
BUFFER_APPEND_PFX1(ps, session->security_parameters.master_secret,
GNUTLS_MASTER_SIZE);
BUFFER_APPEND_PFX1(ps, session->security_parameters.client_random,
NULL)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+ BUFFER_POP_NUM(ps,
+ session->internals.resumed_security_parameters.
+ client_ctype);
+ BUFFER_POP_NUM(ps,
+ session->internals.resumed_security_parameters.
+ server_ctype);
+
if (!session->internals.resumed_security_parameters.pversion->tls13_sem) {
BUFFER_POP(ps, cs, 2);
session->internals.resumed_security_parameters.cs = ciphersuite_to_entry(cs);
if (session->internals.resumed_security_parameters.cs == NULL)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
- BUFFER_POP_NUM(ps,
- session->internals.resumed_security_parameters.
- client_ctype);
- BUFFER_POP_NUM(ps,
- session->internals.resumed_security_parameters.
- server_ctype);
-
/* master secret */
ret = _gnutls_buffer_pop_datum_prefix8(ps, &t);
if (ret < 0) {
#if defined(USE_X509)
unsigned int l;
+ if (gnutls_certificate_type_get(session) != GNUTLS_CRT_X509)
+ fail("did not find the expected X509 certificate type! (%d)\n", gnutls_certificate_type_get(session));
+
if (counter == 0 && gnutls_certificate_get_ours(session) == NULL)
fail("no certificate returned on server side (%s)\n", counter?"resumed session":"first session");
else if (counter != 0 && gnutls_certificate_get_ours(session) != NULL)