Skip to content

Check ctx extensions before rejecting a TLS1.3 certificate message extension#10936

Open
aidangarske wants to merge 1 commit into
wolfSSL:masterfrom
aidangarske:fix-tls13-ctx-status-request
Open

Check ctx extensions before rejecting a TLS1.3 certificate message extension#10936
aidangarske wants to merge 1 commit into
wolfSSL:masterfrom
aidangarske:fix-tls13-ctx-status-request

Conversation

@aidangarske

@aidangarske aidangarske commented Jul 16, 2026

Copy link
Copy Markdown
Member

wolfSSL_CTX_UseOCSPStapling() stores status_request on ctx->extensions, and nothing copies it to ssl->extensions. The ClientHello is written from the CTX, so the extension is offered, but the RFC 8446 4.4.2 check in TLSX_Parse() only searched ssl->extensions and killed the server's staple:

Parsing 1836 bytes of cert extensions
Cert-msg extension not offered in CH/CR
SendAlert: 110 unsupported_extension   -> -429

So OCSP stapling over TLS 1.3 fails for any client that uses the CTX-level API. TLS 1.2 takes a different path and is unaffected. TLSX_CheckUnsupportedExtension() already does this ssl-then-ctx lookup; this call site now matches it.

Found by wolfssl-examples ocsp/stapling, which uses the documented CTX API. Currently pointing OCSP testing here till merged

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes a TLS 1.3 interoperability bug where Certificate message extensions (notably OCSP stapling’s status_request) were incorrectly rejected when the client enabled them via the CTX-level API (ctx->extensions) instead of the SSL-level list (ssl->extensions). This aligns the RFC 8446 §4.4.2 “only accept what was offered” check with existing behavior elsewhere (e.g., TLSX_CheckUnsupportedExtension()), allowing TLS 1.3 OCSP stapling to work for clients using wolfSSL_CTX_UseOCSPStapling().

Changes:

  • Extend the TLS 1.3 Certificate-message extension “was it offered?” check to look in ssl->ctx->extensions when not found in ssl->extensions.
  • Add a defensive ssl->ctx == NULL guard before dereferencing ssl->ctx->extensions.
  • Update the inline comment to document why CTX-level lookup is necessary at this call site.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions

Copy link
Copy Markdown

@aidangarske

aidangarske commented Jul 16, 2026

Copy link
Copy Markdown
Member Author

Jenkins retest this please

@Frauschi Frauschi left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants