Should exclude PSK_DHE mode when key_share is null
sshock opened this issue · 0 comments
sshock commented
The ptls_context_t
key_exchanges
can be set to NULL to force PSK-only mode.
In this scenario, the client key_share_ctx
is NULL
, so encode_client_hello
does not include any key_share entries.
So far so good. But encode_client_hello
still includes PSK_DHE in the PSK_KEY_EXCHANGE_MODES, even though that mode won't be able to work.
In practice this hasn't caused any issues for me, but it would probably be good to exclude that mode in this scenario.