client and server fix for TLS ECH

Author: sebastian-carpenter

src/internal.c

@@ -8623,8 +8623,6 @@ void wolfSSL_ResourceFree(WOLFSSL* ssl)
     /* try to free the ech hashes in case we errored out */
     ssl->hsHashes = ssl->hsHashesEch;
     FreeHandshakeHashes(ssl);
-    ssl->hsHashes = ssl->hsHashesEchInner;
-    FreeHandshakeHashes(ssl);
 #endif
     XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN);
 

src/tls.c

@@ -13584,6 +13584,8 @@ static int TLSX_ECH_Parse(WOLFSSL* ssl, const byte* readBuf, word16 size,
     }
     /* HRR with special confirmation */
     else if (msgType == hello_retry_request && ssl->options.useEch) {
+        /* TODO: confirmation may not exist -> segfault? */
+        printf("\n\ngot special confirmation\n\n\n");
         /* length must be 8 */
         if (size != ECH_ACCEPT_CONFIRMATION_SZ)
             return BAD_FUNC_ARG;
@@ -14439,6 +14441,7 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore,
                 WOLFSSL_MSG("ECH extension to write");
                 ret = ECH_WRITE((WOLFSSL_ECH*)extension->data, msgType,
                     output + offset, &offset);
+                fprintf(stderr, "\t\thit this\n");
                 break;
 #endif
             default: