yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-25 19:45:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move renego SCSV after actual ciphersuites

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-01-22 10:49:41 +00:00
parent 34377b1e1c
commit 5d9cde25da
1 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
library/ssl_cli.c
View File

@ -633,18 +633,6 @@ static int ssl_write_client_hello( ssl_context *ssl )
// Skip writing ciphersuite length for now // Skip writing ciphersuite length for now
p += 2; p += 2;
/*
* Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
*/
#if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
#endif
{
*p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
*p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO );
n++;
}
for( i = 0; ciphersuites[i] != 0; i++ ) for( i = 0; ciphersuites[i] != 0; i++ )
{ {
ciphersuite_info = ssl_ciphersuite_from_id( ciphersuites[i] ); ciphersuite_info = ssl_ciphersuite_from_id( ciphersuites[i] );
@ -668,6 +656,18 @@ static int ssl_write_client_hello( ssl_context *ssl )
*p++ = (unsigned char)( ciphersuites[i] ); *p++ = (unsigned char)( ciphersuites[i] );
} }
/*
* Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
*/
#if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
#endif
{
*p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
*p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO );
n++;
}
/* Some versions of OpenSSL don't handle it correctly if not at end */ /* Some versions of OpenSSL don't handle it correctly if not at end */
#if defined(POLARSSL_SSL_FALLBACK_SCSV) #if defined(POLARSSL_SSL_FALLBACK_SCSV)
if( ssl->fallback == SSL_IS_FALLBACK ) if( ssl->fallback == SSL_IS_FALLBACK )