mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 11:45:42 +01:00
Server does not send out extensions not advertised by client
This commit is contained in:
parent
6888167e73
commit
677377f472
@ -1,5 +1,9 @@
|
|||||||
PolarSSL ChangeLog (Sorted per branch, date)
|
PolarSSL ChangeLog (Sorted per branch, date)
|
||||||
|
|
||||||
|
= PolarSSL 1.3 branch
|
||||||
|
Bugfix
|
||||||
|
* Server does not send out extensions not advertised by client
|
||||||
|
|
||||||
= PolarSSL 1.3.1 released on 2013-10-15
|
= PolarSSL 1.3.1 released on 2013-10-15
|
||||||
Features
|
Features
|
||||||
* Support for Brainpool curves and TLS ciphersuites (RFC 7027)
|
* Support for Brainpool curves and TLS ciphersuites (RFC 7027)
|
||||||
|
@ -342,6 +342,13 @@
|
|||||||
|
|
||||||
#define TLS_EXT_RENEGOTIATION_INFO 0xFF01
|
#define TLS_EXT_RENEGOTIATION_INFO 0xFF01
|
||||||
|
|
||||||
|
/*
|
||||||
|
* TLS extension flags (for extensions with outgoing ServerHello content
|
||||||
|
* that need it (e.g. for RENEGOTIATION_INFO the server already knows because
|
||||||
|
* of state of the renegotiation flag, so no indicator is required)
|
||||||
|
*/
|
||||||
|
#define TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Size defines
|
* Size defines
|
||||||
*/
|
*/
|
||||||
@ -546,6 +553,7 @@ struct _ssl_handshake_params
|
|||||||
int resume; /*!< session resume indicator*/
|
int resume; /*!< session resume indicator*/
|
||||||
int max_major_ver; /*!< max. major version client*/
|
int max_major_ver; /*!< max. major version client*/
|
||||||
int max_minor_ver; /*!< max. minor version client*/
|
int max_minor_ver; /*!< max. minor version client*/
|
||||||
|
int cli_exts; /*!< client extension presence*/
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_SESSION_TICKETS)
|
#if defined(POLARSSL_SSL_SESSION_TICKETS)
|
||||||
int new_session_ticket; /*!< use NewSessionTicket? */
|
int new_session_ticket; /*!< use NewSessionTicket? */
|
||||||
|
@ -1270,6 +1270,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
|
|||||||
|
|
||||||
case TLS_EXT_SUPPORTED_POINT_FORMATS:
|
case TLS_EXT_SUPPORTED_POINT_FORMATS:
|
||||||
SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) );
|
SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) );
|
||||||
|
ssl->handshake->cli_exts |= TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT;
|
||||||
|
|
||||||
ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size );
|
ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
@ -1546,7 +1547,12 @@ static void ssl_write_supported_point_formats_ext( ssl_context *ssl,
|
|||||||
unsigned char *p = buf;
|
unsigned char *p = buf;
|
||||||
((void) ssl);
|
((void) ssl);
|
||||||
|
|
||||||
*olen = 0;
|
if( ( ssl->handshake->cli_exts &
|
||||||
|
TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 )
|
||||||
|
{
|
||||||
|
*olen = 0;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) );
|
SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) );
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user