From a70366317d898e800a3d8e2a59be4fa91cd8b4b3 Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Wed, 30 Apr 2014 10:15:38 +0200
Subject: [PATCH] Improve interop by not writing ext_len in ClientHello /
 ServerHello when 0

The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
---
 ChangeLog         | 2 ++
 library/ssl_cli.c | 9 ++++++---
 library/ssl_srv.c | 9 ++++++---
 3 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 7b14ce8c4..f3b9de1a3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,8 @@ Bugfix
    * cert_write app should use subject of issuer certificate as issuer of cert
    * Fix false reject in padding check in ssl_decrypt_buf() for CBC
      ciphersuites, for full SSL frames of data.
+   * Improve interoperability by not writing extension length in ClientHello /
+     ServerHello when no extensions are present (found by Matthew Page)
 
 = PolarSSL 1.3.6 released on 2014-04-11
 
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 0a69f4d37..cd0d8c2a7 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -651,9 +651,12 @@ static int ssl_write_client_hello( ssl_context *ssl )
     SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d",
                    ext_len ) );
 
-    *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
-    p += ext_len;
+    if( ext_len > 0 )
+    {
+        *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+        *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
+        p += ext_len;
+    }
 
     ssl->out_msglen  = p - buf;
     ssl->out_msgtype = SSL_MSG_HANDSHAKE;
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index dee6cd8ab..acf2ef24c 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1921,9 +1921,12 @@ static int ssl_write_server_hello( ssl_context *ssl )
 
     SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) );
 
-    *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
-    p += ext_len;
+    if( ext_len > 0 )
+    {
+        *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+        *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
+        p += ext_len;
+    }
 
     ssl->out_msglen  = p - buf;
     ssl->out_msgtype = SSL_MSG_HANDSHAKE;