Remove extended_ms field from HS param if ExtendedMS enforced

This commit is contained in:
Hanno Becker 2019-06-11 14:50:54 +01:00
parent a49ec56f51
commit 1ab322bb51
3 changed files with 6 additions and 1 deletions

View file

@ -517,7 +517,8 @@ struct mbedtls_ssl_handshake_params
#if defined(MBEDTLS_SSL_SESSION_TICKETS) #if defined(MBEDTLS_SSL_SESSION_TICKETS)
int new_session_ticket; /*!< use NewSessionTicket? */ int new_session_ticket; /*!< use NewSessionTicket? */
#endif /* MBEDTLS_SSL_SESSION_TICKETS */ #endif /* MBEDTLS_SSL_SESSION_TICKETS */
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
!defined(MBEDTLS_SSL_EXTENDED_MS_ENFORCED)
int extended_ms; /*!< use Extended Master Secret? */ int extended_ms; /*!< use Extended Master Secret? */
#endif #endif

View file

@ -2097,7 +2097,9 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
{ {
if( extended_ms_seen ) if( extended_ms_seen )
{ {
#if !defined(MBEDTLS_SSL_EXTENDED_MS_ENFORCED)
ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
#endif /* !MBEDTLS_SSL_EXTENDED_MS_ENFORCED */
} }
else if( mbedtls_ssl_conf_get_ems_enforced( ssl->conf ) == else if( mbedtls_ssl_conf_get_ems_enforced( ssl->conf ) ==
MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED ) MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED )

View file

@ -2042,7 +2042,9 @@ read_record_header:
{ {
if( extended_ms_seen ) if( extended_ms_seen )
{ {
#if !defined(MBEDTLS_SSL_EXTENDED_MS_ENFORCED)
ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
#endif /* !MBEDTLS_SSL_EXTENDED_MS_ENFORCED */
} }
else if( mbedtls_ssl_conf_get_ems_enforced( ssl->conf ) == else if( mbedtls_ssl_conf_get_ems_enforced( ssl->conf ) ==
MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED ) MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED )