Server does not send out extensions not advertised by client

ChangeLog

@@ -1,5 +1,9 @@
 PolarSSL ChangeLog (Sorted per branch, date)
 
+= PolarSSL 1.3 branch
+Bugfix
+   * Server does not send out extensions not advertised by client
+
 = PolarSSL 1.3.1 released on 2013-10-15
 Features
    * Support for Brainpool curves and TLS ciphersuites (RFC 7027)

include/polarssl/ssl.h

@@ -342,6 +342,13 @@
 
 #define TLS_EXT_RENEGOTIATION_INFO      0xFF01
 
+/*
+ * TLS extension flags (for extensions with outgoing ServerHello content
+ * that need it (e.g. for RENEGOTIATION_INFO the server already knows because
+ * of state of the renegotiation flag, so no indicator is required)
+ */
+#define TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
+
 /*
  * Size defines
  */
@@ -546,6 +553,7 @@ struct _ssl_handshake_params
     int resume;                         /*!<  session resume indicator*/
     int max_major_ver;                  /*!< max. major version client*/
     int max_minor_ver;                  /*!< max. minor version client*/
+    int cli_exts;                       /*!< client extension presence*/
 
 #if defined(POLARSSL_SSL_SESSION_TICKETS)
     int new_session_ticket;             /*!< use NewSessionTicket?    */

library/ssl_srv.c

@@ -1270,6 +1270,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
 
         case TLS_EXT_SUPPORTED_POINT_FORMATS:
             SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) );
+            ssl->handshake->cli_exts |= TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT;
 
             ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size );
             if( ret != 0 )
@@ -1546,7 +1547,12 @@ static void ssl_write_supported_point_formats_ext( ssl_context *ssl,
     unsigned char *p = buf;
     ((void) ssl);
 
-    *olen = 0;
+    if( ( ssl->handshake->cli_exts &
+          TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 )
+    {
+        *olen = 0;
+        return;
+    }
 
     SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) );