Secure renegotiation extension should only be sent in case client supports secure renegotiation

2025-01-23 09:41:08 +00:00 · 2013-06-06 11:22:13 +02:00 · 2013-06-06 11:22:13 +02:00 · 7c3c3899cf
parent 822e958bb2
commit 7c3c3899cf
2 changed files with 27 additions and 19 deletions
--- a/5
+++ b/5
@ -1,5 +1,10 @@
 PolarSSL ChangeLog

+= Branch 1.2
+Bugfix
+   * Secure renegotiation extension should only be sent in case client
+     supports secure renegotiation
+
 = Version 1.2.7 released 2013-04-13
 Features
   * Ability to specify allowed ciphersuites based on the protocol version.
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -864,31 +864,34 @@ static int ssl_write_server_hello( ssl_context *ssl )
    SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d",
                   ssl->session_negotiate->compression ) );

-    SSL_DEBUG_MSG( 3, ( "server hello, prepping for secure renegotiation extension" ) );
-    ext_len += 5 + ssl->verify_data_len * 2;
+    if( ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION )
+    {
+        SSL_DEBUG_MSG( 3, ( "server hello, prepping for secure renegotiation extension" ) );
+        ext_len += 5 + ssl->verify_data_len * 2;

-    SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d",
-                   ext_len ) );
+        SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d",
+                       ext_len ) );

-    *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
+        *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+        *p++ = (unsigned char)( ( ext_len      ) & 0xFF );

-    /*
-     * Secure renegotiation
-     */
-    SSL_DEBUG_MSG( 3, ( "client hello, secure renegotiation extension" ) );
+        /*
+         * Secure renegotiation
+         */
+        SSL_DEBUG_MSG( 3, ( "client hello, secure renegotiation extension" ) );

-    *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO      ) & 0xFF );
+        *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
+        *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO      ) & 0xFF );

-    *p++ = 0x00;
-    *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF;
-    *p++ = ssl->verify_data_len * 2 & 0xFF;
+        *p++ = 0x00;
+        *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF;
+        *p++ = ssl->verify_data_len * 2 & 0xFF;

-    memcpy( p, ssl->peer_verify_data, ssl->verify_data_len );
-    p += ssl->verify_data_len;
-    memcpy( p, ssl->own_verify_data, ssl->verify_data_len );
-    p += ssl->verify_data_len;
+        memcpy( p, ssl->peer_verify_data, ssl->verify_data_len );
+        p += ssl->verify_data_len;
+        memcpy( p, ssl->own_verify_data, ssl->verify_data_len );
+        p += ssl->verify_data_len;
+    }

    ssl->out_msglen  = p - buf;
    ssl->out_msgtype = SSL_MSG_HANDSHAKE;