Improve interop by not writing ext_len in ClientHello when 0

The RFC also indicates that without any extensions, we should write a struct {} (empty) not an array of length zero.
2025-01-23 23:01:10 +00:00 · 2014-07-08 16:24:56 +02:00 · 2014-07-08 16:24:56 +02:00 · 838ed3c74d
parent 6993284ece
commit 838ed3c74d
2 changed files with 7 additions and 2 deletions
--- a/2
+++ b/2
@ -49,6 +49,8 @@ Bugfix
   * Some example server programs were not sending the close_notify alert.
   * Potential memory leak in mpi_exp_mod() when error occurs during
     calculation of RR.
+   * Improve interoperability by not writing extension length in ClientHello
+     when no extensions are present (found by Matthew Page)

 = Version 1.2.10 released 2013-10-07
 Changes
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -212,8 +212,11 @@ static int ssl_write_client_hello( ssl_context *ssl )
    SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d",
                   ext_len ) );

-    *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
-    *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
+    if( ext_len > 0 )
+    {
+        *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+        *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
+    }

    if ( ssl->hostname != NULL )
    {