mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-20 18:40:59 +00:00
Improve interop by not writing ext_len in ClientHello / ServerHello when 0
The RFC also indicates that without any extensions, we should write a struct {} (empty) not an array of length zero.
This commit is contained in:
parent
c73079a78c
commit
a70366317d
|
@ -18,6 +18,8 @@ Bugfix
|
||||||
* cert_write app should use subject of issuer certificate as issuer of cert
|
* cert_write app should use subject of issuer certificate as issuer of cert
|
||||||
* Fix false reject in padding check in ssl_decrypt_buf() for CBC
|
* Fix false reject in padding check in ssl_decrypt_buf() for CBC
|
||||||
ciphersuites, for full SSL frames of data.
|
ciphersuites, for full SSL frames of data.
|
||||||
|
* Improve interoperability by not writing extension length in ClientHello /
|
||||||
|
ServerHello when no extensions are present (found by Matthew Page)
|
||||||
|
|
||||||
= PolarSSL 1.3.6 released on 2014-04-11
|
= PolarSSL 1.3.6 released on 2014-04-11
|
||||||
|
|
||||||
|
|
|
@ -651,9 +651,12 @@ static int ssl_write_client_hello( ssl_context *ssl )
|
||||||
SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d",
|
SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d",
|
||||||
ext_len ) );
|
ext_len ) );
|
||||||
|
|
||||||
|
if( ext_len > 0 )
|
||||||
|
{
|
||||||
*p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
|
*p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
|
||||||
*p++ = (unsigned char)( ( ext_len ) & 0xFF );
|
*p++ = (unsigned char)( ( ext_len ) & 0xFF );
|
||||||
p += ext_len;
|
p += ext_len;
|
||||||
|
}
|
||||||
|
|
||||||
ssl->out_msglen = p - buf;
|
ssl->out_msglen = p - buf;
|
||||||
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
|
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
|
||||||
|
|
|
@ -1921,9 +1921,12 @@ static int ssl_write_server_hello( ssl_context *ssl )
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) );
|
SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) );
|
||||||
|
|
||||||
|
if( ext_len > 0 )
|
||||||
|
{
|
||||||
*p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
|
*p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
|
||||||
*p++ = (unsigned char)( ( ext_len ) & 0xFF );
|
*p++ = (unsigned char)( ( ext_len ) & 0xFF );
|
||||||
p += ext_len;
|
p += ext_len;
|
||||||
|
}
|
||||||
|
|
||||||
ssl->out_msglen = p - buf;
|
ssl->out_msglen = p - buf;
|
||||||
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
|
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
|
||||||
|
|
Loading…
Reference in a new issue