Move ssl_set_fallback() to work on conf
Initially thought it would be per-connection, but since max_version is in conf too, and you need to lower that for a fallback connection, the fallback flag should be in the same place
This commit is contained in:
Manuel Pégourié-Gonnard
parent
6bf89d6ad9
commit
684b0592cb
4 changed files with 9 additions and 10 deletions
|
|
@ -733,7 +733,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
|
|||
|
||||
/* Some versions of OpenSSL don't handle it correctly if not at end */
|
||||
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
|
||||
if( ssl->fallback == MBEDTLS_SSL_IS_FALLBACK )
|
||||
if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) );
|
||||
*p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 );
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue