eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Forbid extended master secret with SSLv3

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-10-24 15:12:31 +02:00
parent dd4592774b
commit b575b54cb9
3 changed files with 31 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

8
library/ssl_srv.c
View file

@ -648,8 +648,11 @@ static int ssl_parse_extended_ms_ext( ssl_context *ssl,
((void) buf);
if( ssl->extended_ms == SSL_EXTENDED_MS_ENABLED )
if( ssl->extended_ms == SSL_EXTENDED_MS_ENABLED &&
ssl->minor_ver != SSL_MINOR_VERSION_0 )
{
ssl->handshake->extended_ms = SSL_EXTENDED_MS_ENABLED;
}
return( 0 );
}
@ -1686,7 +1689,8 @@ static void ssl_write_extended_ms_ext( ssl_context *ssl,
{
unsigned char *p = buf;
if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_DISABLED )
if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_DISABLED ||
ssl->minor_ver == SSL_MINOR_VERSION_0 )
{
*olen = 0;
return;