arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-19 23:22:16 +03:00
Code

WiFiClientSecure: don't use the broken max_fragment_length extension (#4033)

Browse Source 
axTLS does not correctly implement max_fragment_length extension. This
causes servers which understand this extension (currently GnuTLS- and
WolfSSL-based) to reject the client hello.

Until this is fixed in axTLS, remove the call to enable this extension
from WiFiClientSecure.

Fixes https://github.com/esp8266/Arduino/issues/3932.
This commit is contained in:
Ivan Grokhotkov 2017-12-28 05:45:49 +01:00 committed by Develo
parent a7984b65dc
commit 3838e58f62
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
libraries/ESP8266WiFi/src/WiFiClientSecure.cpp
View File

@ -113,7 +113,6 @@ public:
{ {
SSL_EXTENSIONS* ext = ssl_ext_new(); SSL_EXTENSIONS* ext = ssl_ext_new();
ssl_ext_set_host_name(ext, hostName); ssl_ext_set_host_name(ext, hostName);
ssl_ext_set_max_fragment_size(ext, 4096);
if (_ssl) { if (_ssl) {
/* Creating a new TLS session on top of a new TCP connection. /* Creating a new TLS session on top of a new TCP connection.
ssl_free will want to send a close notify alert, but the old TCP connection ssl_free will want to send a close notify alert, but the old TCP connection