lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

Implement (partial) renego delay on client

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard
2014-08-19 13:58:40 +02:00
parent f07f421759
commit 44ade654c5
2 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
library/ssl_cli.c
View File

@ -904,6 +904,16 @@ static int ssl_parse_server_hello( ssl_context *ssl )
{
if( ssl->renegotiation == SSL_RENEGOTIATION )
{
ssl->renego_records_seen++;
if( ssl->renego_max_records >= 0 &&
ssl->renego_records_seen > ssl->renego_max_records )
{
SSL_DEBUG_MSG( 1, ( "renegotiation requested, "
"but not honored by server" ) );
return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
}
SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) );
return( POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO );
}