lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Server: enforce renegotiation

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard
2013-10-30 16:41:45 +01:00
parent 9c1e1898b6
commit 6d8404d6ba
3 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
library/ssl_tls.c
View File

@ -3990,6 +3990,8 @@ static int ssl_write_hello_request( ssl_context *ssl )
return( ret );
}
ssl->renegotiation = SSL_RENEGOTIATION_PENDING;
SSL_DEBUG_MSG( 2, ( "<= write hello request" ) );
return( 0 );
@ -4175,6 +4177,12 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
return( POLARSSL_ERR_NET_WANT_READ );
}
}
else if( ssl->renegotiation == SSL_RENEGOTIATION_PENDING )
{
SSL_DEBUG_MSG( 1, ( "renegotiation requested, "
"but not honored by client" ) );
return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
}
else if( ssl->in_msgtype != SSL_MSG_APPLICATION_DATA )
{
SSL_DEBUG_MSG( 1, ( "bad application data message" ) );