lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

Forbid extended master secret with SSLv3

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard
2014-10-24 15:12:31 +02:00
parent dd4592774b
commit b575b54cb9
3 changed files with 31 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
library/ssl_srv.c
View File

@ -648,8 +648,11 @@ static int ssl_parse_extended_ms_ext( ssl_context *ssl,
((void) buf);
if( ssl->extended_ms == SSL_EXTENDED_MS_ENABLED )
if( ssl->extended_ms == SSL_EXTENDED_MS_ENABLED &&
ssl->minor_ver != SSL_MINOR_VERSION_0 )
{
ssl->handshake->extended_ms = SSL_EXTENDED_MS_ENABLED;
}
return( 0 );
}
@ -1686,7 +1689,8 @@ static void ssl_write_extended_ms_ext( ssl_context *ssl,
{
unsigned char *p = buf;
if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_DISABLED )
if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_DISABLED ||
ssl->minor_ver == SSL_MINOR_VERSION_0 )
{
*olen = 0;
return;