diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-09-14 09:44:58 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-09-18 09:14:43 +0200 |
commit | 42392c520d46485c15ae226ae4154276a1b77946 (patch) | |
tree | 21ed00ac094649c6fe5181f283fbb98ed2fd1433 | |
parent | 0bbc4fb1cc02b1d19d2452daee8d05148e567877 (diff) | |
download | gnutls-42392c520d46485c15ae226ae4154276a1b77946.tar.gz |
ecc: do not warn on receiving extension on client side
This extension can be received used under TLS 1.3 on the client side.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/ext/ecc.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/ext/ecc.c b/lib/ext/ecc.c index cfefbe8bdb..96a73f1bf1 100644 --- a/lib/ext/ecc.c +++ b/lib/ext/ecc.c @@ -123,9 +123,9 @@ _gnutls_supported_ecc_recv_params(gnutls_session_t session, unsigned min_dh; if (session->security_parameters.entity == GNUTLS_CLIENT) { - /* A client shouldn't receive this extension, but of course - * there are servers out there that send it. Just ignore it. */ - _gnutls_debug_log("received SUPPORTED ECC extension on client side!!!\n"); + /* A client shouldn't receive this extension in TLS1.2. It is + * possible to read that message under TLS1.3 as an encrypted + * extension. */ return 0; } else { /* SERVER SIDE - we must check if the sent supported ecc type is the right one */ |