diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-03-01 08:12:31 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-03-01 08:12:31 +0000 |
commit | 3d9d7856e8f4616e7dc2e689ca653bdb212c6714 (patch) | |
tree | 0410a54174301b69214a3515915bc52d2e3ace43 | |
parent | ae6a062107cd8f8ab6e507544daec18ed2fa2759 (diff) | |
download | gnutls-3d9d7856e8f4616e7dc2e689ca653bdb212c6714.tar.gz |
No extensions are now sent if SSL 3.0 is the only protocol advertized.
-rw-r--r-- | lib/gnutls_handshake.c | 47 |
1 files changed, 26 insertions, 21 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index f9624b66fb..f4429c5502 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -335,13 +335,15 @@ int _gnutls_read_client_hello(GNUTLS_STATE state, opaque * data, } /* Parse the extensions (if any) - */ - ret = _gnutls_parse_extensions(state, &data[pos], len); /* len is the rest of the parsed length */ - if (ret < 0) { - gnutls_assert(); - return ret; + */ + if (ret >= GNUTLS_TLS1) { + ret = _gnutls_parse_extensions(state, &data[pos], len); /* len is the rest of the parsed length */ + if (ret < 0) { + gnutls_assert(); + return ret; + } } - + /* select an appropriate cipher suite */ ret = _gnutls_server_select_suite(state, suite_ptr, sizeOfSuites); @@ -1286,10 +1288,12 @@ static int _gnutls_read_server_hello(GNUTLS_STATE state, char *data, /* Parse extensions. */ - ret = _gnutls_parse_extensions(state, &data[pos], len); /* len is the rest of the parsed length */ - if (ret < 0) { - gnutls_assert(); - return ret; + if (version >= GNUTLS_TLS1) { + ret = _gnutls_parse_extensions(state, &data[pos], len); /* len is the rest of the parsed length */ + if (ret < 0) { + gnutls_assert(); + return ret; + } } return ret; } @@ -1547,20 +1551,21 @@ static int _gnutls_send_client_hello(GNUTLS_STATE state, int again) /* Generate and copy TLS extensions. */ - extdatalen = _gnutls_gen_extensions(state, &extdata); - if (extdatalen > 0) { - datalen += extdatalen; - data = gnutls_realloc(data, datalen); - if (data == NULL) { - gnutls_assert(); + if (hver >= GNUTLS_TLS1) { + extdatalen = _gnutls_gen_extensions(state, &extdata); + if (extdatalen > 0) { + datalen += extdatalen; + data = gnutls_realloc(data, datalen); + if (data == NULL) { + gnutls_assert(); + gnutls_free(extdata); + return GNUTLS_E_MEMORY_ERROR; + } + + memcpy(&data[pos], extdata, extdatalen); gnutls_free(extdata); - return GNUTLS_E_MEMORY_ERROR; } - - memcpy(&data[pos], extdata, extdatalen); - gnutls_free(extdata); } - } ret = |