handshake: check SCSVs prior to resuming a session

This ensures that extensions which are also available as SCSVs are parsed prior to resuming a session. This resolves an issue with openssl sending SCSV instead of an extension for the safe renegotiation. Relates #259 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-09-06 15:11:00 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-09-07 14:39:21 +0200
commit: ac664b9e4b98c4c220b9fc21e080361141945697 (patch)
tree: fc0bd762cdcabf9a17ae9d7d3568cd72564bc6be /lib/handshake.h
parent: bc952033c60a45b14d0515fc30a7f65c22708a5c (diff)
download: gnutls-ac664b9e4b98c4c220b9fc21e080361141945697.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/handshake.h b/lib/handshake.h
index 3e24c2aeb2..41a2e9d32a 100644
--- a/lib/handshake.h
+++ b/lib/handshake.h
@@ -38,7 +38,7 @@ int _gnutls_set_client_random(gnutls_session_t session, uint8_t * rnd);
 
 int _gnutls_find_pk_algos_in_ciphersuites(uint8_t * data, int datalen);
 int _gnutls_server_select_suite(gnutls_session_t session, uint8_t * data,
-				unsigned int datalen);
+				unsigned int datalen, unsigned int scsv_only);
 
 int _gnutls_negotiate_version(gnutls_session_t session,
 			      gnutls_protocol_t adv_version, uint8_t major, uint8_t minor);
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-09-06 15:11:00 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-09-07 14:39:21 +0200
commit	ac664b9e4b98c4c220b9fc21e080361141945697 (patch)
tree	fc0bd762cdcabf9a17ae9d7d3568cd72564bc6be /lib/handshake.h
parent	bc952033c60a45b14d0515fc30a7f65c22708a5c (diff)
download	gnutls-ac664b9e4b98c4c220b9fc21e080361141945697.tar.gz