From 42392c520d46485c15ae226ae4154276a1b77946 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 14 Sep 2017 09:44:58 +0200
Subject: ecc: do not warn on receiving extension on client side

This extension can be received used under TLS 1.3 on the client side.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 lib/ext/ecc.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/ext/ecc.c b/lib/ext/ecc.c
index cfefbe8bdb..96a73f1bf1 100644
--- a/lib/ext/ecc.c
+++ b/lib/ext/ecc.c
@@ -123,9 +123,9 @@ _gnutls_supported_ecc_recv_params(gnutls_session_t session,
 	unsigned min_dh;
 
 	if (session->security_parameters.entity == GNUTLS_CLIENT) {
-		/* A client shouldn't receive this extension, but of course
-		 * there are servers out there that send it. Just ignore it. */
-		_gnutls_debug_log("received SUPPORTED ECC extension on client side!!!\n");
+		/* A client shouldn't receive this extension in TLS1.2. It is
+		 * possible to read that message under TLS1.3 as an encrypted
+		 * extension. */
 		return 0;
 	} else {		/* SERVER SIDE - we must check if the sent supported ecc type is the right one 
 				 */
-- 
cgit v1.2.1