diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-07-31 16:03:25 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-07-31 16:06:04 +0200 |
commit | 1b771578e75b0193a1639a84bb4625b287c65439 (patch) | |
tree | 8a341b2ae290ba4b24f3f996aaab63ec13f8bc01 | |
parent | 469b94f4ae73a61738af6a2e6bb6270598b002e7 (diff) | |
download | gnutls-1b771578e75b0193a1639a84bb4625b287c65439.tar.gz |
safe renegotiation: handle case where client didn't send any extension
That was affected by the "don't try to send extensions we didn't receive".
-rw-r--r-- | lib/ext/safe_renegotiation.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/ext/safe_renegotiation.c b/lib/ext/safe_renegotiation.c index 30049360ff..1586589d5d 100644 --- a/lib/ext/safe_renegotiation.c +++ b/lib/ext/safe_renegotiation.c @@ -60,6 +60,10 @@ _gnutls_ext_sr_finished(gnutls_session_t session, void *vdata, &epriv); if (ret < 0) { gnutls_assert(); + /* if a client didn't advertise safe renegotiation, we treat + * it as disabled. */ + if (session->security_parameters.entity == GNUTLS_SERVER) + return 0; return ret; } priv = epriv; |