diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-01-08 12:26:19 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-01-09 16:09:58 +0100 |
commit | b47bdcd966d7d56db1f0d883675b210bbc67061b (patch) | |
tree | 9adac32a345a6ab07363eb890e191b8c2fc99cb0 /NEWS | |
parent | 42d5844c33aa27fd3eb107c3bdbe45e7c7d0df7b (diff) | |
download | gnutls-b47bdcd966d7d56db1f0d883675b210bbc67061b.tar.gz |
When sending no extensions do not include a zero length
According to RFC5246:
The presence of extensions can be detected by determining whether
there are bytes following the compression_method field at the end of
the ServerHello.
and as such we correct our behavior to not send the zero length bytes.
This was our behavior in 3.5.x and 3.3.x branch, and thus this corrects
a regression of gnutls with these branches.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -15,6 +15,11 @@ See the end for copying conditions. types via the priority strings. The raw public-key mechanism must be explicitly enabled via the GNUTLS_ENABLE_RAWPK init flag. +** libgnutls: When on server or client side we are sending no extensions we do + not set an empty extensions field but we rather remove that field competely. + This solves a regression since 3.5.x and improves compatibility of the server + side with certain clients. + ** GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION was marked as deprecated. The previous definition was buggy and non-functional. |