diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-02 17:25:17 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-02 17:25:17 +0200 |
commit | f53a08e106cbc21cf898ae93ad776ce321e5b1bf (patch) | |
tree | 444aa546a09c441fd300843f2895a2bcae495376 /lib/algorithms | |
parent | aaece215838e66f0bd1d0eebdc3ec539d1c3eefb (diff) | |
download | gnutls-f53a08e106cbc21cf898ae93ad776ce321e5b1bf.tar.gz |
Set a default supported curve
RFC4492 and draft-ietf-tls-rfc4492bis-17 mention:
"A client that proposes ECC cipher suites may choose not to include these
extensions. In this case, the server is free to choose any one of
the elliptic curves or point formats listed in Section 5."
As such, we set a default curve to be used in the case the
server encounters a handshake with no supported groups/curves
extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/algorithms')
-rw-r--r-- | lib/algorithms/ciphersuites.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index 141597d92a..ae5dba1c09 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -1411,6 +1411,15 @@ _gnutls_figure_common_ciphersuite(gnutls_session_t session, return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES); } + /* If we didn't receive the supported_groups extension, then + * we should assume that SECP256R1 is supported; that is required + * by RFC4492, probably to allow SSLv2 hellos negotiate elliptic curve + * ciphersuites */ + if (session->internals.cand_ec_group == NULL && + _gnutls_extension_list_check(session, GNUTLS_EXTENSION_SUPPORTED_ECC) < 0) { + session->internals.cand_ec_group = _gnutls_id_to_group(DEFAULT_EC_GROUP); + } + if (session->internals.priorities->server_precedence == 0) { for (i = 0; i < peer_clist->size; i++) { _gnutls_debug_log("checking %.2x.%.2x (%s) for compatibility\n", |