From f41df13ec8b77414ff8e682d8234c089bd24e7e9 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Mon, 7 May 2018 09:52:32 +0200
Subject: handshake: do not send TLS extensions under DTLS and vice versa

That is, introduce the notion of TLS-only and DTLS-only extensions,
providing a framework to prevent sending extensions which are registered
for example for TLS 1.3, under DTLS and vice versa.

Resolves #440

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 lib/ext/srp.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'lib/ext/srp.c')

diff --git a/lib/ext/srp.c b/lib/ext/srp.c
index 2c1ab90d1a..73c7936655 100644
--- a/lib/ext/srp.c
+++ b/lib/ext/srp.c
@@ -47,8 +47,7 @@ const hello_ext_entry_st ext_mod_srp = {
 	.tls_id = 12,
 	.gid = GNUTLS_EXTENSION_SRP,
 	.parse_type = GNUTLS_EXT_TLS,
-	.validity = GNUTLS_EXT_FLAG_CLIENT_HELLO,
-
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO,
 	.recv_func = _gnutls_srp_recv_params,
 	.send_func = _gnutls_srp_send_params,
 	.pack_func = _gnutls_srp_pack,
-- 
cgit v1.2.1