Only send custom extensions where we have received one in the ClientHello

We already did this for ServerHello and EncryptedExtensions. We should be doing it for Certificate and HelloRetryRequest as well. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3298)
author: Matt Caswell <matt@openssl.org> 2017-04-10 16:18:26 +0100
committer: Matt Caswell <matt@openssl.org> 2017-05-03 14:37:42 +0100
commit: 7f533d6fa1e1497e3c43630952528521b2627f53 (patch)
tree: 236d261b9cf8f0ca2746cd688c87391673a2c778
parent: 84c34ba8762463057d372e22ad98a045dbd9a51f (diff)
1 files changed, 4 insertions, 5 deletions
diff --git a/ssl/statem/extensions_cust.c b/ssl/statem/extensions_cust.c
index 6de59e2425..2a21ec492c 100644
--- a/ssl/statem/extensions_cust.c
+++ b/ssl/statem/extensions_cust.c
@@ -181,11 +181,10 @@ int custom_ext_add(SSL *s, int context, WPACKET *pkt, X509 *x, size_t chainidx,
 
         if ((context & (SSL_EXT_TLS1_2_SERVER_HELLO
                         | SSL_EXT_TLS1_3_SERVER_HELLO
-                        | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS)) != 0) {
-            /*
-             * For ServerHello/EncryptedExtensions only send extensions present
-             * in ClientHello.
-             */
+                        | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS
+                        | SSL_EXT_TLS1_3_CERTIFICATE
+                        | SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST)) != 0) {
+            /* Only send extensions present in ClientHello. */
             if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED))
                 continue;
         }
author	Matt Caswell <matt@openssl.org>	2017-04-10 16:18:26 +0100
committer	Matt Caswell <matt@openssl.org>	2017-05-03 14:37:42 +0100
commit	7f533d6fa1e1497e3c43630952528521b2627f53 (patch)
tree	236d261b9cf8f0ca2746cd688c87391673a2c778
parent	84c34ba8762463057d372e22ad98a045dbd9a51f (diff)