diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2010-01-06 17:37:38 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2010-01-06 17:37:38 +0000 |
commit | eb173308375b109dbbf2aa7ecf82b959fdc67446 (patch) | |
tree | 22effeaadac02641076cb38cac65ec07972b8f4a /ssl/ssl_lib.c | |
parent | 2708603bb46853706eb5c276e506a4323c8cce9e (diff) |
Updates to conform with draft-ietf-tls-renegotiation-03.txt:
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 549d4fb1f6..b265b4d45f 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1369,10 +1369,11 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p, j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p); p+=j; } - /* If p == q, no ciphers and caller indicates an error, otherwise - * add SCSV if not renegotiating + /* If p == q, no ciphers and caller indicates an error. Otherwise + * add SCSV if no extensions (i.e. SSL3 is client_version) + * since spec RECOMMENDS not sending both RI and SCSV. */ - if (p != q && !s->new_session) + if (p != q && !s->new_session && s->client_version == SSL3_VERSION) { static SSL_CIPHER scsv = { @@ -1418,6 +1419,13 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, (p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) && (p[n-1] == (SSL3_CK_SCSV & 0xff))) { + /* SCSV fatal if renegotiating */ + if (s->new_session) + { + SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); + goto err; + } s->s3->send_connection_binding = 1; p += n; #ifdef OPENSSL_RI_DEBUG |