Update RI to match latest spec.

MCSV is now called SCSV.

Don't send SCSV if renegotiating.

Also note if RI is empty in debug messages.

1 files changed, 8 insertions, 4 deletions

diff --git a/ssl/t1_reneg.c b/ssl/t1_reneg.c
index 07fd5cb570..9c2cc3c712 100644
--- a/ssl/t1_reneg.c
+++ b/ssl/t1_reneg.c
@@ -131,7 +131,8 @@ int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
         memcpy(p, s->s3->previous_client_finished,
 	       s->s3->previous_client_finished_len);
 #ifdef OPENSSL_RI_DEBUG
-    fprintf(stderr, "RI extension sent by client\n");
+    fprintf(stderr, "%s RI extension sent by client\n",
+		s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
 #endif
         }
     
@@ -182,7 +183,8 @@ int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
         return 0;
         }
 #ifdef OPENSSL_RI_DEBUG
-    fprintf(stderr, "RI extension received by server\n");
+    fprintf(stderr, "%s RI extension received by server\n",
+				ilen ? "Non-empty" : "Empty");
 #endif
 
     s->s3->send_connection_binding=1;
@@ -214,7 +216,8 @@ int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
         memcpy(p, s->s3->previous_server_finished,
 	       s->s3->previous_server_finished_len);
 #ifdef OPENSSL_RI_DEBUG
-    fprintf(stderr, "RI extension sent by server\n");
+    fprintf(stderr, "%s RI extension sent by server\n",
+    		s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
 #endif
         }
     
@@ -280,7 +283,8 @@ int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
         return 0;
         }
 #ifdef OPENSSL_RI_DEBUG
-    fprintf(stderr, "RI extension received by client\n");
+    fprintf(stderr, "%s RI extension received by client\n",
+				ilen ? "Non-empty" : "Empty");
 #endif
     s->s3->send_connection_binding=1;