If legacy renegotiation is not permitted then send a fatal alert if a patched

server attempts to renegotiate with an unpatched client.
author: Dr. Stephen Henson <steve@openssl.org> 2010-01-22 18:49:43 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2010-01-22 18:49:43 +0000
commit: 6899d9bbf60469c1d16c9f72d2ef0f835f0e7caf (patch)
tree: 1938e903622a8570f97d69763909d58ab6d2df7b /ssl
parent: cf876a98939e6ef0925120ffe4bfbc2bfdf74bc4 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index a3bb3aef1e..789447e115 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -248,6 +248,18 @@ int ssl3_accept(SSL *s)
 				s->state=SSL3_ST_SR_CLNT_HELLO_A;
 				s->ctx->stats.sess_accept++;
 				}
+			else if (!s->s3->send_connection_binding &&
+				!(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+				{
+				/* Server attempting to renegotiate with
+				 * client that doesn't support secure
+				 * renegotiation.
+				 */
+				SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+				ret = -1;
+				goto end;
+				}
 			else
 				{
 				/* s->state == SSL_ST_RENEGOTIATE,
author	Dr. Stephen Henson <steve@openssl.org>	2010-01-22 18:49:43 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2010-01-22 18:49:43 +0000
commit	6899d9bbf60469c1d16c9f72d2ef0f835f0e7caf (patch)
tree	1938e903622a8570f97d69763909d58ab6d2df7b /ssl
parent	cf876a98939e6ef0925120ffe4bfbc2bfdf74bc4 (diff)