summaryrefslogtreecommitdiffstats
path: root/ssl/statem/extensions_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssl/statem/extensions_clnt.c')
-rw-r--r--ssl/statem/extensions_clnt.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 6bc3d0da8e..d569f3b84e 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1397,6 +1397,12 @@ int tls_parse_stoc_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
int tls_parse_stoc_status_request(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx)
{
+ if (context == SSL_EXT_TLS1_3_CERTIFICATE_REQUEST) {
+ /* We ignore this if the server sends a CertificateRequest */
+ /* TODO(TLS1.3): Add support for this */
+ return 1;
+ }
+
/*
* MUST only be sent if we've requested a status
* request message. In TLS <= 1.2 it must also be empty.
@@ -1435,6 +1441,12 @@ int tls_parse_stoc_status_request(SSL *s, PACKET *pkt, unsigned int context,
int tls_parse_stoc_sct(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
size_t chainidx)
{
+ if (context == SSL_EXT_TLS1_3_CERTIFICATE_REQUEST) {
+ /* We ignore this if the server sends it in a CertificateRequest */
+ /* TODO(TLS1.3): Add support for this */
+ return 1;
+ }
+
/*
* Only take it if we asked for it - i.e if there is no CT validation
* callback set, then a custom extension MAY be processing it, so we
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-10 08:28:28 +0000