forked from rpms/openssl
d8cd5c45d8
- do not add tls extensions to client hello for SSLv3 (#422081)
18 lines
595 B
Diff
18 lines
595 B
Diff
Skip adding tls extensions to client hello when protocol version is
|
|
not TLS.
|
|
diff -up openssl-0.9.8g/ssl/t1_lib.c.no-extssl openssl-0.9.8g/ssl/t1_lib.c
|
|
--- openssl-0.9.8g/ssl/t1_lib.c.no-extssl 2007-10-19 09:44:10.000000000 +0200
|
|
+++ openssl-0.9.8g/ssl/t1_lib.c 2007-12-13 17:22:10.000000000 +0100
|
|
@@ -132,6 +132,11 @@ unsigned char *ssl_add_clienthello_tlsex
|
|
int extdatalen=0;
|
|
unsigned char *ret = p;
|
|
|
|
+ if (s->client_version != TLS1_VERSION && s->client_version != DTLS1_VERSION)
|
|
+ {
|
|
+ return ret;
|
|
+ }
|
|
+
|
|
ret+=2;
|
|
|
|
if (ret>=limit) return NULL; /* this really never occurs, but ... */
|