projects
/
BearSSL
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Added function to forget saved session parameters (for tests).
[BearSSL]
/
src
/
ssl
/
ssl_hs_client.t0
diff --git
a/src/ssl/ssl_hs_client.t0
b/src/ssl/ssl_hs_client.t0
index
cfe5f78
..
911fdfc
100644
(file)
--- a/
src/ssl/ssl_hs_client.t0
+++ b/
src/ssl/ssl_hs_client.t0
@@
-805,6
+805,13
@@
cc: DEBUG-BLOB ( addr len -- ) {
1 addr-reneg set8
then
close-elt
1 addr-reneg set8
then
close-elt
+ else
+ \ No extension received at all, so the server does not
+ \ support secure renegotiation. This is a hard failure
+ \ if the server was previously known to support it (i.e.
+ \ this is a renegotiation).
+ ext-reneg-length 5 > if ERR_BAD_SECRENEG fail then
+ 1 addr-reneg set8
then
close-elt
resume
then
close-elt
resume
@@
-1257,6
+1264,12
@@
cc: do-client-sign ( -- sig_len ) {
wait-co drop
repeat
100 send-warning
wait-co drop
repeat
100 send-warning
+ \ We rejected the renegotiation,
+ \ but the connection is not dead.
+ \ We must set back things into
+ \ working "application data" state.
+ 1 addr-application_data set8
+ 23 addr-record_type_out set8
else
do-handshake
then
else
do-handshake
then