X-Git-Url: https://bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fssl%2Fssl_hs_server.t0;h=bb3bc3dc3b5723306905ac1a9bdd27f03b0b3956;hp=cb0579c1d6361110ad8d046f9246fd1c87797eab;hb=81437e11754521d1120ce4aced784f3f35c3f21f;hpb=968da0f646a43c69a2517a240c9963ff513981b3;ds=inline

diff --git a/src/ssl/ssl_hs_server.t0 b/src/ssl/ssl_hs_server.t0
index cb0579c..bb3bc3d 100644
--- a/src/ssl/ssl_hs_server.t0
+++ b/src/ssl/ssl_hs_server.t0
@@ -814,6 +814,11 @@ cc: save-session ( -- ) {
 	\ we should mark the client as "supporting secure renegotiation".
 	reneg-scsv if 2 addr-reneg set8 then
 
+	\ If, at that point, the 'reneg' value is still 0, then the client
+	\ did not send the extension or the SCSV, so we have to assume
+	\ that secure renegotiation is not supported by that client.
+	addr-reneg get8 ifnot 1 addr-reneg set8 then
+
 	\ Check compression.
 	ok-compression ifnot 40 fail-alert then