feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

have TLS server side verify no compression is in list if not using compression

Browse Source
This commit is contained in:
toddouska
2016-09-07 15:28:30 -07:00
parent a5db13cd01
commit 3aefc42f04
1 changed files with 19 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/internal.c
View File

@@ -18071,23 +18071,34 @@ int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
} }
#endif /* WOLFSSL_DTLS */ #endif /* WOLFSSL_DTLS */
if (ssl->options.usingCompression) { {
int match = 0; /* copmression match types */
int matchNo = 0;
int matchZlib = 0;
while (b--) { while (b--) {
byte comp = input[i++]; byte comp = input[i++];
if (comp == ZLIB_COMPRESSION) if (comp == NO_COMPRESSION) {
match = 1; matchNo = 1;
}
if (comp == ZLIB_COMPRESSION) {
matchZlib = 1;
}
} }
if (!match) { if (ssl->options.usingCompression == 0 && matchNo) {
WOLFSSL_MSG("Not matching compression, turning off"); WOLFSSL_MSG("Matched No Compression");
} else if (ssl->options.usingCompression && matchZlib) {
WOLFSSL_MSG("Matched zlib Compression");
} else if (ssl->options.usingCompression && matchNo) {
WOLFSSL_MSG("Could only match no compression, turning off");
ssl->options.usingCompression = 0; /* turn off */ ssl->options.usingCompression = 0; /* turn off */
} else {
WOLFSSL_MSG("Could not match compression");
return COMPRESSION_ERROR;
} }
} }
else
i += b; /* ignore, since we're not on */
*inOutIdx = i; *inOutIdx = i;