feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #2726 from ejohnstown/maint-ren

Browse Source 
Maintenance: Secure Renegotiation
This commit is contained in:
toddouska
2020-01-09 14:54:13 -08:00
committed by GitHub
parent 11a0b117f8 1f0f3eb97d
commit 3ea69676eb
1 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/internal.c
View File

@@ -16528,6 +16528,23 @@ int SendCertificateStatus(WOLFSSL* ssl)
#endif /* WOLFSSL_NO_TLS12 */
/* If secure renegotiation is disabled, this will always return false.
* Otherwise it checks to see if we are currently renegotiating. */
static WC_INLINE int IsSCR(WOLFSSL* ssl)
{
#ifndef HAVE_SECURE_RENEGOTIATION
(void)ssl;
#else /* HAVE_SECURE_RENEGOTIATION */
if (ssl->secure_renegotiation &&
ssl->secure_renegotiation->enabled &&
ssl->options.handShakeState != HANDSHAKE_DONE)
return 1;
#endif /* HAVE_SECURE_RENEGOTIATION */
return 0;
}
int SendData(WOLFSSL* ssl, const void* data, int sz)
{
int sent = 0, /* plainText size */
@@ -16569,7 +16586,7 @@ int SendData(WOLFSSL* ssl, const void* data, int sz)
}
else
#endif
if (ssl->options.handShakeState != HANDSHAKE_DONE) {
if (ssl->options.handShakeState != HANDSHAKE_DONE && !IsSCR(ssl)) {
int err;
WOLFSSL_MSG("handshake not complete, trying to finish");
if ( (err = wolfSSL_negotiate(ssl)) != WOLFSSL_SUCCESS) {