diff --git a/README b/README index f47cadefc..c9f11555f 100644 --- a/README +++ b/README @@ -34,7 +34,17 @@ before calling SSL_new(); Though it's not recommended. *** end Notes *** -CyaSSL Release 3.2.0 (09/10/2014) +CyaSSL intermediate Release 3.2.1c (9/30/2014) + +- Small stack improvements for at TLS/SSL layer +- Adds client side Secure Renegotiation, * not recommended * + +The CyaSSL manual is available at: +http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + +***********CyaSSL Release 3.2.0 (09/10/2014) Release 3.2.0 CyaSSL has bug fixes and new features including: diff --git a/configure.ac b/configure.ac index 89e5d07b0..415aab035 100644 --- a/configure.ac +++ b/configure.ac @@ -6,7 +6,7 @@ # # -AC_INIT([cyassl],[3.2.1b],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.wolfssl.com]) +AC_INIT([cyassl],[3.2.1c],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.wolfssl.com]) AC_CONFIG_AUX_DIR([build-aux]) diff --git a/cyassl/version.h b/cyassl/version.h index f230428d4..074c3a898 100644 --- a/cyassl/version.h +++ b/cyassl/version.h @@ -26,7 +26,7 @@ extern "C" { #endif -#define LIBCYASSL_VERSION_STRING "3.2.1b" +#define LIBCYASSL_VERSION_STRING "3.2.1c" #define LIBCYASSL_VERSION_HEX 0x03002001 #ifdef __cplusplus diff --git a/src/internal.c b/src/internal.c index e0156a653..d86f33c61 100644 --- a/src/internal.c +++ b/src/internal.c @@ -8939,6 +8939,15 @@ static void PickHashSigAlgo(CYASSL* ssl, return VERSION_ERROR; } + #ifdef HAVE_SECURE_RENEGOTIATION + if (ssl->secure_renegotiation && + ssl->secure_renegotiation->enabled && + ssl->options.handShakeDone) { + CYASSL_MSG("Server changed version during scr"); + return VERSION_ERROR; + } + #endif + if (pv.minor == SSLv3_MINOR) { /* turn off tls */ CYASSL_MSG(" downgrading to SSLv3");