From a636858a497904b6ab2d22c412d4a279d11bc2a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moise=CC=81s=20Guimara=CC=83es?= <moises@wolfssl.com>
Date: Sat, 3 Jun 2017 13:36:13 -0300
Subject: [PATCH] adds unsupported_extension behavior to THMAC

---
 src/tls.c | 27 +++++++++++++++------------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/src/tls.c b/src/tls.c
index 4ac34513f..bf44aad51 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -2056,21 +2056,23 @@ int TLSX_UseMaxFragment(TLSX** extensions, byte mfl, void* heap)
 static int TLSX_THM_Parse(WOLFSSL* ssl, byte* input, word16 length,
                                                                  byte isRequest)
 {
-    (void)isRequest;
-
     if (length != 0 || input == NULL)
         return BUFFER_ERROR;
 
-#ifndef NO_WOLFSSL_SERVER
-    if (isRequest) {
-        int r = TLSX_UseTruncatedHMAC(&ssl->extensions, ssl->heap);
-
-        if (r != WOLFSSL_SUCCESS)
-            return r; /* throw error */
-
-        TLSX_SetResponse(ssl, TLSX_TRUNCATED_HMAC);
+    if (!isRequest) {
+        if (TLSX_CheckUnsupportedExtension(ssl, TLSX_TRUNCATED_HMAC))
+            return TLSX_HandleUnsupportedExtension(ssl);
+    }
+    else {
+        #ifndef NO_WOLFSSL_SERVER
+            int ret = TLSX_UseTruncatedHMAC(&ssl->extensions, ssl->heap);
+
+            if (ret != WOLFSSL_SUCCESS)
+                return ret; /* throw error */
+
+            TLSX_SetResponse(ssl, TLSX_TRUNCATED_HMAC);
+        #endif
     }
-#endif
 
     ssl->truncated_hmac = 1;
 
@@ -2084,7 +2086,8 @@ int TLSX_UseTruncatedHMAC(TLSX** extensions, void* heap)
     if (extensions == NULL)
         return BAD_FUNC_ARG;
 
-    if ((ret = TLSX_Push(extensions, TLSX_TRUNCATED_HMAC, NULL, heap)) != 0)
+    ret = TLSX_Push(extensions, TLSX_TRUNCATED_HMAC, NULL, heap);
+    if (ret != 0)
         return ret;
 
     return WOLFSSL_SUCCESS;