From b145aab6b2808a28fb98c34f7030f7a6235c52d5 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 30 Nov 2018 14:14:27 -0800 Subject: [PATCH] Server Side Renegotiation 1. Fix testing issue with a client using the SCSV cipher suite to indicate desire for renegotiation. 2. Add indication to both the server and client examples that the renegotiation was successful. --- examples/client/client.c | 3 +++ examples/server/server.c | 4 +++- src/internal.c | 1 + 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/examples/client/client.c b/examples/client/client.c index b2d9574c2..502db65e2 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -2780,6 +2780,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) wolfSSL_CTX_free(ctx); ctx = NULL; err_sys("wolfSSL_Rehandshake failed"); } + else { + printf("RENEGOTIATION SUCCESSFUL\n"); + } } } #endif /* HAVE_SECURE_RENEGOTIATION */ diff --git a/examples/server/server.c b/examples/server/server.c index eb94934cb..ab44fa8b9 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -1995,7 +1995,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) } else { if (wolfSSL_Rehandshake(ssl) != WOLFSSL_SUCCESS) { printf("not doing secure renegotiation\n"); - + } + else { + printf("RENEGOTIATION SUCCESSFUL\n"); } } } diff --git a/src/internal.c b/src/internal.c index 0ec0ec393..281bab816 100644 --- a/src/internal.c +++ b/src/internal.c @@ -23667,6 +23667,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions); if (ret != WOLFSSL_SUCCESS) return ret; + ssl->secure_renegotiation->enabled = 1; } #endif /* HAVE_SERVER_RENEGOTIATION_INFO */