forked from wolfSSL/wolfssl
adds unsupported_extension behavior to CSR and CSR2
This commit is contained in:
@@ -2201,8 +2201,8 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length,
|
|||||||
extension = TLSX_Find(ssl->ctx->extensions, TLSX_STATUS_REQUEST);
|
extension = TLSX_Find(ssl->ctx->extensions, TLSX_STATUS_REQUEST);
|
||||||
csr = extension ? (CertificateStatusRequest*)extension->data : NULL;
|
csr = extension ? (CertificateStatusRequest*)extension->data : NULL;
|
||||||
|
|
||||||
if (!csr)
|
if (!csr) /* unexpected extension */
|
||||||
return BUFFER_ERROR; /* unexpected extension */
|
return TLSX_HandleUnsupportedExtension(ssl);
|
||||||
|
|
||||||
/* enable extension at ssl level */
|
/* enable extension at ssl level */
|
||||||
ret = TLSX_UseCertificateStatusRequest(&ssl->extensions,
|
ret = TLSX_UseCertificateStatusRequest(&ssl->extensions,
|
||||||
@@ -2563,8 +2563,8 @@ static int TLSX_CSR2_Parse(WOLFSSL* ssl, byte* input, word16 length,
|
|||||||
csr2 = extension ?
|
csr2 = extension ?
|
||||||
(CertificateStatusRequestItemV2*)extension->data : NULL;
|
(CertificateStatusRequestItemV2*)extension->data : NULL;
|
||||||
|
|
||||||
if (!csr2)
|
if (!csr2) /* unexpected extension */
|
||||||
return BUFFER_ERROR; /* unexpected extension */
|
return TLSX_HandleUnsupportedExtension(ssl);
|
||||||
|
|
||||||
/* enable extension at ssl level */
|
/* enable extension at ssl level */
|
||||||
for (; csr2; csr2 = csr2->next) {
|
for (; csr2; csr2 = csr2->next) {
|
||||||
|
Reference in New Issue
Block a user