wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

check scr cipher suite for changes

Browse Source
This commit is contained in:
toddouska
2014-09-30 12:55:15 -07:00
parent 29d4148637
commit eb42494ddd
1 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/internal.c
View File

@@ -8907,6 +8907,8 @@ static void PickHashSigAlgo(CYASSL* ssl,
word32 helloSz) word32 helloSz)
{ {
byte b; byte b;
byte cs0; /* cipher suite bytes 0, 1 */
byte cs1;
ProtocolVersion pv; ProtocolVersion pv;
byte compression; byte compression;
word32 i = *inOutIdx; word32 i = *inOutIdx;
@@ -8980,8 +8982,22 @@ static void PickHashSigAlgo(CYASSL* ssl,
if ((i - begin) + OPAQUE16_LEN + OPAQUE8_LEN > helloSz) if ((i - begin) + OPAQUE16_LEN + OPAQUE8_LEN > helloSz)
return BUFFER_ERROR; return BUFFER_ERROR;
ssl->options.cipherSuite0 = input[i++]; cs0 = input[i++];
ssl->options.cipherSuite = input[i++]; cs1 = input[i++];
#ifdef HAVE_SECURE_RENEGOTIATION
if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled &&
ssl->options.handShakeDone) {
if (ssl->options.cipherSuite0 != cs0 ||
ssl->options.cipherSuite != cs1) {
CYASSL_MSG("Server changed cipher suite during scr");
return MATCH_SUITE_ERROR;
}
}
#endif
ssl->options.cipherSuite0 = cs0;
ssl->options.cipherSuite = cs1;
compression = input[i++]; compression = input[i++];
if (compression != ZLIB_COMPRESSION && ssl->options.usingCompression) { if (compression != ZLIB_COMPRESSION && ssl->options.usingCompression) {