If legacy renegotiation is not permitted then send a fatal alert if a patched

server attempts to renegotiate with an unpatched client.

If legacy renegotiation is not permitted then send a fatal alert if a patched
server attempts to renegotiate with an unpatched client.
3a88efd4 · Dr. Stephen Henson · 3243698f · 3a88efd4
隐藏空白更改
内联并排

Showing with 12 addition and 0 deletion

ssl/s3_srvr.c ssl/s3_srvr.c +12 -0

未找到文件。
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -271,6 +271,18 @@ int ssl3_accept(SSL *s)
 				s->state=SSL3_ST_SR_CLNT_HELLO_A;
 				s->ctx->stats.sess_accept++;
 				}
+			else if (!s->s3->send_connection_binding &&
+				!(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+				{
+				/* Server attempting to renegotiate with
+				 * client that doesn't support secure
+				 * renegotiation.
+				 */
+				SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+				ret = -1;
+				goto end;
+				}
 			else
 				{
 				/* s->state == SSL_ST_RENEGOTIATE,