mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix to not send OCSP stapling extensions in client_hello when not enabled. Fix for typo in WOLFSSL_SHUTDOWN_NOT_DONE.

Browse Source
This commit is contained in:
David Garske 2017-10-19 11:18:34 -07:00
parent 06f564dea3
commit e904a38092
2 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/tls.c
View File

@ -951,6 +951,7 @@ static INLINE word16 TLSX_ToSemaphore(word16 type)
(!(((semaphore)[(light) / 8] & (byte) (0x01 << ((light) % 8))))) (!(((semaphore)[(light) / 8] & (byte) (0x01 << ((light) % 8)))))
/** Turn on a specific light (tls extension) in the semaphore. */ /** Turn on a specific light (tls extension) in the semaphore. */
/* the semaphore marks the extensions already written to the message */
#define TURN_ON(semaphore, light) \ #define TURN_ON(semaphore, light) \
((semaphore)[(light) / 8] |= (byte) (0x01 << ((light) % 8))) ((semaphore)[(light) / 8] |= (byte) (0x01 << ((light) % 8)))
@ -7769,6 +7770,14 @@ word16 TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType)
#endif #endif
} }
#endif #endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (!ssl->ctx->cm->ocspStaplingEnabled) {
/* mark already sent, so it won't send it */
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST));
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST_V2));
}
#endif
} }
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
#ifndef NO_CERTS #ifndef NO_CERTS
@ -7842,6 +7851,14 @@ word16 TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType)
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY));
#endif #endif
#endif #endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
/* mark already sent, so it won't send it */
if (!ssl->ctx->cm->ocspStaplingEnabled) {
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST));
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_STATUS_REQUEST_V2));
}
#endif
} }
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
#ifndef NO_CERT #ifndef NO_CERT

2
wolfssl/ssl.h
View File

@ -1047,7 +1047,7 @@ WOLFSSL_API void wolfSSL_ERR_dump_errors_fp(FILE* fp);
#define SSL_ERROR_NONE WOLFSSL_ERROR_NONE #define SSL_ERROR_NONE WOLFSSL_ERROR_NONE
#define SSL_FAILURE WOLFSSL_FAILURE #define SSL_FAILURE WOLFSSL_FAILURE
#define SSL_SUCCESS WOLFSSL_SUCCESS #define SSL_SUCCESS WOLFSSL_SUCCESS
#define SSL_SHUTDOWN_NOT_DONE WOLF_WOLFSSL_SHUTDOWN_NOT_DONE #define SSL_SHUTDOWN_NOT_DONE WOLFSSL_SHUTDOWN_NOT_DONE
#define SSL_ALPN_NOT_FOUND WOLFSSL_ALPN_NOT_FOUND #define SSL_ALPN_NOT_FOUND WOLFSSL_ALPN_NOT_FOUND
#define SSL_BAD_CERTTYPE WOLFSSL_BAD_CERTTYPE #define SSL_BAD_CERTTYPE WOLFSSL_BAD_CERTTYPE