aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2019-05-28 09:12:06 -0400
committerJack Lloyd <[email protected]>2019-05-28 09:12:06 -0400
commit021f84110ab3ec1f6916b69a1894b1ac2f144ee6 (patch)
treee4fc4bf47c7f6877074b00cdbc1bd44d4bf49176
parentf4cbc67a46aa525b4392944102fc2890d4f58ffd (diff)
parentad39fed8b61653b763e781e2ec32c10565bde956 (diff)
Merge GH #1982 Ask for updated cert status during a TLS resumption
-rw-r--r--src/bogo_shim/config.json1
-rw-r--r--src/lib/tls/msg_client_hello.cpp3
2 files changed, 3 insertions, 1 deletions
diff --git a/src/bogo_shim/config.json b/src/bogo_shim/config.json
index 2c0203970..d43fefb73 100644
--- a/src/bogo_shim/config.json
+++ b/src/bogo_shim/config.json
@@ -141,7 +141,6 @@
"PartialClientFinishedWithClientHello": "Need to check for buffered messages when CCS (bug)",
"SendUnencryptedFinished-DTLS": "Need to check for buffered messages when CCS (bug)",
- "SendOCSPResponseOnResume-TLS12": "Not supported by Botan (bug)",
"ECDSAKeyUsage-TLS12": "Botan ignores KeyUsage (bug)",
"RSAKeyUsage-*": "Botan ignores KeyUsage (bug)"
}
diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp
index f83df44f1..a3e1206df 100644
--- a/src/lib/tls/msg_client_hello.cpp
+++ b/src/lib/tls/msg_client_hello.cpp
@@ -186,6 +186,9 @@ Client_Hello::Client_Hello(Handshake_IO& io,
m_extensions.add(new Server_Name_Indicator(session.server_info().hostname()));
m_extensions.add(new Session_Ticket(session.session_ticket()));
+ if(policy.support_cert_status_message())
+ m_extensions.add(new Certificate_Status_Request({}, {}));
+
std::unique_ptr<Supported_Groups> supported_groups(new Supported_Groups(policy.key_exchange_groups()));
if(supported_groups->ec_groups().size() > 0)