aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/tls_channel.cpp
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2017-06-04 05:17:54 -0400
committerJack Lloyd <[email protected]>2017-06-04 05:17:54 -0400
commitd6e7c9ea7f029026d84ce2828a26310dd9882679 (patch)
tree0304f0cda9c683f160e626f274deb00b5a2e6966 /src/lib/tls/tls_channel.cpp
parent41b1e738dbcbf2c33b418d2da235a56ad11feb9a (diff)
Correct failure when renegotiating with old server
When renegotiating the client checks that the server hasn't changed its mind about supporting the renegotiation extension (this is a likely indicator of an attack). However due to a typo the client was actually comparing the value in the client hello of the first handshake against the server hello in the renegotiation handshake. Since Botan always sends the renegotiation extension, this would cause the check to fail when renegotiating with an old server that doesn't support the renegotiation extension. Reported on mailing list by Falko Strenzke. Tested patch against OpenSSL 0.9.8k
Diffstat (limited to 'src/lib/tls/tls_channel.cpp')
-rw-r--r--src/lib/tls/tls_channel.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/tls/tls_channel.cpp b/src/lib/tls/tls_channel.cpp
index 52a62693e..c905862c6 100644
--- a/src/lib/tls/tls_channel.cpp
+++ b/src/lib/tls/tls_channel.cpp
@@ -600,7 +600,7 @@ void Channel::secure_renegotiation_check(const Server_Hello* server_hello)
if(auto active = active_state())
{
- const bool active_sr = active->client_hello()->secure_renegotiation();
+ const bool active_sr = active->server_hello()->secure_renegotiation();
if(active_sr != secure_renegotiation)
throw TLS_Exception(Alert::HANDSHAKE_FAILURE,