Fix incompatability with (some) common TLS stack

Several sites including oracle.com seem to send extension 11 (point format) even if we (the client) did not send it. Then the handshake fails. To workaround this problem, simply always send this extension as the client, instead of only sending it if we wished to support compressed points.
author: Jack Lloyd <[email protected]> 2016-11-16 16:15:51 -0500
committer: Jack Lloyd <[email protected]> 2016-11-16 16:15:51 -0500
commit: 10c2f3f984c6c74d6a94270ee6e9e1be00f68500 (patch)
tree: 8cdc3e73fa10088590249560b1a85626c5510c5f /src/lib/tls/tls_extensions.cpp
parent: ca86adc7ceee60abc62645067a53c0f117f28783 (diff)
1 files changed, 8 insertions, 3 deletions
diff --git a/src/lib/tls/tls_extensions.cpp b/src/lib/tls/tls_extensions.cpp
index f8eef5ac6..712527fc4 100644
--- a/src/lib/tls/tls_extensions.cpp
+++ b/src/lib/tls/tls_extensions.cpp
@@ -384,10 +384,15 @@ Supported_Elliptic_Curves::Supported_Elliptic_Curves(TLS_Data_Reader& reader,
 
 std::vector<byte> Supported_Point_Formats::serialize() const
    {
-   // if we send this extension, we prefer compressed points,
-   // otherwise we don't send it (which is equal to supporting only uncompressed)
    // if this extension is sent, it MUST include uncompressed (RFC 4492, section 5.1)
-   return std::vector<byte>{2, ANSIX962_COMPRESSED_PRIME, UNCOMPRESSED};
+   if(m_prefers_compressed)
+      {
+      return std::vector<byte>{2, ANSIX962_COMPRESSED_PRIME, UNCOMPRESSED};
+      }
+   else
+      {
+      return std::vector<byte>{1, UNCOMPRESSED};
+      }
    }
 
 Supported_Point_Formats::Supported_Point_Formats(TLS_Data_Reader& reader,
author	Jack Lloyd <[email protected]>	2016-11-16 16:15:51 -0500
committer	Jack Lloyd <[email protected]>	2016-11-16 16:15:51 -0500
commit	10c2f3f984c6c74d6a94270ee6e9e1be00f68500 (patch)
tree	8cdc3e73fa10088590249560b1a85626c5510c5f /src/lib/tls/tls_extensions.cpp
parent	ca86adc7ceee60abc62645067a53c0f117f28783 (diff)