From d8f1ea81916a8230d8148fce0219beaf67bd0ba6 Mon Sep 17 00:00:00 2001 From: lloyd Date: Sat, 9 Jun 2012 03:48:30 +0000 Subject: A fix for bug 192. First, when renegotiating in the client, attempt to renegotiate using our currently negotiated version instead of our preferred version. It turns out that neither OpenSSL nor GnuTLS like clients changing the version between negotiations, both send a protocol_version alert. So we probably want to avoid doing that. On the server side, handle a client sending inconsistent versions as best we can. If the client attmepts to renegotiate a session using a later version, return a server hello with their original version (this is what OpenSSL does). If they attempt to renegotiate using an earlier version, send a fatal alert and close the connection, since this seems like a dubious thing to do. Also, fix the situation where we as a TLS v1.0 server (because of configuration) are talking to a TLS v1.2 client. We would still use their signature_algorithms extension and send a SHA-256 (or whatever) signature! --- src/tls/tls_messages.h | 1 + 1 file changed, 1 insertion(+) (limited to 'src/tls/tls_messages.h') diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h index 31c35d901..0760b1815 100644 --- a/src/tls/tls_messages.h +++ b/src/tls/tls_messages.h @@ -115,6 +115,7 @@ class Client_Hello : public Handshake_Message Client_Hello(Record_Writer& writer, Handshake_Hash& hash, + Protocol_Version version, const Policy& policy, RandomNumberGenerator& rng, const std::vector& reneg_info, -- cgit v1.2.3