sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-03 00:00:24 -04:00
Code Issues Projects Releases Wiki Activity

libtls: Fix encoding of TLS 1.3 certificate extension as server

Browse Source 
Same as 9664ef4ba60f ("libtls: Fixed encoding of TLS 1.3 certificate
extension") but for the server.
This commit is contained in:
Tobias Brunner 2022-09-05 13:06:20 +02:00
parent 023070b6d0
commit 88859b506c
1 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/libtls/tls_server.c
View File

@ -1327,11 +1327,12 @@ static status_t send_certificate(private_tls_server_t *this,
cert->get_subject(cert));
certs->write_data24(certs, data);
free(data.ptr);
}
/* extensions see RFC 8446, section 4.4.2 */
if (this->tls->get_version_max(this->tls) > TLS_1_2)
{
certs->write_uint16(certs, 0);
/* extensions see RFC 8446, section 4.4.2 */
if (this->tls->get_version_max(this->tls) > TLS_1_2)
{
certs->write_uint16(certs, 0);
}
}
}
enumerator = this->server_auth->create_enumerator(this->server_auth);
@ -1345,6 +1346,12 @@ static status_t send_certificate(private_tls_server_t *this,
cert->get_subject(cert));
certs->write_data24(certs, data);
free(data.ptr);
/* extensions see RFC 8446, section 4.4.2 */
if (this->tls->get_version_max(this->tls) > TLS_1_2)
{
certs->write_uint16(certs, 0);
}
}
}
}