Various custom extension fixes.
Force no SSL2 when custom extensions in use. Don't clear extension state when cert is set. Clear on renegotiate.
This commit is contained in:
Trevor Perrin
committed by
Ben Laurie
Ben Laurie
parent
a898936218
commit
0b2bde70dd
@@ -340,7 +340,9 @@ static int ssl23_client_hello(SSL *s)
|
||||
if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
|
||||
ssl2_compat = 0;
|
||||
#endif
|
||||
if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL)
|
||||
if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL)
|
||||
ssl2_compat = 0;
|
||||
if (s->ctx->custom_cli_ext_records_count != 0)
|
||||
ssl2_compat = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user