generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add test for missing CertificateStatus message

Browse Source 
If the client sends a status_request extension in the ClientHello
and the server responds with a status_request extension in the
ServerHello then normally the server will also later send a
CertificateStatus message. However this message is *optional* even
if the extensions were sent. This adds a test to ensure that if
the extensions are sent then we can still omit the message.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This commit is contained in:
Matt Caswell
2015-11-05 14:08:54 +00:00
parent b22d71131a
commit ef96e4a28f
2 changed files with 103 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
util/TLSProxy/ClientHello.pm
View File

@@ -58,6 +58,7 @@ package TLSProxy::ClientHello;
use parent 'TLSProxy::Message';
use constant {
EXT_STATUS_REQUEST => 5,
EXT_ENCRYPT_THEN_MAC => 22,
EXT_EXTENDED_MASTER_SECRET => 23,
EXT_SESSION_TICKET => 35