diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/libtls/tls_server.c | 16 |
1 files changed, 6 insertions, 10 deletions
diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c index aa371c30a..e6cce311c 100644 --- a/src/libtls/tls_server.c +++ b/src/libtls/tls_server.c @@ -220,29 +220,25 @@ static status_t process_client_hello(private_tls_server_t *this, extensions = tls_reader_create(ext); while (extensions->remaining(extensions)) { - if (!extensions->read_uint16(extensions, &extension)) + if (!extensions->read_uint16(extensions, &extension) || + !extensions->read_data16(extensions, &ext)) { DBG1(DBG_TLS, "received invalid ClientHello Extensions"); this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR); extensions->destroy(extensions); return NEED_MORE; } - DBG1(DBG_TLS, "received TLS %N extension", + DBG1(DBG_TLS, "received TLS '%N' extension", tls_extension_names, extension); + DBG3(DBG_TLS, "%B", &ext); switch (extension) { case TLS_EXT_SIGNATURE_ALGORITHMS: - if (extensions->read_data16(extensions, &ext)) - { - this->hashsig = chunk_clone(ext); - } + this->hashsig = chunk_clone(ext); break; case TLS_EXT_ELLIPTIC_CURVES: this->curves_received = TRUE; - if (extensions->read_data16(extensions, &ext)) - { - this->curves = chunk_clone(ext); - } + this->curves = chunk_clone(ext); break; default: break; |