p+=j;
}
/* If p == q, no ciphers and caller indicates an error, otherwise
- * add MCSV
+ * add SCSV if not renegotiating
*/
- if (p != q)
+ if (p != q && !s->new_session)
{
static SSL_CIPHER msvc =
{
- 0, NULL, SSL3_CK_MCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
+ 0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
j = put_cb ? put_cb(&msvc,p) : ssl_put_cipher_by_char(s,&msvc,p);
p+=j;
#ifdef OPENSSL_RI_DEBUG
- fprintf(stderr, "MCSV sent by client\n");
+ fprintf(stderr, "SCSV sent by client\n");
#endif
}
for (i=0; i<num; i+=n)
{
- /* Check for MCSV */
+ /* Check for SCSV */
if (s->s3 && (n != 3 || !p[0]) &&
- (p[n-2] == ((SSL3_CK_MCSV >> 8) & 0xff)) &&
- (p[n-1] == (SSL3_CK_MCSV & 0xff)))
+ (p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
+ (p[n-1] == (SSL3_CK_SCSV & 0xff)))
{
s->s3->send_connection_binding = 1;
p += n;
#ifdef OPENSSL_RI_DEBUG
- fprintf(stderr, "MCSV received by server\n");
+ fprintf(stderr, "SCSV received by server\n");
#endif
continue;
}
memcpy(p, s->s3->previous_client_finished,
s->s3->previous_client_finished_len);
#ifdef OPENSSL_RI_DEBUG
- fprintf(stderr, "RI extension sent by client\n");
+ fprintf(stderr, "%s RI extension sent by client\n",
+ s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
#endif
}
return 0;
}
#ifdef OPENSSL_RI_DEBUG
- fprintf(stderr, "RI extension received by server\n");
+ fprintf(stderr, "%s RI extension received by server\n",
+ ilen ? "Non-empty" : "Empty");
#endif
s->s3->send_connection_binding=1;
memcpy(p, s->s3->previous_server_finished,
s->s3->previous_server_finished_len);
#ifdef OPENSSL_RI_DEBUG
- fprintf(stderr, "RI extension sent by server\n");
+ fprintf(stderr, "%s RI extension sent by server\n",
+ s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
#endif
}
return 0;
}
#ifdef OPENSSL_RI_DEBUG
- fprintf(stderr, "RI extension received by client\n");
+ fprintf(stderr, "%s RI extension received by client\n",
+ ilen ? "Non-empty" : "Empty");
#endif
s->s3->send_connection_binding=1;