From: Dr. Stephen Henson Date: Fri, 22 Jan 2010 18:49:43 +0000 (+0000) Subject: If legacy renegotiation is not permitted then send a fatal alert if a patched X-Git-Tag: OpenSSL_0_9_8m~42 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=6899d9bbf60469c1d16c9f72d2ef0f835f0e7caf;p=oweals%2Fopenssl.git If legacy renegotiation is not permitted then send a fatal alert if a patched server attempts to renegotiate with an unpatched client. --- diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index a3bb3aef1e..789447e115 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -248,6 +248,18 @@ int ssl3_accept(SSL *s) s->state=SSL3_ST_SR_CLNT_HELLO_A; s->ctx->stats.sess_accept++; } + else if (!s->s3->send_connection_binding && + !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) + { + /* Server attempting to renegotiate with + * client that doesn't support secure + * renegotiation. + */ + SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); + ret = -1; + goto end; + } else { /* s->state == SSL_ST_RENEGOTIATE,