Fix non compliance SSLv3 in server extension handling. The server code parses the client hello extensions even when the protocol is SSLv3 and this behaviour is non compliant with rfc6101. Also the server sends extensions in the server hello and omitting them may prevent interoperability problems.

commit: 307e181cfa0ad166728356a45502be168fdf1969 [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Mon May 23 18:52:14 2016 +0100
committer: Simon Butcher <simon.butcher@arm.com> Mon May 23 18:52:14 2016 +0100
tree: 42e455ba8552bef065c58f89833218755b01bb20
parent: 8abaa8b275f44f11a0abde68aacca1f2cb166d23 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 9e8dc46..d8289ce 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -18,6 +18,8 @@
      don't use the optimized assembly for bignum multiplication. This removes
      the need to pass -fomit-frame-pointer to avoid a build error with -O0.
    * Disabled SSLv3 in the default configuration.
+   * Fix non-compliance server extension handling. Extensions for SSLv3 are now
+     ignored, as required by RFC6101.
 
 = mbed TLS 1.3.16 released 2016-01-05
commit	307e181cfa0ad166728356a45502be168fdf1969	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Mon May 23 18:52:14 2016 +0100
committer	Simon Butcher <simon.butcher@arm.com>	Mon May 23 18:52:14 2016 +0100
tree	42e455ba8552bef065c58f89833218755b01bb20
parent	8abaa8b275f44f11a0abde68aacca1f2cb166d23 [diff] [blame]