Don't parse or write extensions in SSLv3
In mbed TLS 1.3 a check went missing disabling the use of extensions
in SERVER_HELLO for SSLv3, causing the "SSLv3 with extensions" test
case from ssl-opt.sh to fail. This commit fixes that and adds a dump
of all extensions present in the client hello that the same test case
also checks for.
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 8ad990b..146f283 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1632,6 +1632,8 @@
ext = buf + 44 + sess_len + ciph_len + comp_len;
+ SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len );
+
while( ext_len )
{
unsigned int ext_id = ( ( ext[0] << 8 )
@@ -2328,6 +2330,12 @@
SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X",
ssl->session_negotiate->compression ) );
+ /* Do not write the extensions if the protocol is SSLv3 */
+#if defined(POLARSSL_SSL_PROTO_SSL3)
+ if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) )
+ {
+#endif
+
/*
* First write extensions, then the total length
*/
@@ -2378,6 +2386,10 @@
p += ext_len;
}
+#if defined(POLARSSL_SSL_PROTO_SSL3)
+ }
+#endif
+
ssl->out_msglen = p - buf;
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = SSL_HS_SERVER_HELLO;