Fix non compliance SSLv3 in server extension handling. The server code parses the client hello extensions even when the protocol is SSLv3 and this behaviour is non compliant with rfc6101. Also the server sends extensions in the server hello and omitting them may prevent interoperability problems.

commit: c6dab2b029901c6e898eb6044df181faf076c1eb [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Mon May 23 14:27:02 2016 +0100
committer: Simon Butcher <simon.butcher@arm.com> Mon May 23 14:27:02 2016 +0100
tree: ba08b5e9dda2919cb8894333bc3d514f56460b84
parent: 00efff74691373b0cfd939d4b824f400d7a8c70e [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 3b32873..d9fce92 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -34,6 +34,8 @@
    * Disabled SSLv3 in the default configuration.
    * Optimized mbedtls_mpi_zeroize() for MPI integer size. (Fix by Alexey
      Skalozub).
+   * Fix non-compliance server extension handling. Extensions for SSLv3 are now
+     ignored, as required by RFC6101.
 
 = mbed TLS 2.2.1 released 2016-01-05
commit	c6dab2b029901c6e898eb6044df181faf076c1eb	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Mon May 23 14:27:02 2016 +0100
committer	Simon Butcher <simon.butcher@arm.com>	Mon May 23 14:27:02 2016 +0100
tree	ba08b5e9dda2919cb8894333bc3d514f56460b84
parent	00efff74691373b0cfd939d4b824f400d7a8c70e [diff] [blame]