[gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Thu Sep 3 13:37:05 CEST 2020
Hubert Kario (@mention me if you need reply) started a new discussion on lib/handshake.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320#note_406699942
> _gnutls_abort_handshake(gnutls_session_t session, int ret)
> {
> if (((ret == GNUTLS_E_WARNING_ALERT_RECEIVED) &&
> - (gnutls_alert_get(session) == GNUTLS_A_NO_RENEGOTIATION))
> - || ret == GNUTLS_E_GOT_APPLICATION_DATA)
> + (gnutls_alert_get(session) == GNUTLS_A_NO_RENEGOTIATION) &&
> + (session->internals.initial_negotiation_completed ||
> + !(session->internals.hsk_flags & HSK_SERVER_HELLO_RECEIVED))) ||
> + ret == GNUTLS_E_GOT_APPLICATION_DATA)
this single `if` is really hard to follow, could you split it up and comments explaining what's happening?
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320#note_406699942
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200903/c8c12be0/attachment.html>
More information about the Gnutls-devel
mailing list