From: Nikos Mavrogiannopoulos Date: Sat, 1 Feb 2014 19:24:40 +0000 (+0100) Subject: tolerate servers that included the SUPPORTED ECC extension. X-Git-Tag: gnutls_3_3_0pre0~222 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ac64ff56b16d4d13594c6d2ba2e65b05ca555e58;p=thirdparty%2Fgnutls.git tolerate servers that included the SUPPORTED ECC extension. This is an extension that is defined to be sent by the client but there are servers that include it as well. Most other implementations tolerate this behavior so we do. --- diff --git a/lib/ext/ecc.c b/lib/ext/ecc.c index b913cb09be..a851ddd880 100644 --- a/lib/ext/ecc.c +++ b/lib/ext/ecc.c @@ -91,9 +91,10 @@ _gnutls_supported_ecc_recv_params(gnutls_session_t session, const uint8_t *p = data; if (session->security_parameters.entity == GNUTLS_CLIENT) { - /* A client shouldn't receive this extension */ - return - gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION); + /* A client shouldn't receive this extension, but of course + * there are servers out there that send it. Just ignore it. */ + _gnutls_debug_log("received SUPPORTED ECC extension on client side!!!\n"); + return 0; } else { /* SERVER SIDE - we must check if the sent supported ecc type is the right one */ if (data_size < 2)