From 45ec742d6db94b8a5aa2f4f1b3f560d948230e3b Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sat, 1 Feb 2014 20:24:40 +0100 Subject: [PATCH 1/8] tolerate servers that included the SUPPORTED ECC extension. This is an extension that is defined to be sent by the client but there are servers that include it as well. Most other implementations tolerate this behavior so we do. --- lib/ext/ecc.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/ext/ecc.c b/lib/ext/ecc.c index b913cb0..a851ddd 100644 --- a/lib/ext/ecc.c +++ b/lib/ext/ecc.c @@ -91,9 +91,10 @@ _gnutls_supported_ecc_recv_params(gnutls_session_t session, const uint8_t *p = data; if (session->security_parameters.entity == GNUTLS_CLIENT) { - /* A client shouldn't receive this extension */ - return - gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION); + /* A client shouldn't receive this extension, but of course + * there are servers out there that send it. Just ignore it. */ + _gnutls_debug_log("received SUPPORTED ECC extension on client side!!!\n"); + return 0; } else { /* SERVER SIDE - we must check if the sent supported ecc type is the right one */ if (data_size < 2) -- 1.8.5.3