Commit 7b2dd292 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

only send heartbeat extension from server if client sent one

parent ab585551

ssl/t1_lib.c

+14 −11
Original line number Diff line number Diff line
@@ -812,7 +812,9 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha 
		}



#ifndef OPENSSL_NO_HEARTBEATS

	/* Add Heartbeat extension */

	/* Add Heartbeat extension if we've received one */

	if (s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED)

		{

		s2n(TLSEXT_TYPE_heartbeat,ret);

		s2n(1,ret);

		/* Set mode:
@@ -823,6 +825,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha 
			*(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;

		else

			*(ret++) = SSL_TLSEXT_HB_ENABLED;

		}

#endif



#ifndef OPENSSL_NO_NEXTPROTONEG