Add custom extension sanity checks.
Reject attempts to use extensions handled internally. Add flags to each extension structure to indicate if an extension has been sent or received. Enforce RFC5246 compliance by rejecting duplicate extensions and unsolicited extensions and only send a server extension if we have sent the corresponding client extension. Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 28ea0a0c)
parent
0a4fe37f
Please register or sign in to comment