>From 0087fd988b03262e1adc04a225e18d2080327515 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Tue, 3 Sep 2019 12:16:21 -0700 Subject: [PATCH] =?UTF-8?q?Don=E2=80=99t=20mention=20:safe-renegotiation?= =?UTF-8?q?=20in=20TLS=201.3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * src/gnutls.c (Fgnutls_peer_status): Don’t put the safe-renegotiation indication into the status in TLS 1.3, which removed support for renegotiation. --- src/gnutls.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/src/gnutls.c b/src/gnutls.c index 042f43e291..c74936c840 100644 --- a/src/gnutls.c +++ b/src/gnutls.c @@ -1487,10 +1487,10 @@ DEFUN ("gnutls-peer-status", Fgnutls_peer_status, Sgnutls_peer_status, 1, 1, 0, (gnutls_kx_get (state))))); /* Protocol name. */ + gnutls_protocol_t proto = gnutls_protocol_get_version (state); result = nconc2 (result, list2 (intern (":protocol"), - build_string (gnutls_protocol_get_name - (gnutls_protocol_get_version (state))))); + build_string (gnutls_protocol_get_name (proto)))); /* Cipher name. */ result = nconc2 @@ -1520,9 +1520,15 @@ DEFUN ("gnutls-peer-status", Fgnutls_peer_status, Sgnutls_peer_status, 1, 1, 0, #endif /* Renegotiation Indication */ - result = nconc2 - (result, list2 (intern (":safe-renegotiation"), - gnutls_safe_renegotiation_status (state) ? Qt : Qnil)); +#ifdef GNUTLS_TLS1_3 + bool older_proto = proto < GNUTLS_TLS1_3; +#else + bool older_proto = true; +#endif + if (older_proto) + result = nconc2 + (result, list2 (intern (":safe-renegotiation"), + gnutls_safe_renegotiation_status (state) ? Qt : Qnil)); return result; } -- 2.17.1