diff options
| -rw-r--r-- | src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java | 12 | ||||
| -rw-r--r-- | src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java | 12 |
2 files changed, 12 insertions, 12 deletions
diff --git a/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java b/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java index 7ecabba3..4a3139ac 100644 --- a/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java +++ b/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java @@ -426,12 +426,6 @@ public class DTLSServerProtocol extends DTLSProtocol { */
state.clientExtensions = TlsProtocol.readExtensions(buf);
- /*
- * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, or
- * the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the ClientHello.
- * Including both is NOT RECOMMENDED.
- */
-
state.serverContext.setClientVersion(client_version);
state.server.notifyClientVersion(client_version);
@@ -446,6 +440,12 @@ public class DTLSServerProtocol extends DTLSProtocol { */
{
/*
+ * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, or
+ * the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the ClientHello.
+ * Including both is NOT RECOMMENDED.
+ */
+
+ /*
* When a ClientHello is received, the server MUST check if it includes the
* TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag
* to TRUE.
diff --git a/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java b/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java index 874eecd0..9bbe76b9 100644 --- a/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java +++ b/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java @@ -433,12 +433,6 @@ public class TlsServerProtocol extends TlsProtocol { */
this.clientExtensions = readExtensions(buf);
- /*
- * TODO RFC 5746 3.4. The client MUST include either an empty "renegotiation_info"
- * extension, or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
- * ClientHello. Including both is NOT RECOMMENDED.
- */
-
getContext().setClientVersion(client_version);
tlsServer.notifyClientVersion(client_version);
@@ -453,6 +447,12 @@ public class TlsServerProtocol extends TlsProtocol { */
{
/*
+ * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension,
+ * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
+ * ClientHello. Including both is NOT RECOMMENDED.
+ */
+
+ /*
* When a ClientHello is received, the server MUST check if it includes the
* TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag
* to TRUE.
|