Google Git
Sign in
boringssl/boringssl.git/70aba26c757b933fe142bb4656d5a4d555601134^!/.
commit
70aba26c757b933fe142bb4656d5a4d555601134
[log]
author
David Benjamin <davidben@google.com>
Tue Nov 01 12:08:15 2016 -0400
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Tue Nov 01 16:35:36 2016 +0000
tree
9cfc41a2da1732455b23ee78a1fdc23449c5a1a4
parent
af3b3d397e234e8d0f994dc6adb11ff7f70c7bd8 [diff]
Skip ec_point_format if min_version >= TLS 1.3.

Trim a few more bytes from the future QUIC ClientHello.

Change-Id: If23c5cd078889a9a26cf2231b51b17c2615a38ea
Reviewed-on: https://boringssl-review.googlesource.com/12000
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 83bae27..a265a2e 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -1853,6 +1853,16 @@
 }
 
 static int ext_ec_point_add_clienthello(SSL *ssl, CBB *out) {
+  uint16_t min_version, max_version;
+  if (!ssl_get_version_range(ssl, &min_version, &max_version)) {
+    return 0;
+  }
+
+  /* The point format extension is unneccessary in TLS 1.3. */
+  if (min_version >= TLS1_3_VERSION) {
+    return 1;
+  }
+
   return ext_ec_point_add_extension(ssl, out);
 }