Make SSL_get_extms_support a little friendlier.
It used to give a sensible answer ("no") before version negotiation.
Change-Id: I85b778a48cca7a4b66a81384eb18c447982875d1
Reviewed-on: https://boringssl-review.googlesource.com/8900
Reviewed-by: Matt Braithwaite <mab@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 716a040..8328421 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1126,6 +1126,9 @@
}
int SSL_get_extms_support(const SSL *ssl) {
+ if (!ssl->s3->have_version) {
+ return 0;
+ }
return ssl3_protocol_version(ssl) >= TLS1_3_VERSION ||
ssl->s3->tmp.extended_master_secret == 1;
}
