@@ -4423,13 +4423,15 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
44234423 }
44244424 /* Extension Info Flag */
44254425 if (ret == WS_SUCCESS) {
4426- /* Only checking for this is we are server. Our client does
4427- * not have anything to say to a server, yet. */
4428- if (side == WOLFSSH_ENDPOINT_SERVER && !ssh->extInfoSent) {
4426+ /* Determine whether we should send EXT_INFO after NEWKEYS based on
4427+ * whether the peer advertised ext-info-c (server) or ext-info-s
4428+ * (client). */
4429+ if (!ssh->extInfoSent) {
44294430 byte extInfo;
44304431
4431- /* Match the client accepts extInfo. */
4432- algoId = ID_EXTINFO_C;
4432+ /* Match the peer accepts extInfo. */
4433+ algoId = (side == WOLFSSH_ENDPOINT_SERVER)
4434+ ? ID_EXTINFO_C : ID_EXTINFO_S;
44334435 extInfo = MatchIdLists(side, list, listSz, &algoId, 1);
44344436 ssh->sendExtInfo = extInfo == algoId;
44354437 }
@@ -11314,6 +11316,10 @@ int SendKexInit(WOLFSSH* ssh)
1131411316 kexAlgoNamesPlus = ",ext-info-c";
1131511317 kexAlgoNamesPlusSz = (word32)WSTRLEN(kexAlgoNamesPlus);
1131611318 }
11319+ else {
11320+ kexAlgoNamesPlus = ",ext-info-s";
11321+ kexAlgoNamesPlusSz = (word32)WSTRLEN(kexAlgoNamesPlus);
11322+ }
1131711323
1131811324 kexAlgoNamesSz = AlgoListSz(ssh->algoListKex);
1131911325 encAlgoNamesSz = AlgoListSz(ssh->algoListCipher);
@@ -14207,19 +14213,16 @@ int SendServiceAccept(WOLFSSH* ssh, byte serviceId)
1420714213static const char serverSigAlgsName[] = "server-sig-algs";
1420814214
1420914215
14210- int SendExtInfo(WOLFSSH* ssh)
14216+ #ifndef NO_WOLFSSH_SERVER
14217+ static int SendExtInfoServer(WOLFSSH* ssh)
1421114218{
1421214219 byte* output;
1421314220 word32 idx;
1421414221 word32 keyAlgoNamesSz = 0;
1421514222 word32 serverSigAlgsNameSz = 0;
1421614223 int ret = WS_SUCCESS;
1421714224
14218- WLOG(WS_LOG_DEBUG, "Entering SendExtInfo()");
14219-
14220- if (ssh == NULL) {
14221- ret = WS_BAD_ARGUMENT;
14222- }
14225+ WLOG(WS_LOG_DEBUG, "Entering SendExtInfoServer()");
1422314226
1422414227 if (ret == WS_SUCCESS) {
1422514228 keyAlgoNamesSz = AlgoListSz(ssh->algoListKeyAccepted);
@@ -14259,6 +14262,51 @@ int SendExtInfo(WOLFSSH* ssh)
1425914262 ret = wolfSSH_SendPacket(ssh);
1426014263 }
1426114264
14265+ WLOG(WS_LOG_DEBUG, "Leaving SendExtInfoServer(), ret = %d", ret);
14266+ return ret;
14267+ }
14268+ #endif /* NO_WOLFSSH_SERVER */
14269+
14270+
14271+ #ifndef NO_WOLFSSH_CLIENT
14272+ static int SendExtInfoClient(WOLFSSH* ssh)
14273+ {
14274+ int ret = WS_SUCCESS;
14275+
14276+ WOLFSSH_UNUSED(ssh);
14277+ WLOG(WS_LOG_DEBUG, "Entering SendExtInfoClient()");
14278+ /* This is currently a stub. Our client doesn't have anything to say. */
14279+ WLOG(WS_LOG_DEBUG, "Leaving SendExtInfoClient(), ret = %d", ret);
14280+
14281+ return ret;
14282+ }
14283+ #endif /* NO_WOLFSSH_CLIENT */
14284+
14285+
14286+ int SendExtInfo(WOLFSSH* ssh)
14287+ {
14288+ int ret = WS_SUCCESS;
14289+
14290+ WLOG(WS_LOG_DEBUG, "Entering SendExtInfo()");
14291+
14292+ if (ssh == NULL || ssh->ctx == NULL) {
14293+ ret = WS_BAD_ARGUMENT;
14294+ }
14295+
14296+ if (ret == WS_SUCCESS) {
14297+ /* Disabling server and client is checked at compile time. */
14298+ #ifndef NO_WOLFSSH_SERVER
14299+ if (ssh->ctx->side == WOLFSSH_ENDPOINT_SERVER) {
14300+ ret = SendExtInfoServer(ssh);
14301+ }
14302+ #endif
14303+ #ifndef NO_WOLFSSH_CLIENT
14304+ if (ssh->ctx->side == WOLFSSH_ENDPOINT_CLIENT) {
14305+ ret = SendExtInfoClient(ssh);
14306+ }
14307+ #endif
14308+ }
14309+
1426214310 WLOG(WS_LOG_DEBUG, "Leaving SendExtInfo(), ret = %d", ret);
1426314311 return ret;
1426414312}
0 commit comments