Bugfix | |
* Add additional bounds checks in ssl_write_client_hello() preventing | |
output buffer overflow if the configuration declared a buffer that was | |
too small. | |
Changes | |
* Abort the ClientHello writing function as soon as some extension doesn't | |
fit into the record buffer. Previously, such extensions were silently | |
dropped. As a consequence, the TLS handshake now fails when the output | |
buffer is not large enough to hold the ClientHello. |