}
}
+\ Read and drop ClientHello. This is used when a client-triggered
+\ renegotiation attempt is rejected.
+: skip-ClientHello ( -- )
+ read-handshake-header-core
+ 1 = ifnot ERR_UNEXPECTED fail then
+ dup skip-blob drop ;
+
\ Read ClientHello. If the session is resumed, then -1 is returned.
: read-ClientHello ( -- resume )
\ Get header, and check message type.
\ we should mark the client as "supporting secure renegotiation".
reneg-scsv if 2 addr-reneg set8 then
+ \ If, at that point, the 'reneg' value is still 0, then the client
+ \ did not send the extension or the SCSV, so we have to assume
+ \ that secure renegotiation is not supported by that client.
+ addr-reneg get8 ifnot 1 addr-reneg set8 then
+
\ Check compression.
ok-compression ifnot 40 fail-alert then
\ The best we can do is ask for a
\ renegotiation, then wait for it
\ to happen.
+ 0 addr-application_data set8
send-HelloRequest
then
endof
\ "no renegotiation" flag is set.
drop
addr-reneg get8 1 = 1 flag? or if
+ skip-ClientHello
flush-record
begin can-output? not while
wait-co drop
repeat
100 send-warning
+ \ Put back connection in "application
+ \ data" state: it's not dead yet.
+ 1 addr-application_data set8
+ 23 addr-record_type_out set8
else
0 do-handshake
then