tls-peer: Don't log anything if we are not sending supported groups
authorTobias Brunner <tobias@strongswan.org>
Thu, 14 Jan 2021 15:14:47 +0000 (16:14 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 13:35:23 +0000 (14:35 +0100)
src/libtls/tls_peer.c

index 987bd51..9d797f3 100644 (file)
@@ -1326,8 +1326,6 @@ static status_t send_client_hello(private_tls_peer_t *this,
                names->destroy(names);
        }
 
-       DBG2(DBG_TLS, "sending extension: %N",
-                tls_extension_names, TLS_EXT_SUPPORTED_GROUPS);
        enumerator = this->crypto->create_ec_enumerator(this->crypto);
        while (enumerator->enumerate(enumerator, &group, &curve))
        {
@@ -1351,8 +1349,12 @@ static status_t send_client_hello(private_tls_peer_t *this,
                curves->write_uint16(curves, curve);
        }
        enumerator->destroy(enumerator);
+
        if (curves)
        {
+               DBG2(DBG_TLS, "sending extension: %N",
+                        tls_extension_names, TLS_EXT_SUPPORTED_GROUPS);
+
                curves->wrap16(curves);
                extensions->write_data16(extensions, curves->get_buf(curves));
                curves->destroy(curves);