1 diff --git a/third_party/tlslite/tlslite/handshakesettings.py b/third_party/tlslite/tlslite/handshakesettings.py
2 index 8f25f62..d7be5b3 100644
3 --- a/third_party/tlslite/tlslite/handshakesettings.py
4 +++ b/third_party/tlslite/tlslite/handshakesettings.py
5 @@ -112,6 +112,9 @@ class HandshakeSettings(object):
6 @ivar alertAfterHandshake: If true, the server will send a fatal
7 alert immediately after the handshake completes.
9 + @type enableChannelID: bool
10 + @ivar enableChannelID: If true, the server supports channel ID.
12 @type enableExtendedMasterSecret: bool
13 @ivar enableExtendedMasterSecret: If true, the server supports the extended
14 master secret TLS extension and will negotiated it with supporting clients.
15 @@ -140,6 +143,7 @@ class HandshakeSettings(object):
16 self.tlsIntoleranceType = 'alert'
17 self.useExperimentalTackExtension = False
18 self.alertAfterHandshake = False
19 + self.enableChannelID = True
20 self.enableExtendedMasterSecret = True
21 self.supportedTokenBindingParams = []
23 @@ -159,6 +163,7 @@ class HandshakeSettings(object):
24 other.tlsIntolerant = self.tlsIntolerant
25 other.tlsIntoleranceType = self.tlsIntoleranceType
26 other.alertAfterHandshake = self.alertAfterHandshake
27 + other.enableChannelID = self.enableChannelID
28 other.enableExtendedMasterSecret = self.enableExtendedMasterSecret
29 other.supportedTokenBindingParams = self.supportedTokenBindingParams
31 diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/tlslite/tlsconnection.py
32 index 06404fe..7363a30 100644
33 --- a/third_party/tlslite/tlslite/tlsconnection.py
34 +++ b/third_party/tlslite/tlslite/tlsconnection.py
35 @@ -1326,7 +1326,8 @@ class TLSConnection(TLSRecordLayer):
36 serverHello.create(self.version, getRandomBytes(32), sessionID, \
37 cipherSuite, CertificateType.x509, tackExt,
39 - serverHello.channel_id = clientHello.channel_id
40 + serverHello.channel_id = \
41 + clientHello.channel_id and settings.enableChannelID
42 serverHello.extended_master_secret = \
43 clientHello.extended_master_secret and \
44 settings.enableExtendedMasterSecret
45 @@ -1391,7 +1392,7 @@ class TLSConnection(TLSRecordLayer):
46 for result in self._serverFinished(premasterSecret,
47 clientHello.random, serverHello.random,
48 cipherSuite, settings.cipherImplementations,
49 - nextProtos, clientHello.channel_id,
50 + nextProtos, serverHello.channel_id,
51 serverHello.extended_master_secret):
52 if result in (0,1): yield result