generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>

Browse Source 
Localize client hello extension parsing in t1_lib.c
(backport from HEAD)
This commit is contained in:
Dr. Stephen Henson
2012-04-06 20:16:09 +00:00
parent e46c807e4f
commit 1d0c47fd55
3 changed files with 22 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
ssl/t1_lib.c
View File

@@ -1175,8 +1175,8 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
return ret;
}
int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
{
static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
{
unsigned short type;
unsigned short size;
unsigned short len;
@@ -1669,6 +1669,23 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
return 1;
}
int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n)
{
int al = -1;
if (ssl_scan_clienthello_tlsext(s, p, d, n, &al) <= 0)
{
ssl3_send_alert(s,SSL3_AL_FATAL,al);
return 0;
}
if (ssl_check_clienthello_tlsext(s) <= 0)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
return 0;
}
return 1;
}
#ifndef OPENSSL_NO_NEXTPROTONEG
/* ssl_next_proto_validate validates a Next Protocol Negotiation block. No
* elements of zero length are allowed and the set of elements must exactly fill