generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Clear existing extension state.

Browse Source 
When parsing ClientHello clear any existing extension state from
SRP login and SRTP profile.

Thanks to Karthikeyan Bhargavan for reporting this issue.
Reviewed-by: Matt Caswell <matt@openssl.org>

(cherry picked from commit 4f605ccb779e32a770093d687e0554e0bbb137d3)

Conflicts:
	ssl/t1_lib.c
This commit is contained in:
Dr. Stephen Henson 2014-12-05 13:39:14 +00:00
parent c30c876176
commit 47606dda67
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ssl/t1_lib.c
View File

@ -2016,6 +2016,16 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
s->cert->peer_sigalgs = NULL; s->cert->peer_sigalgs = NULL;
} }
#ifndef OPENSSL_NO_SRP
if (s->srp_ctx.login != NULL)
{
OPENSSL_free(s->srp_ctx.login);
s->srp_ctx.login = NULL;
}
#endif
s->srtp_profile = NULL;
if (data >= (d+n-2)) if (data >= (d+n-2))
goto ri_check; goto ri_check;
n2s(data,len); n2s(data,len);