Ensure that a TLSv1.3 server has provided a certificate. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2020-05-16 14:44:55 +0000
committer	jsing <>	2020-05-16 14:44:55 +0000
commit	05b86acd86a3e9f27019baf407fa6cc21987115c (patch)
tree	deaa6e5465c23ac8df9e8a0e2afe3ddc37ec8360 /src/lib/libc/stdlib
parent	2e6606d801cdc2d2ca745d14827a8171b3a12b17 (diff)
download	openbsd-05b86acd86a3e9f27019baf407fa6cc21987115c.tar.gz openbsd-05b86acd86a3e9f27019baf407fa6cc21987115c.tar.bz2 openbsd-05b86acd86a3e9f27019baf407fa6cc21987115c.zip

Ensure that a TLSv1.3 server has provided a certificate.

The RFC requires that a server always provide a certificate for authentication. Ensure that this is the case, rather than proceeding and attempting validation. In the case where validation was disabled and the server returned an empty certificate list, this would have previously resulted in a NULL pointer deference. Issue reported by otto@ ok inoguchi@ tb@

Diffstat (limited to 'src/lib/libc/stdlib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: