diff options
| author | bcook <> | 2015-08-19 23:34:34 +0000 |
|---|---|---|
| committer | bcook <> | 2015-08-19 23:34:34 +0000 |
| commit | 0430328e628d2e17fc7eca9e1ff131bfc3398cba (patch) | |
| tree | 56d78f22129daa2f69641755ceab8762a3ad59fe /src/lib | |
| parent | 0e889cf1500dcc11cc9011a890b5cf7665b14bef (diff) | |
| download | openbsd-0430328e628d2e17fc7eca9e1ff131bfc3398cba.tar.gz openbsd-0430328e628d2e17fc7eca9e1ff131bfc3398cba.tar.bz2 openbsd-0430328e628d2e17fc7eca9e1ff131bfc3398cba.zip | |
Properly handle missing TLS extensions in client hello as a non-failure.
Noticed by @Ligushka from github.
ok miod@, doug@
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_lib.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c index 9ee495c790..b892fa9b91 100644 --- a/src/lib/libssl/src/ssl/t1_lib.c +++ b/src/lib/libssl/src/ssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.82 2015/07/24 07:57:48 doug Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.83 2015/08/19 23:34:34 bcook Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2087,6 +2087,8 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2087 | return -1; | 2087 | return -1; |
| 2088 | 2088 | ||
| 2089 | /* Now at start of extensions */ | 2089 | /* Now at start of extensions */ |
| 2090 | if (CBS_len(&session_id) == 0) | ||
| 2091 | return 0; | ||
| 2090 | if (!CBS_get_u16_length_prefixed(&session_id, &extensions)) | 2092 | if (!CBS_get_u16_length_prefixed(&session_id, &extensions)) |
| 2091 | return -1; | 2093 | return -1; |
| 2092 | 2094 | ||
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 9ee495c790..b892fa9b91 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.82 2015/07/24 07:57:48 doug Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.83 2015/08/19 23:34:34 bcook Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2087,6 +2087,8 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2087 | return -1; | 2087 | return -1; |
| 2088 | 2088 | ||
| 2089 | /* Now at start of extensions */ | 2089 | /* Now at start of extensions */ |
| 2090 | if (CBS_len(&session_id) == 0) | ||
| 2091 | return 0; | ||
| 2090 | if (!CBS_get_u16_length_prefixed(&session_id, &extensions)) | 2092 | if (!CBS_get_u16_length_prefixed(&session_id, &extensions)) |
| 2091 | return -1; | 2093 | return -1; |
| 2092 | 2094 | ||