diff options
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index aeeea599bc..a5a39d092c 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.14 2020/01/24 04:43:09 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.15 2020/01/24 04:47:13 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -223,6 +223,15 @@ tls13_client_hello_process(struct tls13_ctx *ctx, CBS *cbs) | |||
| 223 | goto err; | 223 | goto err; |
| 224 | } | 224 | } |
| 225 | 225 | ||
| 226 | /* Store legacy session identifier so we can echo it. */ | ||
| 227 | if (CBS_len(&session_id) > sizeof(ctx->hs->legacy_session_id)) { | ||
| 228 | ctx->alert = SSL_AD_ILLEGAL_PARAMETER; | ||
| 229 | goto err; | ||
| 230 | } | ||
| 231 | if (!CBS_write_bytes(&session_id, ctx->hs->legacy_session_id, | ||
| 232 | sizeof(ctx->hs->legacy_session_id), &ctx->hs->legacy_session_id_len)) | ||
| 233 | goto err; | ||
| 234 | |||
| 226 | /* Parse cipher suites list and select preferred cipher. */ | 235 | /* Parse cipher suites list and select preferred cipher. */ |
| 227 | if ((ciphers = ssl_bytes_to_cipher_list(s, &cipher_suites)) == NULL) { | 236 | if ((ciphers = ssl_bytes_to_cipher_list(s, &cipher_suites)) == NULL) { |
| 228 | ctx->alert = SSL_AD_ILLEGAL_PARAMETER; | 237 | ctx->alert = SSL_AD_ILLEGAL_PARAMETER; |