summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/ssl_locl.h8
-rw-r--r--src/lib/libssl/ssl_tlsext.c3
-rw-r--r--src/lib/libssl/t1_lib.c6
3 files changed, 3 insertions, 14 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 736005b5c9..046c4bba52 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.275 2020/05/19 16:35:20 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.276 2020/05/29 17:39:42 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -738,12 +738,6 @@ typedef struct ssl_internal_st {
738 long max_cert_list; 738 long max_cert_list;
739 int first_packet; 739 int first_packet;
740 740
741 int servername_done; /* no further mod of servername
742 0 : call the servername extension callback.
743 1 : prepare 2, allow last ack just after in server callback.
744 2 : don't call servername callback, no ack in server hello
745 */
746
747 /* Expect OCSP CertificateStatus message */ 741 /* Expect OCSP CertificateStatus message */
748 int tlsext_status_expected; 742 int tlsext_status_expected;
749 /* OCSP status request only */ 743 /* OCSP status request only */
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index e6e0e7a92d..cf54fc4d2c 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_tlsext.c,v 1.73 2020/05/24 15:13:22 tb Exp $ */ 1/* $OpenBSD: ssl_tlsext.c,v 1.74 2020/05/29 17:39:42 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -2133,7 +2133,6 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server, uint16_t msg_type)
2133static void 2133static void
2134tlsext_server_reset_state(SSL *s) 2134tlsext_server_reset_state(SSL *s)
2135{ 2135{
2136 s->internal->servername_done = 0;
2137 s->tlsext_status_type = -1; 2136 s->tlsext_status_type = -1;
2138 S3I(s)->renegotiate_seen = 0; 2137 S3I(s)->renegotiate_seen = 0;
2139 free(S3I(s)->alpn_selected); 2138 free(S3I(s)->alpn_selected);
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index fc828541cd..580ae4b19b 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.166 2020/05/10 14:17:48 jsing Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.167 2020/05/29 17:39:42 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -629,7 +629,6 @@ ssl_check_clienthello_tlsext_early(SSL *s)
629 ssl3_send_alert(s, SSL3_AL_WARNING, al); 629 ssl3_send_alert(s, SSL3_AL_WARNING, al);
630 return 1; 630 return 1;
631 case SSL_TLSEXT_ERR_NOACK: 631 case SSL_TLSEXT_ERR_NOACK:
632 s->internal->servername_done = 0;
633 default: 632 default:
634 return 1; 633 return 1;
635 } 634 }
@@ -737,14 +736,11 @@ ssl_check_serverhello_tlsext(SSL *s)
737 switch (ret) { 736 switch (ret) {
738 case SSL_TLSEXT_ERR_ALERT_FATAL: 737 case SSL_TLSEXT_ERR_ALERT_FATAL:
739 ssl3_send_alert(s, SSL3_AL_FATAL, al); 738 ssl3_send_alert(s, SSL3_AL_FATAL, al);
740
741 return -1; 739 return -1;
742 case SSL_TLSEXT_ERR_ALERT_WARNING: 740 case SSL_TLSEXT_ERR_ALERT_WARNING:
743 ssl3_send_alert(s, SSL3_AL_WARNING, al); 741 ssl3_send_alert(s, SSL3_AL_WARNING, al);
744
745 return 1; 742 return 1;
746 case SSL_TLSEXT_ERR_NOACK: 743 case SSL_TLSEXT_ERR_NOACK:
747 s->internal->servername_done = 0;
748 default: 744 default:
749 return 1; 745 return 1;
750 } 746 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 23:27:09 +0000