summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_tlsext.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/ssl_tlsext.c24
1 files changed, 23 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 539c380fb9..400c69fa87 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_tlsext.c,v 1.2 2017/07/24 17:10:31 jsing Exp $ */ 1/* $OpenBSD: ssl_tlsext.c,v 1.3 2017/07/24 17:39:43 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -259,6 +259,28 @@ tlsext_sni_serverhello_parse(SSL *s, CBS *cbs, int *alert)
259 return 0; 259 return 0;
260 } 260 }
261 261
262 if (s->internal->hit) {
263 if (s->session->tlsext_hostname == NULL) {
264 *alert = TLS1_AD_UNRECOGNIZED_NAME;
265 return 0;
266 }
267 if (strcmp(s->tlsext_hostname,
268 s->session->tlsext_hostname) != 0) {
269 *alert = TLS1_AD_UNRECOGNIZED_NAME;
270 return 0;
271 }
272 } else {
273 if (s->session->tlsext_hostname != NULL) {
274 *alert = SSL_AD_DECODE_ERROR;
275 return 0;
276 }
277 if ((s->session->tlsext_hostname =
278 strdup(s->tlsext_hostname)) == NULL) {
279 *alert = TLS1_AD_INTERNAL_ERROR;
280 return 0;
281 }
282 }
283
262 return 1; 284 return 1;
263} 285}
264 286