1 files changed, 2 insertions, 28 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index bf5e2de80b..b061bd1100 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.121 2017/07/24 17:10:31 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.122 2017/07/24 17:39:43 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1504,7 +1504,6 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al)
        unsigned short len;
        unsigned char *data = *p;
        unsigned char *end = *p + n;
-        int tlsext_servername = 0;
        CBS cbs;
        S3I(s)->renegotiate_seen = 0;
@@ -1537,15 +1536,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al)
                if (!tlsext_serverhello_parse_one(s, &cbs, type, al))
                        return 0;
-                if (type == TLSEXT_TYPE_server_name) {
+                if (type == TLSEXT_TYPE_ec_point_formats &&
-                        if (s->tlsext_hostname == NULL || size > 0) {
-                                *al = TLS1_AD_UNRECOGNIZED_NAME;
-                                return 0;
-                        }
-                        tlsext_servername = 1;
-                }
-                else if (type == TLSEXT_TYPE_ec_point_formats &&
                    s->version != DTLS1_VERSION) {
                        unsigned char *sdata = data;
                        size_t formatslen;
@@ -1688,23 +1679,6 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al)
                return 0;
        }
-        if (!s->internal->hit && tlsext_servername == 1) {
-                if (s->tlsext_hostname) {
-                        if (s->session->tlsext_hostname == NULL) {
-                                s->session->tlsext_hostname =
-                                    strdup(s->tlsext_hostname);
-                                if (!s->session->tlsext_hostname) {
-                                        *al = SSL_AD_UNRECOGNIZED_NAME;
-                                        return 0;
-                                }
-                        } else {
-                                *al = SSL_AD_DECODE_ERROR;
-                                return 0;
-                        }
-                }
-        }
        *p = data;
 ri_check:

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index bf5e2de80b..b061bd1100 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.121 2017/07/24 17:10:31 jsing Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.122 2017/07/24 17:39:43 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1504,7 +1504,6 @@ ssl_parse_serverhello_tlsext(SSL s, unsigned char p, size_t n, int al)
1504	unsigned short len;	1504	unsigned short len;
1505	unsigned char data = p;	1505	unsigned char data = p;
1506	unsigned char end = p + n;	1506	unsigned char end = p + n;
1507	int tlsext_servername = 0;
1508	CBS cbs;	1507	CBS cbs;
1509		1508
1510	S3I(s)->renegotiate_seen = 0;	1509	S3I(s)->renegotiate_seen = 0;
@@ -1537,15 +1536,7 @@ ssl_parse_serverhello_tlsext(SSL s, unsigned char p, size_t n, int al)
1537	if (!tlsext_serverhello_parse_one(s, &cbs, type, al))	1536	if (!tlsext_serverhello_parse_one(s, &cbs, type, al))
1538	return 0;	1537	return 0;
1539		1538
1540	if (type == TLSEXT_TYPE_server_name) {	1539	if (type == TLSEXT_TYPE_ec_point_formats &&
1541	if (s->tlsext_hostname == NULL \|\| size > 0) {
1542	*al = TLS1_AD_UNRECOGNIZED_NAME;
1543	return 0;
1544	}
1545	tlsext_servername = 1;
1546
1547	}
1548	else if (type == TLSEXT_TYPE_ec_point_formats &&
1549	s->version != DTLS1_VERSION) {	1540	s->version != DTLS1_VERSION) {
1550	unsigned char *sdata = data;	1541	unsigned char *sdata = data;
1551	size_t formatslen;	1542	size_t formatslen;
@@ -1688,23 +1679,6 @@ ssl_parse_serverhello_tlsext(SSL s, unsigned char p, size_t n, int al)
1688	return 0;	1679	return 0;
1689	}	1680	}
1690		1681
1691	if (!s->internal->hit && tlsext_servername == 1) {
1692	if (s->tlsext_hostname) {
1693	if (s->session->tlsext_hostname == NULL) {
1694	s->session->tlsext_hostname =
1695	strdup(s->tlsext_hostname);
1696
1697	if (!s->session->tlsext_hostname) {
1698	*al = SSL_AD_UNRECOGNIZED_NAME;
1699	return 0;
1700	}
1701	} else {
1702	*al = SSL_AD_DECODE_ERROR;
1703	return 0;
1704	}
1705	}
1706	}
1707
1708	*p = data;	1682	*p = data;
1709		1683
1710	ri_check:	1684	ri_check: