diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 2bf7d5a051..bd70733362 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.92 2021/05/16 14:10:43 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.93 2021/06/08 17:22:00 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -359,10 +359,11 @@ tlsext_ecpf_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 359 | if (CBS_len(cbs) != 0) | 359 | if (CBS_len(cbs) != 0) |
| 360 | goto err; | 360 | goto err; |
| 361 | 361 | ||
| 362 | /* Must contain uncompressed (0) */ | 362 | /* Must contain uncompressed (0) - RFC 8422, section 5.1.2. */ |
| 363 | if (!CBS_contains_zero_byte(&ecpf)) { | 363 | if (!CBS_contains_zero_byte(&ecpf)) { |
| 364 | SSLerror(s, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); | 364 | SSLerror(s, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); |
| 365 | goto err; | 365 | *alert = SSL3_AD_ILLEGAL_PARAMETER; |
| 366 | return 0; | ||
| 366 | } | 367 | } |
| 367 | 368 | ||
| 368 | if (!s->internal->hit) { | 369 | if (!s->internal->hit) { |