diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 3da8ebc46c..c97ade8bdd 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.101 2021/11/01 16:37:17 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.102 2022/01/04 10:34:16 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -1558,8 +1558,10 @@ tlsext_keyshare_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert) | |||
| 1558 | goto err; | 1558 | goto err; |
| 1559 | 1559 | ||
| 1560 | if (CBS_len(cbs) == 0) { | 1560 | if (CBS_len(cbs) == 0) { |
| 1561 | /* HRR does not include an actual key share. */ | 1561 | /* HRR does not include an actual key share, only the group. */ |
| 1562 | /* XXX - we should know that we are in a HRR... */ | 1562 | if (msg_type != SSL_TLSEXT_MSG_HRR) |
| 1563 | return 0; | ||
| 1564 | |||
| 1563 | S3I(s)->hs.tls13.server_group = group; | 1565 | S3I(s)->hs.tls13.server_group = group; |
| 1564 | return 1; | 1566 | return 1; |
| 1565 | } | 1567 | } |