From 764541b0cbbef5bbe8943ea3da53ba158801937c Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sat, 9 Dec 2017 13:43:25 +0000 Subject: MFC: Correct TLS extensions handling when no extensions are present. If no TLS extensions are present in a client hello or server hello, omit the entire extensions block, rather than including it with a length of zero. ok beck@ inoguchi@ Thanks to Eric Elena for providing packet captures and testing the fix. --- src/lib/libssl/bs_cbb.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'src/lib/libssl/bs_cbb.c') diff --git a/src/lib/libssl/bs_cbb.c b/src/lib/libssl/bs_cbb.c index 9de75fbb02..1c02eaf0be 100644 --- a/src/lib/libssl/bs_cbb.c +++ b/src/lib/libssl/bs_cbb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bs_cbb.c,v 1.17 2017/08/12 02:50:05 jsing Exp $ */ +/* $OpenBSD: bs_cbb.c,v 1.17.4.1 2017/12/09 13:43:25 jsing Exp $ */ /* * Copyright (c) 2014, Google Inc. * @@ -271,6 +271,20 @@ CBB_flush(CBB *cbb) return 1; } +void +CBB_discard_child(CBB *cbb) +{ + if (cbb->child == NULL) + return; + + cbb->base->len = cbb->offset; + + cbb->child->base = NULL; + cbb->child = NULL; + cbb->pending_len_len = 0; + cbb->pending_is_asn1 = 0; + cbb->offset = 0; +} static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len) -- cgit v1.2.3-55-g6feb