diff options
author | Emilia Kasper <emilia@openssl.org> | 2016-07-04 20:32:28 +0200 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2016-07-19 14:18:03 +0200 |
commit | 70c22888c1648fe8652e77107f3c74bf2212de36 (patch) | |
tree | 009ea0932b1ae55cd0063c77d0549b66d2fdd3e7 /ssl/ssl_locl.h | |
parent | ce2cdac2787da32bcde210c7d6acdcbe41b1cd40 (diff) |
Fix two bugs in clienthello processing
- Always process ALPN (previously there was an early return in the
certificate status handling)
- Don't send a duplicate alert. Previously, both
ssl_check_clienthello_tlsext_late and its caller would send an
alert. Consolidate alert sending code in the caller.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/ssl_locl.h')
-rw-r--r-- | ssl/ssl_locl.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 1cc63aa819..25cd312c95 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -2004,7 +2004,7 @@ __owur unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, __owur int ssl_parse_clienthello_tlsext(SSL *s, PACKET *pkt); void ssl_set_default_md(SSL *s); __owur int tls1_set_server_sigalgs(SSL *s); -__owur int ssl_check_clienthello_tlsext_late(SSL *s); +__owur int ssl_check_clienthello_tlsext_late(SSL *s, int *al); __owur int ssl_parse_serverhello_tlsext(SSL *s, PACKET *pkt); __owur int ssl_prepare_clienthello_tlsext(SSL *s); __owur int ssl_prepare_serverhello_tlsext(SSL *s); |