diff options
author | Matt Caswell <matt@openssl.org> | 2019-06-18 11:45:26 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-06-18 13:36:25 +0100 |
commit | cd0fb43cbe2774220f2702b8289faec590a72d01 (patch) | |
tree | 5d8e94dabc78600b440a30ea29496284943b0113 /ssl/statem/extensions.c | |
parent | eee2a6a718151336534d15a61d8d11209d4dfb1e (diff) |
Following the previous 2 commits also move ecpointformats out of session
The previous 2 commits moved supported groups and ciphers out of the
session object to avoid race conditions. We now also move ecpointformats
for consistency. There does not seem to be a race condition with access
to this data since it is only ever set in a non-resumption handshake.
However, there is no reason for it to be in the session.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9162)
Diffstat (limited to 'ssl/statem/extensions.c')
-rw-r--r-- | ssl/statem/extensions.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index eacc7215b5..2a9b796c9f 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -1039,18 +1039,18 @@ static int final_ec_pt_formats(SSL *s, unsigned int context, int sent) */ if (s->ext.ecpointformats != NULL && s->ext.ecpointformats_len > 0 - && s->session->ext.ecpointformats != NULL - && s->session->ext.ecpointformats_len > 0 + && s->ext.peer_ecpointformats != NULL + && s->ext.peer_ecpointformats_len > 0 && ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))) { /* we are using an ECC cipher */ size_t i; - unsigned char *list = s->session->ext.ecpointformats; + unsigned char *list = s->ext.peer_ecpointformats; - for (i = 0; i < s->session->ext.ecpointformats_len; i++) { + for (i = 0; i < s->ext.peer_ecpointformats_len; i++) { if (*list++ == TLSEXT_ECPOINTFORMAT_uncompressed) break; } - if (i == s->session->ext.ecpointformats_len) { + if (i == s->ext.peer_ecpointformats_len) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_FINAL_EC_PT_FORMATS, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); return 0; |