diff options
| author | Bodo Möller <bodo@openssl.org> | 2007-09-21 14:05:08 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2007-09-21 14:05:08 +0000 |
| commit | 4ab0088bfe20d251bc2a1afae543685d2faa3935 (patch) | |
| tree | 501a4f6f3b48015e44611823039ed437f9504114 /ssl/t1_lib.c | |
| parent | 3bd1690bfb59b014fafa93b22e737e50c7db4b5b (diff) | |
More changes from HEAD:
- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
now that ssl23_client_hello takes care of that
- fix buffer overrun checks in ssl_add_serverhello_tlsext()
Diffstat (limited to 'ssl/t1_lib.c')
| -rw-r--r-- | ssl/t1_lib.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 21ddcc6116..fabc634d68 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -207,7 +207,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha if (!s->hit && s->servername_done == 1 && s->session->tlsext_hostname != NULL) { - if (limit - p - 4 < 0) return NULL; + if (limit - ret - 4 < 0) return NULL; s2n(TLSEXT_TYPE_server_name,ret); s2n(0,ret); @@ -216,7 +216,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha if (s->tlsext_ticket_expected && !(SSL_get_options(s) & SSL_OP_NO_TICKET)) { - if (limit - p - 4 < 0) return NULL; + if (limit - ret - 4 < 0) return NULL; s2n(TLSEXT_TYPE_session_ticket,ret); s2n(0,ret); } |