[openssl-commits] [openssl] OpenSSL source code branch master updated. 4f605ccb779e32a770093d687e0554e0bbb137d3
Dr. Stephen Henson
steve at openssl.org
Fri Jan 2 22:26:24 UTC 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".
The branch, master has been updated
via 4f605ccb779e32a770093d687e0554e0bbb137d3 (commit)
from 2a9338ee31b8448186b79c4a8115dc76f6a431d7 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4f605ccb779e32a770093d687e0554e0bbb137d3
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Fri Dec 5 13:39:14 2014 +0000
Clear existing extension state.
When parsing ClientHello clear any existing extension state from
SRP login and SRTP profile.
Thanks to Karthikeyan Bhargavan for reporting this issue.
Reviewed-by: Matt Caswell <matt at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_lib.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index fec7ace..2180c54 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1996,6 +1996,16 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC;
#endif
+#ifndef OPENSSL_NO_SRP
+ if (s->srp_ctx.login != NULL)
+ {
+ OPENSSL_free(s->srp_ctx.login);
+ s->srp_ctx.login = NULL;
+ }
+#endif
+
+ s->srtp_profile = NULL;
+
if (data >= (d+n-2))
goto ri_check;
n2s(data,len);
hooks/post-receive
--
OpenSSL source code
More information about the openssl-commits
mailing list