[openssl-commits] [openssl] OpenSSL source code branch OpenSSL_1_0_2-stable updated. OpenSSL_1_0_2-beta3-132-g47606dd

[Dr. Stephen Henson]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".

The branch, OpenSSL_1_0_2-stable has been updated
       via  47606dda672a5008168f62d4b7d7f94cd2d31313 (commit)
      from  c30c8761766d98c7fcd257b7332df5cd56c40a6f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 47606dda672a5008168f62d4b7d7f94cd2d31313
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Fri Dec 5 13:39:14 2014 +0000

    Clear existing extension state.
    
    When parsing ClientHello clear any existing extension state from
    SRP login and SRTP profile.
    
    Thanks to Karthikeyan Bhargavan for reporting this issue.
    Reviewed-by: Matt Caswell <matt at openssl.org>
    
    (cherry picked from commit 4f605ccb779e32a770093d687e0554e0bbb137d3)
    
    Conflicts:
    	ssl/t1_lib.c

-----------------------------------------------------------------------

Summary of changes:
 ssl/t1_lib.c |   10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 962861d..4deab88 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2016,6 +2016,16 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
 		s->cert->peer_sigalgs = NULL;
 		}
 
+#ifndef OPENSSL_NO_SRP
+	if (s->srp_ctx.login != NULL)
+		{
+		OPENSSL_free(s->srp_ctx.login);
+		s->srp_ctx.login = NULL;
+		}
+#endif
+
+	s->srtp_profile = NULL;
+
 	if (data >= (d+n-2))
 		goto ri_check;
 	n2s(data,len);


hooks/post-receive
-- 
OpenSSL source code