[openssl] OpenSSL_1_1_1-stable update

beldmit at gmail.com beldmit at gmail.com
Fri May 21 15:29:06 UTC 2021 

The branch OpenSSL_1_1_1-stable has been updated
       via  7fc0b9376135e9e5db76c713122a6e319c0b9768 (commit)
      from  ca28c2422a7b32644161caa55f818dfafd8eeb9a (commit)


- Log -----------------------------------------------------------------
commit 7fc0b9376135e9e5db76c713122a6e319c0b9768
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date:   Thu May 20 16:03:05 2021 +0200

    Cleanup the peer point formats on regotiation
    
    Fixes #14875
    
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/15383)
    
    (cherry picked from commit 3f987381929ee725daf4746591144dde18f313e1)

-----------------------------------------------------------------------

Summary of changes:
 ssl/statem/extensions.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 07803537ba..19e91b6f4e 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -42,6 +42,7 @@ static int tls_parse_certificate_authorities(SSL *s, PACKET *pkt,
 #ifndef OPENSSL_NO_SRP
 static int init_srp(SSL *s, unsigned int context);
 #endif
+static int init_ec_point_formats(SSL *s, unsigned int context);
 static int init_etm(SSL *s, unsigned int context);
 static int init_ems(SSL *s, unsigned int context);
 static int final_ems(SSL *s, unsigned int context, int sent);
@@ -159,7 +160,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
         TLSEXT_TYPE_ec_point_formats,
         SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO
         | SSL_EXT_TLS1_2_AND_BELOW_ONLY,
-        NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
+        init_ec_point_formats, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
         tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats,
         final_ec_pt_formats
     },
@@ -1165,6 +1166,15 @@ static int init_srp(SSL *s, unsigned int context)
 }
 #endif
 
+static int init_ec_point_formats(SSL *s, unsigned int context)
+{
+    OPENSSL_free(s->ext.peer_ecpointformats);
+    s->ext.peer_ecpointformats = NULL;
+    s->ext.peer_ecpointformats_len = 0;
+
+    return 1;
+}
+
 static int init_etm(SSL *s, unsigned int context)
 {
     s->ext.use_etm = 0;

More information about the openssl-commits mailing list