[openssl-dev] [openssl.org #3915] BUG/PATCH: ssl_sess.c no longer compiles when no-tlsext is specified
Geoff_Lowe@McAfee.com via RT
rt at openssl.org
Fri Jun 19 01:13:40 UTC 2015
>From ticket 2720, it seems the official position is that "no-tlsext" is NOT supported. However, for those who still try to use it, the recent fixes for CVE-2015-1791 seem to have introduced more problems for the 0.9.8 code base (and maybe others - not sure).
This report can be added to RT#2720.
@@ -151,12 +151,12 @@
* the case of an error whilst halfway through constructing dest
*/
dest->ciphers = NULL;
#ifndef OPENSSL_NO_TLSEXT
dest->tlsext_hostname = NULL;
-#endif
dest->tlsext_tick = NULL;
+#endif
memset(&dest->ex_data, 0, sizeof(dest->ex_data));
/* We deliberately don't copy the prev and next pointers */
dest->prev = NULL;
dest->next = NULL;
@@ -185,20 +185,20 @@
dest->tlsext_hostname = BUF_strdup(src->tlsext_hostname);
if (dest->tlsext_hostname == NULL) {
goto err;
}
}
-#endif
if (ticket != 0) {
dest->tlsext_tick = BUF_memdup(src->tlsext_tick, src->tlsext_ticklen);
if(dest->tlsext_tick == NULL)
goto err;
} else {
dest->tlsext_tick_lifetime_hint = 0;
dest->tlsext_ticklen = 0;
}
+#endif
return dest;
err:
SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
SSL_SESSION_free(dest);
Geoff
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
More information about the openssl-dev
mailing list