diff options
author | Scott Deboy <sdeboy@secondstryke.com> | 2013-07-31 10:51:19 -0700 |
---|---|---|
committer | Scott Deboy <sdeboy@secondstryke.com> | 2013-07-31 10:51:19 -0700 |
commit | 65616e81a11106002e0d4509de2b0507e83cca44 (patch) | |
tree | c2567949a4b34026fda2a0ee3d3b30580c277bb2 | |
parent | e21ff60d6146868fdfed8cb0795ac8a36f8b7db8 (diff) | |
parent | 0b2bde70dd8fc290d640ed64cf7609dc2963a48b (diff) | |
download | openssl-new-65616e81a11106002e0d4509de2b0507e83cca44.tar.gz |
Merge remote-tracking branch 'openssl-github/master' into supplemental-data-api
Conflicts:
ssl/s23_clnt.c
ssl/ssl_rsa.c
-rw-r--r-- | ssl/ssl_rsa.c | 13 | ||||
-rw-r--r-- | ssl/t1_lib.c | 8 |
2 files changed, 10 insertions, 11 deletions
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 7451219994..b6765a30e1 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -459,15 +459,6 @@ static int ssl_set_cert(CERT *c, X509 *x) X509_free(c->pkeys[i].x509); CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); c->pkeys[i].x509=x; -#ifndef OPENSSL_NO_TLSEXT - /* Free the old serverinfo data, if it exists. */ - if (c->pkeys[i].serverinfo != NULL) - { - OPENSSL_free(c->pkeys[i].serverinfo); - c->pkeys[i].serverinfo = NULL; - c->pkeys[i].serverinfo_length = 0; - } -#endif c->key= &(c->pkeys[i]); c->valid=0; @@ -950,7 +941,7 @@ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, if (!serverinfo_process_buffer(serverinfo, serverinfo_length, NULL)) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO,SSL_R_INVALID_SERVERINFO_DATA); - return(0); + return 0; } if (!ssl_cert_inst(&ctx->cert)) { @@ -977,7 +968,7 @@ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, if (!serverinfo_process_buffer(serverinfo, serverinfo_length, ctx)) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO,SSL_R_INVALID_SERVERINFO_DATA); - return(0); + return 0; } return 1; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 2b53a226b5..3275a7bcfd 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1816,6 +1816,14 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char s->s3->alpn_selected = NULL; } + /* Clear observed custom extensions */ + s->s3->tlsext_custom_types_count = 0; + if (s->s3->tlsext_custom_types != NULL) + { + OPENSSL_free(s->s3->tlsext_custom_types); + s->s3->tlsext_custom_types = NULL; + } + #ifndef OPENSSL_NO_HEARTBEATS s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED | SSL_TLSEXT_HB_DONT_SEND_REQUESTS); |