diff options
| author | Mike DePaulo <mikedep333@gmail.com> | 2015-07-10 08:56:32 -0400 |
|---|---|---|
| committer | Mike DePaulo <mikedep333@gmail.com> | 2015-07-26 11:34:07 -0400 |
| commit | 9ece505c5ca92218e41adedfa6d8c47574bd9271 (patch) | |
| tree | fbb27f113769b94dafa26ab43a5843c7e7454fb6 /openssl/ssl | |
| parent | 6d650329125473a3b773f03f2fb704a094d92b55 (diff) | |
| download | vcxsrv-9ece505c5ca92218e41adedfa6d8c47574bd9271.tar.gz vcxsrv-9ece505c5ca92218e41adedfa6d8c47574bd9271.tar.bz2 vcxsrv-9ece505c5ca92218e41adedfa6d8c47574bd9271.zip | |
Update openssl: 1.0.2c -> 1.0.2d
Diffstat (limited to 'openssl/ssl')
| -rw-r--r-- | openssl/ssl/s3_clnt.c | 17 | ||||
| -rw-r--r-- | openssl/ssl/s3_lib.c | 2 | ||||
| -rw-r--r-- | openssl/ssl/s3_srvr.c | 2 |
3 files changed, 5 insertions, 16 deletions
diff --git a/openssl/ssl/s3_clnt.c b/openssl/ssl/s3_clnt.c index 2346ce50c..6af145a8b 100644 --- a/openssl/ssl/s3_clnt.c +++ b/openssl/ssl/s3_clnt.c @@ -1456,8 +1456,6 @@ int ssl3_get_key_exchange(SSL *s) #ifndef OPENSSL_NO_PSK if (alg_k & SSL_kPSK) { - char tmp_id_hint[PSK_MAX_IDENTITY_LEN + 1]; - param_len = 2; if (param_len > n) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT); @@ -1483,17 +1481,8 @@ int ssl3_get_key_exchange(SSL *s) } param_len += i; - /* - * If received PSK identity hint contains NULL characters, the hint - * is truncated from the first NULL. p may not be ending with NULL, - * so create a NULL-terminated string. - */ - memcpy(tmp_id_hint, p, i); - memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i); - if (s->ctx->psk_identity_hint != NULL) - OPENSSL_free(s->ctx->psk_identity_hint); - s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint); - if (s->ctx->psk_identity_hint == NULL) { + s->session->psk_identity_hint = BUF_strndup((char *)p, i); + if (s->session->psk_identity_hint == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); goto f_err; @@ -3077,7 +3066,7 @@ int ssl3_send_client_key_exchange(SSL *s) } memset(identity, 0, sizeof(identity)); - psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint, + psk_len = s->psk_client_callback(s, s->session->psk_identity_hint, identity, sizeof(identity) - 1, psk_or_pre_ms, sizeof(psk_or_pre_ms)); diff --git a/openssl/ssl/s3_lib.c b/openssl/ssl/s3_lib.c index 5db349a23..ad9eeb6fd 100644 --- a/openssl/ssl/s3_lib.c +++ b/openssl/ssl/s3_lib.c @@ -3084,7 +3084,7 @@ void ssl3_clear(SSL *s) } #if !defined(OPENSSL_NO_TLSEXT) if (s->s3->alpn_selected) { - free(s->s3->alpn_selected); + OPENSSL_free(s->s3->alpn_selected); s->s3->alpn_selected = NULL; } #endif diff --git a/openssl/ssl/s3_srvr.c b/openssl/ssl/s3_srvr.c index 8885694c0..acd3b9e96 100644 --- a/openssl/ssl/s3_srvr.c +++ b/openssl/ssl/s3_srvr.c @@ -2780,7 +2780,7 @@ int ssl3_get_client_key_exchange(SSL *s) if (s->session->psk_identity != NULL) OPENSSL_free(s->session->psk_identity); - s->session->psk_identity = BUF_strdup((char *)p); + s->session->psk_identity = BUF_strndup((char *)p, i); if (s->session->psk_identity == NULL) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); goto psk_err; |