| --- openssl-1.0.0.orig/ssl/t1_lib.c 15 Jun 2010 17:25:15 -0000 1.64.2.14 |
| +++ openssl-1.0.0/ssl/t1_lib.c 15 Nov 2010 15:26:19 -0000 |
| @@ -714,14 +714,23 @@ |
| switch (servname_type) |
| { |
| case TLSEXT_NAMETYPE_host_name: |
| - if (s->session->tlsext_hostname == NULL) |
| + if (!s->hit) |
| { |
| - if (len > TLSEXT_MAXLEN_host_name || |
| - ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL)) |
| + if(s->session->tlsext_hostname) |
| + { |
| + *al = SSL_AD_DECODE_ERROR; |
| + return 0; |
| + } |
| + if (len > TLSEXT_MAXLEN_host_name) |
| { |
| *al = TLS1_AD_UNRECOGNIZED_NAME; |
| return 0; |
| } |
| + if ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL) |
| + { |
| + *al = TLS1_AD_INTERNAL_ERROR; |
| + return 0; |
| + } |
| memcpy(s->session->tlsext_hostname, sdata, len); |
| s->session->tlsext_hostname[len]='\0'; |
| if (strlen(s->session->tlsext_hostname) != len) { |
| @@ -734,7 +743,8 @@ |
| |
| } |
| else |
| - s->servername_done = strlen(s->session->tlsext_hostname) == len |
| + s->servername_done = s->session->tlsext_hostname |
| + && strlen(s->session->tlsext_hostname) == len |
| && strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0; |
| |
| break; |
| @@ -765,15 +775,22 @@ |
| *al = TLS1_AD_DECODE_ERROR; |
| return 0; |
| } |
| - s->session->tlsext_ecpointformatlist_length = 0; |
| - if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist); |
| - if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) |
| + if (!s->hit) |
| { |
| - *al = TLS1_AD_INTERNAL_ERROR; |
| - return 0; |
| + if(s->session->tlsext_ecpointformatlist) |
| + { |
| + *al = TLS1_AD_DECODE_ERROR; |
| + return 0; |
| + } |
| + s->session->tlsext_ecpointformatlist_length = 0; |
| + if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) |
| + { |
| + *al = TLS1_AD_INTERNAL_ERROR; |
| + return 0; |
| + } |
| + s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length; |
| + memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length); |
| } |
| - s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length; |
| - memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length); |
| #if 0 |
| fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ", s->session->tlsext_ecpointformatlist_length); |
| sdata = s->session->tlsext_ecpointformatlist; |
| @@ -794,15 +811,22 @@ |
| *al = TLS1_AD_DECODE_ERROR; |
| return 0; |
| } |
| - s->session->tlsext_ellipticcurvelist_length = 0; |
| - if (s->session->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->session->tlsext_ellipticcurvelist); |
| - if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL) |
| + if (!s->hit) |
| { |
| - *al = TLS1_AD_INTERNAL_ERROR; |
| - return 0; |
| + if(s->session->tlsext_ellipticcurvelist) |
| + { |
| + *al = TLS1_AD_DECODE_ERROR; |
| + return 0; |
| + } |
| + s->session->tlsext_ellipticcurvelist_length = 0; |
| + if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL) |
| + { |
| + *al = TLS1_AD_INTERNAL_ERROR; |
| + return 0; |
| + } |
| + s->session->tlsext_ellipticcurvelist_length = ellipticcurvelist_length; |
| + memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length); |
| } |
| - s->session->tlsext_ellipticcurvelist_length = ellipticcurvelist_length; |
| - memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length); |
| #if 0 |
| fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ", s->session->tlsext_ellipticcurvelist_length); |
| sdata = s->session->tlsext_ellipticcurvelist; |