X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fstatem%2Fextensions_srvr.c;h=076a635d24d0e27b2c6f1675c973315d30e577e3;hb=1ee4b98e695cd041da931c10fbdaf82f0ee0f268;hp=83fb71313afe5acb9c47958296eaa025cff8fed7;hpb=30d1bab146ffef92376f09b7372aac7a75281627;p=oweals%2Fopenssl.git diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 83fb71313a..076a635d24 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -796,6 +796,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, s->session = sess; return 1; err: + SSL_SESSION_free(sess); return 0; } @@ -840,24 +841,6 @@ int tls_construct_stoc_server_name(SSL *s, WPACKET *pkt, unsigned int context, return 1; } -int tls_construct_stoc_early_data_info(SSL *s, WPACKET *pkt, - unsigned int context, X509 *x, - size_t chainidx, int *al) -{ - if (s->max_early_data == 0) - return 1; - - if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_early_data_info) - || !WPACKET_start_sub_packet_u16(pkt) - || !WPACKET_put_bytes_u32(pkt, s->max_early_data) - || !WPACKET_close(pkt)) { - SSLerr(SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO, ERR_R_INTERNAL_ERROR); - return 0; - } - - return 1; -} - #ifndef OPENSSL_NO_EC int tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, size_t chainidx, int *al) @@ -1150,6 +1133,21 @@ int tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt, unsigned int context, int tls_construct_stoc_early_data(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, size_t chainidx, int *al) { + if (context == EXT_TLS1_3_NEW_SESSION_TICKET) { + if (s->max_early_data == 0) + return 1; + + if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_early_data) + || !WPACKET_start_sub_packet_u16(pkt) + || !WPACKET_put_bytes_u32(pkt, s->max_early_data) + || !WPACKET_close(pkt)) { + SSLerr(SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA, ERR_R_INTERNAL_ERROR); + return 0; + } + + return 1; + } + if (s->ext.early_data != SSL_EARLY_DATA_ACCEPTED) return 1;