if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
ssl2_compat = 0;
#endif
- if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL)
+ if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL)
+ ssl2_compat = 0;
+ if (s->ctx->custom_cli_ext_records_count != 0)
ssl2_compat = 0;
}
#endif
X509_free(c->pkeys[i].x509);
CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
c->pkeys[i].x509=x;
-#ifndef OPENSSL_NO_TLSEXT
- /* Free the old authz data, if it exists. */
- if (c->pkeys[i].authz != NULL)
- {
- OPENSSL_free(c->pkeys[i].authz);
- c->pkeys[i].authz = NULL;
- c->pkeys[i].authz_length = 0;
- }
-
- /* Free the old serverinfo data, if it exists. */
- if (c->pkeys[i].serverinfo != NULL)
- {
- OPENSSL_free(c->pkeys[i].serverinfo);
- c->pkeys[i].serverinfo = NULL;
- c->pkeys[i].serverinfo_length = 0;
- }
-#endif
c->key= &(c->pkeys[i]);
c->valid=0;
if (!serverinfo_process_buffer(serverinfo, serverinfo_length, NULL))
{
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO,SSL_R_INVALID_SERVERINFO_DATA);
- return(0);
+ return 0;
}
if (!ssl_cert_inst(&ctx->cert))
{
if (!serverinfo_process_buffer(serverinfo, serverinfo_length, ctx))
{
SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO,SSL_R_INVALID_SERVERINFO_DATA);
- return(0);
+ return 0;
}
return 1;
}
s->s3->alpn_selected = NULL;
}
+ /* Clear observed custom extensions */
+ s->s3->tlsext_custom_types_count = 0;
+ if (s->s3->tlsext_custom_types != NULL)
+ {
+ OPENSSL_free(s->s3->tlsext_custom_types);
+ s->s3->tlsext_custom_types = NULL;
+ }
+
#ifndef OPENSSL_NO_HEARTBEATS
s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
projects / oweals / openssl.git / commitdiff