projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0086ca4)
Fix a bug in Renegotiation extension construction
authorMatt Caswell <matt@openssl.org>
Mon, 26 Sep 2016 14:31:20 +0000 (15:31 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 28 Sep 2016 08:15:07 +0000 (09:15 +0100)
The conversion to WPACKET broke the construction of the renegotiation
extension.

Reviewed-by: Rich Salz <rsalz@openssl.org>
ssl/t1_lib.c patch | blob | history

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4733bff3a35b746aecce992f57fb2be17e178563..40932fa9853e0bb473636b066b7abb85e7b048c2 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1040,8 +1040,10 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int *al)
     /* Add RI if renegotiating */
     if (s->renegotiate) {
         if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_renegotiate)
-                || !WPACKET_sub_memcpy_u16(pkt, s->s3->previous_client_finished,
-                                   s->s3->previous_client_finished_len)) {
+                || !WPACKET_start_sub_packet_u16(pkt)
+                || !WPACKET_sub_memcpy_u8(pkt, s->s3->previous_client_finished,
+                                   s->s3->previous_client_finished_len)
+                || !WPACKET_close(pkt)) {
             SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
             return 0;
         }
Unnamed repository; edit this file 'description' to name the repository.