From: Matt Caswell <matt@openssl.org>
Date: Mon, 26 Sep 2016 14:31:20 +0000 (+0100)
Subject: Fix a bug in Renegotiation extension construction
X-Git-Tag: OpenSSL_1_1_1-pre1~3449
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=2f97192c78928ab2b2d44ac2f4859c321f57fd1f;p=oweals%2Fopenssl.git

Fix a bug in Renegotiation extension construction

The conversion to WPACKET broke the construction of the renegotiation
extension.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4733bff3a3..40932fa985 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1040,8 +1040,10 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int *al)
     /* Add RI if renegotiating */
     if (s->renegotiate) {
         if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_renegotiate)
-                || !WPACKET_sub_memcpy_u16(pkt, s->s3->previous_client_finished,
-                                   s->s3->previous_client_finished_len)) {
+                || !WPACKET_start_sub_packet_u16(pkt)
+                || !WPACKET_sub_memcpy_u8(pkt, s->s3->previous_client_finished,
+                                   s->s3->previous_client_finished_len)
+                || !WPACKET_close(pkt)) {
             SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
             return 0;
         }