From: Scott Deboy Date: Wed, 5 Feb 2014 02:48:59 +0000 (-0800) Subject: Don't break out of the custom extension callback loop - continue instead X-Git-Tag: OpenSSL_1_0_2-beta1~41^2~5 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=5a32dd8930212e2d93c023229083034d8282a596;p=oweals%2Fopenssl.git Don't break out of the custom extension callback loop - continue instead The contract for custom extension callbacks has changed - all custom extension callbacks are triggered --- diff --git a/ssl/ssltest.c b/ssl/ssltest.c index da7979b49c..47a8189bf7 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -501,8 +501,7 @@ static int custom_ext_0_cli_second_cb(SSL *s, unsigned short ext_type, unsigned short inlen, int *al, void *arg) { - custom_ext_error = 1; /* Shouldn't be called */ - return 0; + return 1; } static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type, @@ -521,8 +520,7 @@ static int custom_ext_1_cli_second_cb(SSL *s, unsigned short ext_type, unsigned short inlen, int *al, void *arg) { - custom_ext_error = 1; /* Shouldn't be called */ - return 0; + return 1; } static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type, @@ -579,8 +577,7 @@ static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type, unsigned short inlen, int *al, void *arg) { - custom_ext_error = 1; - return 0; /* Shouldn't be called */ + return 1; } /* 'generate' callbacks are always called, even if the 'receive' callback isn't called */ diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 61b22043d7..bf96ae25c3 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1718,14 +1718,14 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha /* NULL callback or -1 omits extension */ if (!record->fn2) - break; + continue; cb_retval = record->fn2(s, record->ext_type, &out, &outlen, al, record->arg); if (cb_retval == 0) return NULL; /* error */ if (cb_retval == -1) - break; /* skip this extension */ + continue; /* skip this extension */ if (limit < ret + 4 + outlen) return NULL; s2n(record->ext_type, ret);