From: Matt Caswell <matt@openssl.org>
Date: Mon, 2 Dec 2019 17:29:21 +0000 (+0000)
Subject: Don't acknowledge a servername following warning alert in servername cb
X-Git-Tag: OpenSSL_1_1_1e~52
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a9a8863b791a54625da2a079a496a31cb7f94482;p=oweals%2Fopenssl.git

Don't acknowledge a servername following warning alert in servername cb

If the servername cb decides to send back a warning alert then the
handshake continues, but we should not signal to the client that the
servername has been accepted.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/10018)

(cherry picked from commit cd624ccd41ac3ac779c1c7a7a1e63427ce9588dd)
---

diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index f6a1cd7dd2..44d8a2591a 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1010,6 +1010,7 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
         /* TLSv1.3 doesn't have warning alerts so we suppress this */
         if (!SSL_IS_TLS13(s))
             ssl3_send_alert(s, SSL3_AL_WARNING, altmp);
+        s->servername_done = 0;
         return 1;
 
     case SSL_TLSEXT_ERR_NOACK: