mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-04-06 20:20:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

Don't acknowledge a servername following warning alert in servername cb

Browse Source 
If the servername cb decides to send back a warning alert then the
handshake continues, but we should not signal to the client that the
servername has been accepted.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/10018)
This commit is contained in:
Matt Caswell 2019-12-02 17:29:21 +00:00
parent 0dc7c8e831
commit cd624ccd41
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ssl/statem/extensions.c
View File

@ -1009,6 +1009,7 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
/* TLSv1.3 doesn't have warning alerts so we suppress this */
if (!SSL_IS_TLS13(s))
ssl3_send_alert(s, SSL3_AL_WARNING, altmp);
s->servername_done = 0;
return 1;
case SSL_TLSEXT_ERR_NOACK: