artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a7c9dd9) | patch
Validate protocols in SSL{_CTX,}_set_alpn_protos()
authortb <tb@openbsd.org>
Wed, 20 Jul 2022 14:08:49 +0000 (14:08 +0000)
committertb <tb@openbsd.org>
Wed, 20 Jul 2022 14:08:49 +0000 (14:08 +0000)
commitd505af57c75fdbfc458b78787fd148ae396c89e8
treee835cc6925263b3dc8256c25dce15f19c32051bctree | snapshot
parenta7c9dd9e86ff34b3d9e5bc5c53f83dd2d48e0462commit | diff
Validate protocols in SSL{_CTX,}_set_alpn_protos()

This wonderful API requires users to pass the protocol list in wire
format. This list is then sent as part of the ClientHello. Validate
it to be of the correct form. This reuses tlsext_alpn_check_format()
that was split out of tlsext_alpn_server_parse().

Similar checks were introduced in OpenSSL 86a90dc7

ok jsing
lib/libssl/ssl_lib.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim