Empty SNI names are not valid While empty inputs to SSL_set1_host() clear the reference identifier list. Reviewed-by: Rich Salz <rsalz@openssl.org>
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index de8dae2..54b8eba 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c
@@ -3534,13 +3534,16 @@ #endif /* !OPENSSL_NO_EC */ case SSL_CTRL_SET_TLSEXT_HOSTNAME: if (larg == TLSEXT_NAMETYPE_host_name) { + size_t len; + OPENSSL_free(s->tlsext_hostname); s->tlsext_hostname = NULL; ret = 1; if (parg == NULL) break; - if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) { + len = strlen((char *)parg); + if (len == 0 || len > TLSEXT_MAXLEN_host_name) { SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); return 0; }