Google Git
Sign in
flutter / third_party / openssl / b04f947941d08b5d077a63b017ecee5e4e2e11cc
commitb04f947941d08b5d077a63b017ecee5e4e2e11cc[log] [tgz]
authorKazuki Yamaguchi <k@rhe.jp>Sun Dec 13 00:51:06 2015 +0900
committerMatt Caswell <matt@openssl.org>Mon May 16 11:45:25 2016 +0100
tree4ebddd31995a1f9dcaff04529dd68bc199431877
parentc5ebfcab713a82a1d46a51c8c2668c419425b387 [diff]
Fix NPN protocol name list validation

Since 50932c4 "PACKETise ServerHello processing",
ssl_next_proto_validate() incorrectly allows empty protocol name.
draft-agl-tls-nextprotoneg-04[1] says "Implementations MUST ensure that
the empty string is not included and that no byte strings are
truncated."
This patch restores the old correct behavior.

[1] https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
1 file changed
tree: 4ebddd31995a1f9dcaff04529dd68bc199431877
  1. apps/
  2. Configurations/
  3. crypto/
  4. demos/
  5. doc/
  6. engines/
  7. external/
  8. fuzz/
  9. include/
  10. ms/
  11. ssl/
  12. test/
  13. tools/
  14. util/
  15. VMS/
  16. .gitattributes
  17. .gitignore
  18. .travis-create-release.sh
  19. .travis.yml
  20. ACKNOWLEDGEMENTS
  21. appveyor.yml
  22. AUTHORS
  23. build.info
  24. CHANGES
  25. config
  26. config.com
  27. Configure
  28. CONTRIBUTING
  29. e_os.h
  30. FAQ
  31. INSTALL
  32. INSTALL.DJGPP
  33. INSTALL.WCE
  34. LICENSE
  35. Makefile.shared
  36. NEWS
  37. NOTES.VMS
  38. NOTES.WIN
  39. README
  40. README.ECC
  41. README.ENGINE
  42. README.FIPS
  43. README.PERL