Fix NPN protocol name list validation Since 50932c4 "PACKETise ServerHello processing", ssl_next_proto_validate() incorrectly allows empty protocol name. draft-agl-tls-nextprotoneg-04[1] says "Implementations MUST ensure that the empty string is not included and that no byte strings are truncated." This patch restores the old correct behavior. [1] https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04 Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 6363348..3082a59 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -2339,11 +2339,11 @@ */ static char ssl_next_proto_validate(PACKET *pkt) { - unsigned int len; + PACKET tmp_protocol; while (PACKET_remaining(pkt)) { - if (!PACKET_get_1(pkt, &len) - || !PACKET_forward(pkt, len)) + if (!PACKET_get_length_prefixed_1(pkt, &tmp_protocol) + || PACKET_remaining(&tmp_protocol) == 0) return 0; }