Make sure we save ALPN data in the session

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3926)

diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 3a198f421c988d902b265e1f44285b22026d4f86..329a8007eea6284185105bf8466b141ab3caab60 100644 (file)
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1400,6 +1400,17 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     }
     s->s3->alpn_selected_len = len;
 
+    /* We also put a copy in the session */
+    OPENSSL_free(s->session->ext.alpn_selected);
+    s->session->ext.alpn_selected = OPENSSL_memdup(s->s3->alpn_selected,
+                                                   s->s3->alpn_selected_len);
+    s->session->ext.alpn_selected_len = s->s3->alpn_selected_len;
+
+    if (s->session->ext.alpn_selected == NULL) {
+        *al = SSL_AD_INTERNAL_ERROR;
+        return 0;
+    }
+
     return 1;
 }