if ((alg_k & (SSL_kECDHE | SSL_kECDHEPSK))
|| (alg_a & SSL_aECDSA)
|| c->min_tls >= TLS1_3_VERSION)
- break;
+ return 1;
}
- return i < end;
+ return 0;
}
int tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt, unsigned int context,
ret = 1;
end:
OPENSSL_free(s->ext.tls13_cookie);
+ s->ext.tls13_cookie = NULL;
s->ext.tls13_cookie_len = 0;
return ret;
* MUST only be sent if we've requested a status
* request message. In TLS <= 1.2 it must also be empty.
*/
- if (s->ext.status_type == TLSEXT_STATUSTYPE_nothing
+ if (s->ext.status_type != TLSEXT_STATUSTYPE_ocsp
|| (!SSL_IS_TLS13(s) && PACKET_remaining(pkt) > 0)) {
*al = SSL_AD_UNSUPPORTED_EXTENSION;
return 0;