Don't use decryption_failed alert for TLS v1.1 or later.

[openssl.git] / apps / apps.c

diff --git a/apps/apps.c b/apps/apps.c
index 5bd19c5d016ddd0db3b6777f882ca7b3efdf5046..57390d37ccfe227660481b1e3f13c08f18cd19a8 100644 (file)
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -257,6 +257,8 @@ int args_from_file(char *file, int *argc, char **argv[])
 
 int str2fmt(char *s)
        {
+       if (s == NULL)
+               return FORMAT_UNDEF;
        if      ((*s == 'D') || (*s == 'd'))
                return(FORMAT_ASN1);
        else if ((*s == 'T') || (*s == 't'))
@@ -3032,7 +3034,7 @@ int raw_write_stdout(const void *buf,int siz)
        {       return write(fileno(stdout),buf,siz);   }
 #endif
 
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN)
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
 /* next_protos_parse parses a comma separated list of strings into a string
  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
  *   outlen: (output) set to the length of the resulting buffer on success.
@@ -3047,7 +3049,7 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
        size_t i, start = 0;
 
        len = strlen(in);
-       if (len > 65535)
+       if (len >= 65535)
                return NULL;
 
        out = OPENSSL_malloc(strlen(in) + 1);
@@ -3073,4 +3075,4 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
        *outlen = len + 1;
        return out;
        }
-#endif  /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NPN */
+#endif  /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */