X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Ft1_lib.c;h=31fc70e05e2d332c48f635d52a64d0fe0258cf0c;hp=8e2d6b18979bd5c0104baf44324f20f034652718;hb=4563da1d7c53e969e8d092d018795179bb648a7c;hpb=e9add063b50e8a460d5636055156d2760c2fe29f diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 8e2d6b1897..31fc70e05e 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1453,8 +1453,8 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha { int cb_retval = 0; cb_retval = record->fn1(s, record->ext_type, - &out, &outlen, al, - record->arg); + &out, &outlen, al, + record->arg); if (cb_retval == 0) return NULL; /* error */ if (cb_retval == -1) @@ -1700,21 +1700,22 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha for (i = 0; i < s->ctx->custom_srv_ext_records_count; i++) { - record = &s->ctx->custom_srv_ext_records[i]; const unsigned char *out = NULL; unsigned short outlen = 0; int cb_retval = 0; + record = &s->ctx->custom_srv_ext_records[i]; + /* NULL callback or -1 omits extension */ if (!record->fn2) - break; + continue; cb_retval = record->fn2(s, record->ext_type, &out, &outlen, al, record->arg); if (cb_retval == 0) return NULL; /* error */ if (cb_retval == -1) - break; /* skip this extension */ + continue; /* skip this extension */ if (limit < ret + 4 + outlen) return NULL; s2n(record->ext_type, ret); @@ -3643,6 +3644,11 @@ static int tls1_set_shared_sigalgs(SSL *s) TLS_SIGALGS *salgs = NULL; CERT *c = s->cert; unsigned int is_suiteb = tls1_suiteb(s); + if (c->shared_sigalgs) + { + OPENSSL_free(c->shared_sigalgs); + c->shared_sigalgs = NULL; + } /* If client use client signature algorithms if not NULL */ if (!s->server && c->client_sigalgs && !is_suiteb) { @@ -3699,6 +3705,8 @@ int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize) if (!c) return 0; + if (c->peer_sigalgs) + OPENSSL_free(c->peer_sigalgs); c->peer_sigalgs = OPENSSL_malloc(dsize); if (!c->peer_sigalgs) return 0;