Clear existing extension state.
authorDr. Stephen Henson <steve@openssl.org>
Fri, 5 Dec 2014 13:39:14 +0000 (13:39 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 2 Jan 2015 22:25:52 +0000 (22:25 +0000)
When parsing ClientHello clear any existing extension state from
SRP login and SRTP profile.

Thanks to Karthikeyan Bhargavan for reporting this issue.
Reviewed-by: Matt Caswell <matt@openssl.org>
ssl/t1_lib.c

index fec7ace..2180c54 100644 (file)
@@ -1996,6 +1996,16 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
        s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC;
 #endif
 
+#ifndef OPENSSL_NO_SRP
+       if (s->srp_ctx.login != NULL)
+               {
+               OPENSSL_free(s->srp_ctx.login);
+               s->srp_ctx.login = NULL;
+               }
+#endif
+
+       s->srtp_profile = NULL;
+
        if (data >= (d+n-2))
                goto ri_check;
        n2s(data,len);