Fix bug where early_data does not work if no SNI callback is present
authorMatt Caswell <matt@openssl.org>
Tue, 10 Oct 2017 08:50:56 +0000 (09:50 +0100)
committerMatt Caswell <matt@openssl.org>
Thu, 12 Oct 2017 14:19:49 +0000 (15:19 +0100)
Fixes #4496

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4519)

ssl/statem/extensions.c

index f6a200f..b5091ac 100644 (file)
@@ -834,6 +834,11 @@ static int final_server_name(SSL *s, unsigned int context, int sent,
         ret = s->session_ctx->ext.servername_cb(s, &altmp,
                                        s->session_ctx->ext.servername_arg);
 
+    if (!sent) {
+        OPENSSL_free(s->session->ext.hostname);
+        s->session->ext.hostname = NULL;
+    }
+
     /*
      * If we're expecting to send a ticket, and tickets were previously enabled,
      * and now tickets are disabled, then turn off expected ticket.