If not sending key_share (no TLSv1.3), return appropriately.
authorTodd Short <tshort@akamai.com>
Fri, 2 Mar 2018 14:36:28 +0000 (09:36 -0500)
committerMatt Caswell <matt@openssl.org>
Mon, 5 Mar 2018 13:16:33 +0000 (13:16 +0000)
This fixes an issue raised in PR #4964 by kaduk.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5491)

ssl/statem/extensions_clnt.c

index d569f3b..fa6c65b 100644 (file)
@@ -705,9 +705,10 @@ EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt,
                  ERR_R_INTERNAL_ERROR);
         return EXT_RETURN_FAIL;
     }
-#endif
-
     return EXT_RETURN_SENT;
+#else
+    return EXT_RETURN_NOT_SENT;
+#endif
 }
 
 EXT_RETURN tls_construct_ctos_cookie(SSL *s, WPACKET *pkt, unsigned int context,