Skip to content

Commit

Permalink
Correct return values for tls_construct_stoc_next_proto_neg
Browse files Browse the repository at this point in the history 
Return EXT_RETURN_NOT_SENT in the event that we don't send the extension,
rather than EXT_RETURN_SENT. This actually makes no difference at all to
the current control flow since this return value is ignored in this case
anyway. But lets make it correct anyway.

Follow on from CVE-2024-5535

(cherry picked from commit 189a7ed3e380e34ea38fe4190a7c9396bace0fb7)
  • Loading branch information
@dongbeiouba
dongbeiouba committed Jul 15, 2024
1 parent 7be1304 commit eef69d9
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion ssl/statem/extensions_srvr.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1652,9 +1652,10 @@ EXT_RETURN tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt,
return EXT_RETURN_FAIL;
}
s->s3->npn_seen = 1;
return EXT_RETURN_SENT;
}

return EXT_RETURN_SENT;
return EXT_RETURN_NOT_SENT;
}
#endif

Expand Down

0 comments on commit eef69d9

Please sign in to comment.