diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2015-12-13 00:51:06 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-03-30 19:17:32 +0900 |
commit | 5fd6db0a5c9b51331c9f6c8dab474a68f1357121 (patch) | |
tree | 83992c86eed7844161503818bcac788d46a80c1f /test | |
parent | bbe9769ba66ab2512678a87b0d9b266ba970db05 (diff) | |
download | openssl-fix-ssl_next_proto_validate.tar.gz |
Fix NPN protocol name list validationfix-ssl_next_proto_validate
Since 50932c4 "PACKETise ServerHello processing",
ssl_next_proto_validate() incorrectly allows empty protocol name.
draft-agl-tls-nextprotoneg-04[1] says "Implementations MUST ensure that
the empty string is not included and that no byte strings are
truncated."
This patch restores the old correct behavior.
[1] https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04
Diffstat (limited to 'test')
0 files changed, 0 insertions, 0 deletions