e863fff325
Fix incorrect OSSL_PKEY_PARAM_MAX_SIZE for ed25519 and ed448 Return 0 after cleanup in OPENSSL_init_crypto() Cleanup the peer point formats on regotiation Fix default digest to SHA256 Resolves: rhbz#1958045, rhbz#1952850, rhbz#1961687 Related: rhbz#1958033 Signed-off-by: Sahana Prasad <sahana@redhat.com>
37 lines
1.5 KiB
Diff
37 lines
1.5 KiB
Diff
diff -up openssl-3.0.0-alpha16/ssl/statem/extensions.c.reneg openssl-3.0.0-alpha16/ssl/statem/extensions.c
|
|
--- openssl-3.0.0-alpha16/ssl/statem/extensions.c.reneg 2021-06-04 10:03:01.313023512 +0200
|
|
+++ openssl-3.0.0-alpha16/ssl/statem/extensions.c 2021-06-04 10:05:43.019538516 +0200
|
|
@@ -45,6 +45,7 @@ static int tls_parse_certificate_authori
|
|
#ifndef OPENSSL_NO_SRP
|
|
static int init_srp(SSL *s, unsigned int context);
|
|
#endif
|
|
+static int init_ec_point_formats(SSL *s, unsigned int context);
|
|
static int init_etm(SSL *s, unsigned int context);
|
|
static int init_ems(SSL *s, unsigned int context);
|
|
static int final_ems(SSL *s, unsigned int context, int sent);
|
|
@@ -158,7 +159,7 @@ static const EXTENSION_DEFINITION ext_de
|
|
TLSEXT_TYPE_ec_point_formats,
|
|
SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO
|
|
| SSL_EXT_TLS1_2_AND_BELOW_ONLY,
|
|
- NULL, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
|
|
+ init_ec_point_formats, tls_parse_ctos_ec_pt_formats, tls_parse_stoc_ec_pt_formats,
|
|
tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats,
|
|
final_ec_pt_formats
|
|
},
|
|
@@ -1144,6 +1145,15 @@ static int init_srp(SSL *s, unsigned int
|
|
}
|
|
#endif
|
|
|
|
+static int init_ec_point_formats(SSL *s, unsigned int context)
|
|
+{
|
|
+ OPENSSL_free(s->ext.peer_ecpointformats);
|
|
+ s->ext.peer_ecpointformats = NULL;
|
|
+ s->ext.peer_ecpointformats_len = 0;
|
|
+
|
|
+ return 1;
|
|
+}
|
|
+
|
|
static int init_etm(SSL *s, unsigned int context)
|
|
{
|
|
s->ext.use_etm = 0;
|