Commit dd8710dc authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix OCSP_RESPID processing bug introduced by WPACKET changes 



An OCSP_RESPID in a status request extension has 2 bytes for the length
not 1.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 73f0df83

ssl/t1_lib.c

+1 −1
Original line number Diff line number Diff line
@@ -1209,7 +1209,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int *al) 
            idlen = i2d_OCSP_RESPID(id, NULL);

            if (idlen <= 0

                       /* Sub-packet for an individual id */

                    || !WPACKET_sub_allocate_bytes_u8(pkt, idlen, &idbytes)

                    || !WPACKET_sub_allocate_bytes_u16(pkt, idlen, &idbytes)

                    || i2d_OCSP_RESPID(id, &idbytes) != idlen) {

                SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);

                return 0;