kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Empty SNI names are not valid

Browse Source 
(Imported from upstream's 4d6fe78f65be650c84e14777c90e7a088f7a44ce)

Change-Id: Id28e0d49da2490e454dcb8603ccb93a506dfafaf
Reviewed-on: https://boringssl-review.googlesource.com/7206
Reviewed-by: David Benjamin <davidben@google.com>
This commit is contained in:
Steven Valdez 2016-02-24 10:44:54 -05:00 committed by David Benjamin
parent e412bbd9a1
commit e52d22d5f9
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/s3_lib.c
View File

@ -359,7 +359,9 @@ int SSL_set_tlsext_host_name(SSL *ssl, const char *name) {
if (name == NULL) { if (name == NULL) {
return 1; return 1;
} }
if (strlen(name) > TLSEXT_MAXLEN_host_name) {
size_t len = strlen(name);
if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
OPENSSL_PUT_ERROR(SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); OPENSSL_PUT_ERROR(SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
return 0; return 0;
} }