git.ipfire.org Git - thirdparty/openssl.git/commit

]> git.ipfire.org Git - thirdparty/openssl.git/commit

projects / thirdparty / openssl.git / commit

author	Matt Caswell <matt@openssl.org>
	Fri, 21 Jun 2024 10:51:54 +0000 (11:51 +0100)
committer	Matt Caswell <matt@openssl.org>
	Thu, 27 Jun 2024 09:30:51 +0000 (10:30 +0100)
commit	238fa464d6e38aa2c92af70ef9580c74cff512e4
tree	90bb059cff3531836a49c5fb6f1744d6c1aec70d	tree
parent	e10a3a84bf73a3e6024c338b51f2fb4e78a3dee9	commit \| diff

Add ALPN validation in the client

The ALPN protocol selected by the server must be one that we originally
advertised. We should verify that it is.

Follow on from CVE-2024-5535

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24716)

ssl/statem/extensions_clnt.c

diff | blob | blame | history

Mirror of https://github.com/openssl/openssl.git

RSS Atom