55356 – Long protocol names are not skipped when building advertisement string for TLS Next Protocol Negotiation (NPN)

Bug 55356 - Long protocol names are not skipped when building advertisement string for TLS Next Protocol Negotiation (NPN)

Summary: Long protocol names are not skipped when building advertisement string for TL...

Status:	RESOLVED FIXED

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_ssl (show other bugs)
Version:	2.2-HEAD
Hardware:	PC Linux

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-08-05 10:12 UTC by Alexander Graf
Modified:	2013-08-20 20:12 UTC (History)
CC List:	0 users

Attachments
Fix NPN advertisement string generation. Remove mod_ssl.h includes. (1.87 KB, patch) 2013-08-05 10:12 UTC, Alexander Graf	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Graf 2013-08-05 10:12:28 UTC

Created attachment 30675 [details]
Fix NPN advertisement string generation. Remove mod_ssl.h includes.

Discovered this whilst porting #52210 to apache 2.4

In ssl_engine_kernel.c (ssl_callback_AdvertiseNextProtos) long protocol names (length>255) are not skipped when copied to the sequence of length-prefixed strings - only a warning is issued.

Also "mod_ssl.h" doesn't need to be included in ssl_engine_io.c and ssl_engine_kernel.c.

Comment 1 Joe Orton 2013-08-20 20:12:24 UTC

Thanks - this was already fixed in trunk (back in June) in r1345599.