tls: proposed fix for incorrect SNI/ALPN matching

2025-04-14 08:07:14 +03:00 · 2018-08-21 22:36:01 +02:00 · 2018-08-21 22:36:01 +02:00 · e42f670112
commit e42f670112
parent 60df92c2b2
1 changed files with 2 additions and 2 deletions
--- a/tls.c
+++ b/tls.c
@ -183,7 +183,7 @@ parse_extensions(const struct TLSProtocol *tls_data, const char *data, size_t da
        if (tls_data->use_alpn == 2) {
            /* we want BOTH alpn and sni to match */
            if (extension_type == 0x00) { /* Server Name */
-                if (parse_server_name_extension(tls_data, data + pos + 4, len)) {
+                if (parse_server_name_extension(tls_data, data + pos + 4, len) > 0) {
                    /* SNI matched */
                    if(last_matched) {
                        /* this is only true if ALPN matched, so return true */
@ -197,7 +197,7 @@ parse_extensions(const struct TLSProtocol *tls_data, const char *data, size_t da
                    return -2;
                }
            } else if (extension_type == 0x10) { /* ALPN */
-                if (parse_alpn_extension(tls_data, data + pos + 4, len)) {
+                if (parse_alpn_extension(tls_data, data + pos + 4, len) > 0) {
                    /* ALPN matched */
                    if(last_matched) {
                        /* this is only true if SNI matched, so return true */