Commit d6b5824c authored by Tatsuhiro Tsujikawa's avatar Tatsuhiro Tsujikawa

nghttpx: Don't check TLS requirement in ALPN cb cause cipher obj is nullptr

Also don't compare ALPN identifier with streq, since they are just
byte string.
parent c204861d
...@@ -157,7 +157,7 @@ void info_callback(const SSL *ssl, int where, int ret) ...@@ -157,7 +157,7 @@ void info_callback(const SSL *ssl, int where, int ret)
#if OPENSSL_VERSION_NUMBER >= 0x10002000L #if OPENSSL_VERSION_NUMBER >= 0x10002000L
namespace { namespace {
int alpn_select_proto_cb(SSL* ssl, int alpn_select_proto_cb(SSL *ssl,
const unsigned char **out, const unsigned char **out,
unsigned char *outlen, unsigned char *outlen,
const unsigned char *in, unsigned int inlen, const unsigned char *in, unsigned int inlen,
...@@ -170,21 +170,13 @@ int alpn_select_proto_cb(SSL* ssl, ...@@ -170,21 +170,13 @@ int alpn_select_proto_cb(SSL* ssl,
auto target_proto_len = auto target_proto_len =
strlen(reinterpret_cast<const char*>(target_proto_id)); strlen(reinterpret_cast<const char*>(target_proto_id));
if(target_proto_len == NGHTTP2_PROTO_VERSION_ID_LEN &&
memcmp(target_proto_id, NGHTTP2_PROTO_VERSION_ID,
NGHTTP2_PROTO_VERSION_ID_LEN) == 0) {
if(!check_http2_requirement(ssl)) {
continue;
}
}
for(auto p = in, end = in + inlen; p < end;) { for(auto p = in, end = in + inlen; p < end;) {
auto proto_id = p + 1; auto proto_id = p + 1;
auto proto_len = *p; auto proto_len = *p;
if(proto_id + proto_len <= end && if(proto_id + proto_len <= end &&
util::streq(target_proto_id, target_proto_len, proto_id, proto_len)) { target_proto_len == proto_len &&
memcmp(target_proto_id, proto_id, proto_len) == 0) {
*out = reinterpret_cast<const unsigned char*>(proto_id); *out = reinterpret_cast<const unsigned char*>(proto_id);
*outlen = proto_len; *outlen = proto_len;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment