This is an automated email from the ASF dual-hosted git repository.

maskit pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new 34819d12e1 Check incoming protocol list length first (#11545)
34819d12e1 is described below

commit 34819d12e1a3c838bce60b8911897767150de50e
Author: Masakazu Kitajo <[email protected]>
AuthorDate: Mon Jul 15 16:24:17 2024 -0600

    Check incoming protocol list length first (#11545)
    
    If the length is 0, there's no need to do check the other list
---
 src/iocore/net/ALPNSupport.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/iocore/net/ALPNSupport.cc b/src/iocore/net/ALPNSupport.cc
index 20bcd18b42..dbe9eb74c7 100644
--- a/src/iocore/net/ALPNSupport.cc
+++ b/src/iocore/net/ALPNSupport.cc
@@ -104,7 +104,7 @@ ALPNSupport::select_next_protocol(const unsigned char 
**out, unsigned char *outl
   unsigned int         npnsize = 0;
   int                  retval  = SSL_TLSEXT_ERR_ALERT_FATAL;
 
-  if (this->getNPN(&npnptr, &npnsize) && npnsize > 0) {
+  if (inlen > 0 && this->getNPN(&npnptr, &npnsize) && npnsize > 0) {
     // SSL_select_next_proto chooses the first server-offered protocol that 
appears in the clients protocol set, ie. the
     // server selects the protocol. This is a n^2 search, so it's preferable 
to keep the protocol set short.
     if (SSL_select_next_proto(const_cast<unsigned char **>(out), outlen, 
npnptr, npnsize, in, inlen) == OPENSSL_NPN_NEGOTIATED) {

Reply via email to