From df66e689aa05d92f4820b02c9a89fddce77c13c2 Mon Sep 17 00:00:00 2001
From: Zhi Guan <guanzhi1980@gmail.com>
Date: Sun, 21 Jun 2026 10:03:19 +0800
Subject: [PATCH] Minor fix

---
 CMakeLists.txt          |  2 +-
 include/gmssl/version.h |  2 +-
 src/tls13.c             | 14 ++++++++++++++
 src/x509_key.c          |  2 ++
 tests/x509_keytest.c    |  2 ++
 5 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index a67fc6ac..9504c01b 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -865,7 +865,7 @@ endif()
 #
 set(CPACK_PACKAGE_NAME "GmSSL")
 set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
-set(CPACK_PACKAGE_VERSION "3.2.0-dev.1134")
+set(CPACK_PACKAGE_VERSION "3.2.0-dev.1140")
 set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
 set(CPACK_NSIS_MODIFY_PATH ON)
 include(CPack)
diff --git a/include/gmssl/version.h b/include/gmssl/version.h
index 91218a25..81fce677 100644
--- a/include/gmssl/version.h
+++ b/include/gmssl/version.h
@@ -18,7 +18,7 @@ extern "C" {
 
 
 #define GMSSL_VERSION_NUM	30200
-#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1134"
+#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1140"
 
 int gmssl_version_num(void);
 const char *gmssl_version_str(void);
diff --git a/src/tls13.c b/src/tls13.c
index f82a084d..ca4452a2 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -7605,6 +7605,20 @@ int tls13_send_hello_retry_request(TLS_CONNECT *conn)
 	return 1;
 }
 
+/*
+ * 处理 HelloRetryRequest 之后客户端重新发送的 ClientHello。
+ *
+ * 旧实现按扩展在 ClientHello1 和 ClientHello2 中出现的顺序逐项比较。
+ * 但合法客户端在 HRR 后可能调整扩展顺序，例如重新发送的 key_share
+ * 可能移动到和第一次 ClientHello 不同的位置；顺序比较会把这种合法
+ * ClientHello2 误判为非法并中止握手。
+ *
+ * 这里改为按扩展类型在 ClientHello1 中查找对应项，再分别校验 HRR
+ * 允许变化的扩展：key_share 必须替换为服务端要求的组，pre_shared_key
+ * 可以是第一次 identities 的子集，early_data 必须被删除，cookie 只在
+ * 服务端要求时允许新增；其他扩展仍要求内容保持不变，同时拒绝重复扩展
+ * 和不允许的扩展丢失。
+ */
 int tls13_recv_client_hello_again(TLS_CONNECT *conn)
 {
 	int ret;
diff --git a/src/x509_key.c b/src/x509_key.c
index 2253104f..88c4a581 100644
--- a/src/x509_key.c
+++ b/src/x509_key.c
@@ -2148,6 +2148,8 @@ int x509_verify_init(X509_SIGN_CTX *ctx, const X509_KEY *key, const void *args,
 		}
 	}
 
+	memset(ctx, 0, sizeof(X509_SIGN_CTX));
+
 	switch (key->algor) {
 	case OID_ec_public_key:
 		switch (key->algor_param) {
diff --git a/tests/x509_keytest.c b/tests/x509_keytest.c
index 32a4384d..d7708b8c 100644
--- a/tests/x509_keytest.c
+++ b/tests/x509_keytest.c
@@ -418,6 +418,8 @@ static int test_x509_sign(void)
 	uint8_t sig[40969];
 	size_t siglen;
 
+	memset(msg, 0xa5, sizeof(msg));
+
 	for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
 		if (tests[i].algor == OID_kyber_kem) {
 			continue;