projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix a crash in SSLfatal due to invalid enc_write_ctx
[openssl.git]
/
ssl
/
tls13_enc.c
diff --git
a/ssl/tls13_enc.c
b/ssl/tls13_enc.c
index 63328045cc6577189804da52cfe3a41c5e6088f2..7f4395843a82fad7a47a091f899e7f672bd27d63 100644
(file)
--- a/
ssl/tls13_enc.c
+++ b/
ssl/tls13_enc.c
@@
-248,11
+248,11
@@
size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
}
if (str == s->method->ssl3_enc->server_finished_label)
}
if (str == s->method->ssl3_enc->server_finished_label)
- key = EVP_PKEY_new_
mac
_key(EVP_PKEY_HMAC, NULL,
- s->server_finished_secret, hashlen);
+ key = EVP_PKEY_new_
raw_private
_key(EVP_PKEY_HMAC, NULL,
+
s->server_finished_secret, hashlen);
else
else
- key = EVP_PKEY_new_
mac
_key(EVP_PKEY_HMAC, NULL,
- s->client_finished_secret, hashlen);
+ key = EVP_PKEY_new_
raw_private
_key(EVP_PKEY_HMAC, NULL,
+
s->client_finished_secret, hashlen);
if (key == NULL
|| ctx == NULL
if (key == NULL
|| ctx == NULL
@@
-397,6
+397,7
@@
int tls13_change_cipher_state(SSL *s, int which)
RECORD_LAYER_reset_read_sequence(&s->rlayer);
} else {
RECORD_LAYER_reset_read_sequence(&s->rlayer);
} else {
+ s->statem.invalid_enc_write_ctx = 1;
if (s->enc_write_ctx != NULL) {
EVP_CIPHER_CTX_reset(s->enc_write_ctx);
} else {
if (s->enc_write_ctx != NULL) {
EVP_CIPHER_CTX_reset(s->enc_write_ctx);
} else {
@@
-406,6
+407,7
@@
int tls13_change_cipher_state(SSL *s, int which)
SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
goto err;
}
SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
goto err;
}
+ EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, EVP_CTRL_SET_DRBG, 0, s->drbg);
}
ciph_ctx = s->enc_write_ctx;
iv = s->write_iv;
}
ciph_ctx = s->enc_write_ctx;
iv = s->write_iv;
@@
-608,6
+610,7
@@
int tls13_change_cipher_state(SSL *s, int which)
goto err;
}
goto err;
}
+ s->statem.invalid_enc_write_ctx = 0;
ret = 1;
err:
OPENSSL_cleanse(secret, sizeof(secret));
ret = 1;
err:
OPENSSL_cleanse(secret, sizeof(secret));
@@
-630,6
+633,7
@@
int tls13_update_key(SSL *s, int sending)
insecret = s->client_app_traffic_secret;
if (sending) {
insecret = s->client_app_traffic_secret;
if (sending) {
+ s->statem.invalid_enc_write_ctx = 1;
iv = s->write_iv;
ciph_ctx = s->enc_write_ctx;
RECORD_LAYER_reset_write_sequence(&s->rlayer);
iv = s->write_iv;
ciph_ctx = s->enc_write_ctx;
RECORD_LAYER_reset_write_sequence(&s->rlayer);
@@
-650,6
+654,7
@@
int tls13_update_key(SSL *s, int sending)
memcpy(insecret, secret, hashlen);
memcpy(insecret, secret, hashlen);
+ s->statem.invalid_enc_write_ctx = 0;
ret = 1;
err:
OPENSSL_cleanse(secret, sizeof(secret));
ret = 1;
err:
OPENSSL_cleanse(secret, sizeof(secret));