Correctly handle SSL3 Master Secret when calling providers
authorMatt Caswell <matt@openssl.org>
Tue, 15 Oct 2019 12:27:21 +0000 (13:27 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 16 Oct 2019 07:28:48 +0000 (08:28 +0100)
We need to pass the SSL3 Master Secret down to the provider code in order
for SSLv3 to work correctly.

Fixes #10182

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10186)

crypto/evp/digest.c

index 5ff43fd..c2a6e83 100644 (file)
@@ -675,6 +675,10 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
         params[0] = OSSL_PARAM_construct_utf8_string(OSSL_DIGEST_PARAM_MICALG,
                                                      p2, p1 ? p1 : 9999);
         break;
+    case EVP_CTRL_SSL3_MASTER_SECRET:
+        params[0] = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
+                                                      p2, p1);
+        break;
     default:
         return EVP_CTRL_RET_UNSUPPORTED;
     }