Increase PSK_MAX_PSK_LEN to 512

author Rutger Hendriks <rutgerhendriks@gmail.com>

Mon, 31 Aug 2020 11:59:51 +0000 (13:59 +0200)

committer Tomas Mraz <tmraz@fedoraproject.org>

Mon, 21 Sep 2020 08:26:08 +0000 (10:26 +0200)
author Rutger Hendriks <rutgerhendriks@gmail.com>
Mon, 31 Aug 2020 11:59:51 +0000 (13:59 +0200)
committer Tomas Mraz <tmraz@fedoraproject.org>
Mon, 21 Sep 2020 08:26:08 +0000 (10:26 +0200)
diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in

index 264b7eddb72b5d7664c713335287e409d2f4bd5b..ac7c521e95f1e441c064127e182449424cf74a12 100644 (file)
--- a/include/openssl/ssl.h.in
+++ b/include/openssl/ssl.h.in
@@ -850,7 +850,7 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
   * resulting identity/psk
   */
  #  define PSK_MAX_IDENTITY_LEN 128
-#  define PSK_MAX_PSK_LEN 256
+#  define PSK_MAX_PSK_LEN 512
  typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
                                                 const char *hint,
                                                 char *identity,
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h

index 49d24e6a96b64a0e2dc3f9340a7076a521331d52..fd4eacdc388b99c48ca059c4196993eb8fa9fca6 100644 (file)
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -524,7 +524,7 @@ struct ssl_method_st {
   * Matches the length of PSK_MAX_PSK_LEN. We keep it the same value for
   * consistency, even in the event of OPENSSL_NO_PSK being defined.
   */
-# define TLS13_MAX_RESUMPTION_PSK_LENGTH      256
+# define TLS13_MAX_RESUMPTION_PSK_LENGTH      512
  
  /*-
   * Lets make this into an ASN.1 type structure as follows
author	Rutger Hendriks <rutgerhendriks@gmail.com>
	Mon, 31 Aug 2020 11:59:51 +0000 (13:59 +0200)
committer	Tomas Mraz <tmraz@fedoraproject.org>
	Mon, 21 Sep 2020 08:26:08 +0000 (10:26 +0200)
include/openssl/ssl.h.in		patch \| blob \| history
ssl/ssl_local.h		patch \| blob \| history