From: Hugo Landau Date: Tue, 13 Feb 2024 11:29:53 +0000 (+0000) Subject: Fix SSL_export_keying_material for QUIC X-Git-Tag: openssl-3.3.0-alpha1~95 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=12c0d72c4a82804f3c2d234ea9ea4e3a2fbb257b Fix SSL_export_keying_material for QUIC Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/23567) (cherry picked from commit 498d4e4c4f4a1e220cfa64cfcc76174e2f656fd0) --- diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 7d618bd700..f44a1bfe33 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3766,9 +3766,10 @@ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, || (sc->version < TLS1_VERSION && sc->version != DTLS1_BAD_VER)) return -1; - return s->method->ssl3_enc->export_keying_material(sc, out, olen, label, - llen, context, - contextlen, use_context); + return sc->ssl.method->ssl3_enc->export_keying_material(sc, out, olen, label, + llen, context, + contextlen, + use_context); } int SSL_export_keying_material_early(SSL *s, unsigned char *out, size_t olen, diff --git a/test/quicapitest.c b/test/quicapitest.c index 41cf0fc7a8..9a1034b7b7 100644 --- a/test/quicapitest.c +++ b/test/quicapitest.c @@ -53,7 +53,7 @@ static int test_quic_write_read(int idx) SSL *clientquic = NULL; QUIC_TSERVER *qtserv = NULL; int j, k, ret = 0; - unsigned char buf[20]; + unsigned char buf[20], scratch[64]; static char *msg = "A test message"; size_t msglen = strlen(msg); size_t numbytes = 0; @@ -153,6 +153,12 @@ static int test_quic_write_read(int idx) goto end; } + /* Test that exporters work. */ + if (!TEST_true(SSL_export_keying_material(clientquic, scratch, + sizeof(scratch), "test", 4, (unsigned char *)"ctx", 3, + 1))) + goto end; + if (sess == NULL) { /* We didn't supply a session so we're not expecting resumption */ if (!TEST_false(SSL_session_reused(clientquic)))