Make sure that exporting keying material is allowed

[openssl.git] / ssl / statem / statem.c

diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index fe348419cdbc6ab9aa1d36340d3c1ee2b56b1d9f..95c369a88315edb7a1b53a91d72264a3e2f13ffe 100644 (file)
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -135,7 +135,7 @@ void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file,
 #define check_fatal(s, f) \
     do { \
         if (!ossl_assert((s)->statem.in_init \
 #define check_fatal(s, f) \
     do { \
         if (!ossl_assert((s)->statem.in_init \

-                         || (s)->statem.state != MSG_FLOW_ERROR)) \
+                         && (s)->statem.state == MSG_FLOW_ERROR)) \

             SSLfatal(s, SSL_AD_INTERNAL_ERROR, (f), \
                      SSL_R_MISSING_FATAL); \
     } while (0)
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, (f), \
                      SSL_R_MISSING_FATAL); \
     } while (0)


@@ -311,7 +311,11 @@ static int state_machine(SSL *s, int server)
 
     st->in_handshake++;
     if (!SSL_in_init(s) || SSL_in_before(s)) {
 
     st->in_handshake++;
     if (!SSL_in_init(s) || SSL_in_before(s)) {

-        if (!SSL_clear(s))
+        /*
+         * If we are stateless then we already called SSL_clear() - don't do
+         * it again and clear the STATELESS flag itself.
+         */
+        if ((s->s3->flags & TLS1_FLAGS_STATELESS) == 0 && !SSL_clear(s))

             return -1;
     }
 #ifndef OPENSSL_NO_SCTP
             return -1;
     }
 #ifndef OPENSSL_NO_SCTP


@@ -443,7 +447,7 @@ static int state_machine(SSL *s, int server)
         } else {
             /* Error */
             check_fatal(s, SSL_F_STATE_MACHINE);
         } else {
             /* Error */
             check_fatal(s, SSL_F_STATE_MACHINE);

-            SSLerr(SSL_F_STATE_MACHINE, ERR_R_INTERNAL_ERROR);
+            SSLerr(SSL_F_STATE_MACHINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);

             goto end;
         }
     }
             goto end;
         }
     }


@@ -937,3 +941,13 @@ int ossl_statem_app_data_allowed(SSL *s)
 
     return 0;
 }
 
     return 0;
 }

+
+/*
+ * This function returns 1 if TLS exporter is ready to export keying
+ * material, or 0 if otherwise.
+ */
+int ossl_statem_export_allowed(SSL *s)
+{
+    return s->s3->previous_server_finished_len != 0
+           && s->statem.hand_state != TLS_ST_SW_FINISHED;
+}