/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
if (SSL_IS_DTLS(s) && s->hit) {
unsigned char sctpauthkey[64];
char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+ size_t labellen;
/*
* Add new shared key for SCTP-Auth, will be ignored if no
memcpy(labelbuffer, DTLS1_SCTP_AUTH_LABEL,
sizeof(DTLS1_SCTP_AUTH_LABEL));
+ /* Don't include the terminating zero. */
+ labellen = sizeof(labelbuffer) - 1;
+ if (s->mode & SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG)
+ labellen += 1;
+
if (SSL_export_keying_material(s, sctpauthkey,
sizeof(sctpauthkey), labelbuffer,
- sizeof(labelbuffer), NULL, 0,
+ labellen, NULL, 0,
0) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_OSSL_STATEM_SERVER_POST_WORK,
* So check cookie length...
*/
if (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) {
- if (clienthello->dtls_cookie_len == 0)
+ if (clienthello->dtls_cookie_len == 0) {
+ OPENSSL_free(clienthello);
return MSG_PROCESS_FINISHED_READING;
+ }
}
}
}
}
- if (!construct_ca_names(s, pkt)) {
+ if (!construct_ca_names(s, get_ca_names(s), pkt)) {
/* SSLfatal() already called */
return 0;
}
SSL_R_LENGTH_MISMATCH);
goto err;
}
+ if (skey == NULL) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE,
+ SSL_R_MISSING_TMP_ECDH_KEY);
+ goto err;
+ }
+
ckey = EVP_PKEY_new();
if (ckey == NULL || EVP_PKEY_copy_parameters(ckey, skey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE,
if (SSL_IS_DTLS(s)) {
unsigned char sctpauthkey[64];
char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+ size_t labellen;
/*
* Add new shared key for SCTP-Auth, will be ignored if no SCTP
* used.
memcpy(labelbuffer, DTLS1_SCTP_AUTH_LABEL,
sizeof(DTLS1_SCTP_AUTH_LABEL));
+ /* Don't include the terminating zero. */
+ labellen = sizeof(labelbuffer) - 1;
+ if (s->mode & SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG)
+ labellen += 1;
+
if (SSL_export_keying_material(s, sctpauthkey,
sizeof(sctpauthkey), labelbuffer,
- sizeof(labelbuffer), NULL, 0,
+ labellen, NULL, 0,
0) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE,
uint64_t nonce;
static const unsigned char nonce_label[] = "resumption";
const EVP_MD *md = ssl_handshake_md(s);
- void (*cb) (const SSL *ssl, int type, int val) = NULL;
int hashleni = EVP_MD_size(md);
/* Ensure cast to size_t is safe */
}
hashlen = (size_t)hashleni;
- if (s->info_callback != NULL)
- cb = s->info_callback;
- else if (s->ctx->info_callback != NULL)
- cb = s->ctx->info_callback;
-
- if (cb != NULL) {
- /*
- * We don't start and stop the handshake in between each ticket when
- * sending more than one - but it should appear that way to the info
- * callback.
- */
- if (s->sent_tickets != 0) {
- ossl_statem_set_in_init(s, 0);
- cb(s, SSL_CB_HANDSHAKE_DONE, 1);
- ossl_statem_set_in_init(s, 1);
- }
- cb(s, SSL_CB_HANDSHAKE_START, 1);
- }
/*
* If we already sent one NewSessionTicket, or we resumed then
* s->session may already be in a cache and so we must not modify it.
tick_nonce,
TICKET_NONCE_SIZE,
s->session->master_key,
- hashlen)) {
+ hashlen, 1)) {
/* SSLfatal() already called */
goto err;
}