Fix some bugs in the TLSv1.3 PSK code

author Matt Caswell <matt@openssl.org>

Tue, 20 Jun 2017 13:25:38 +0000 (14:25 +0100)

committer Matt Caswell <matt@openssl.org>

Wed, 21 Jun 2017 13:45:36 +0000 (14:45 +0100)
author Matt Caswell <matt@openssl.org>
Tue, 20 Jun 2017 13:25:38 +0000 (14:25 +0100)
committer Matt Caswell <matt@openssl.org>
Wed, 21 Jun 2017 13:45:36 +0000 (14:45 +0100)
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c

index 5733a114ff3eb0a19c936b35749fc6fbc80a5507..d4af0329f359d22a01a38891e5c9fb67b9dc876f 100644 (file)
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -898,7 +898,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
              goto err;
          }
  
-        if (s->hello_retry_request && mdres != handmd) {
+        if (s->hello_retry_request && mdpsk != handmd) {
              /*
               * Selected ciphersuite hash does not match the hash for the PSK
               * session. This is an application bug.
@@ -971,12 +971,15 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
  
      if (dores)
          s->session->ext.tick_identity = 0;
+    SSL_SESSION_free(s->psksession);
      s->psksession = psksess;
      if (psksess != NULL)
          s->psksession->ext.tick_identity = (dores ? 1 : 0);
+    psksess = NULL;
  
      ret = EXT_RETURN_SENT;
   err:
+    SSL_SESSION_free(psksess);
      return ret;
  #else
      return 1;
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c

index 4e65320df2c772929b0869b6b5673bc57725d7ee..3da9f556e9453a76361bce0340a7f724d44f7d69 100644 (file)
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -713,8 +713,15 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
          }
  
          if (s->psk_find_session_cb != NULL
-                && s->psk_find_session_cb(s, PACKET_data(&identity),
-                                          PACKET_remaining(&identity), &sess)) {
+                && !s->psk_find_session_cb(s, PACKET_data(&identity),
+                                           PACKET_remaining(&identity),
+                                           &sess)) {
+            *al = SSL_AD_INTERNAL_ERROR;
+            return 0;
+        }
+
+        if (sess != NULL) {
+            /* We found a PSK */
              SSL_SESSION *sesstmp = ssl_session_dup(sess, 0);
  
              if (sesstmp == NULL) {
author	Matt Caswell <matt@openssl.org>
	Tue, 20 Jun 2017 13:25:38 +0000 (14:25 +0100)
committer	Matt Caswell <matt@openssl.org>
	Wed, 21 Jun 2017 13:45:36 +0000 (14:45 +0100)
ssl/statem/extensions_clnt.c		patch \| blob \| history
ssl/statem/extensions_srvr.c		patch \| blob \| history