projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a0cb628)
Fix calls to SSL_get_server_tmp_key() in TLSv1.3
authorMatt Caswell <matt@openssl.org>
Mon, 3 Apr 2017 14:24:06 +0000 (15:24 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 3 Apr 2017 18:18:47 +0000 (19:18 +0100)
The macro SSL_get_server_tmp_key() returns information about the temp key
used by the server during a handshake. This was returning NULL for TLSv1.3
and causing s_client to omit this information in its connection summary.

Fixes #3081

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3114)

ssl/statem/extensions_clnt.c patch | blob | history

diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 939ad4cf44fab35a839da116546eae61c21f8062..8bb9a888f301849efa3b6503312da0447e21170a 100644 (file)
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1295,7 +1295,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     EVP_PKEY *ckey = s->s3->tmp.pkey, *skey = NULL;
 
     /* Sanity check */
-    if (ckey == NULL) {
+    if (ckey == NULL || s->s3->peer_tmp != NULL) {
         *al = SSL_AD_INTERNAL_ERROR;
         SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1386,7 +1386,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         EVP_PKEY_free(skey);
         return 0;
     }
-    EVP_PKEY_free(skey);
+    s->s3->peer_tmp = skey;
 #endif
 
     return 1;
Unnamed repository; edit this file 'description' to name the repository.