From: Matt Caswell <matt@openssl.org>
Date: Wed, 19 Sep 2018 09:09:39 +0000 (+0100)
Subject: Fix the max psk len for TLSv1.3
X-Git-Tag: OpenSSL_1_1_1a~141
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=11e1807b212e818458c2ff9ba6dfc520aee94354

Fix the max psk len for TLSv1.3

If using an old style TLSv1.2 PSK callback then the maximum possible PSK
len is PSK_MAX_PSK_LEN (256) - not 64.

Fixes #7261

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7267)

(cherry picked from commit f39a02c68abc8936db24499cb3cfcba206a2e7eb)
---

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 8afb117372..440a5d6c19 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -471,7 +471,7 @@ struct ssl_method_st {
     long (*ssl_ctx_callback_ctrl) (SSL_CTX *s, int cb_id, void (*fp) (void));
 };
 
-# define TLS13_MAX_RESUMPTION_PSK_LENGTH      64
+# define TLS13_MAX_RESUMPTION_PSK_LENGTH      PSK_MAX_PSK_LEN
 
 /*-
  * Lets make this into an ASN.1 type structure as follows