mirror of
https://github.com/QuasarApp/openssl.git
synced 2025-04-29 11:14:36 +00:00
Fix no-psk
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5667)
This commit is contained in:
parent
69e2b8d67d
commit
c2b290c3d0
@ -744,7 +744,6 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt,
|
||||
unsigned int context, X509 *x,
|
||||
size_t chainidx)
|
||||
{
|
||||
char identity[PSK_MAX_IDENTITY_LEN + 1];
|
||||
const unsigned char *id = NULL;
|
||||
size_t idlen = 0;
|
||||
SSL_SESSION *psksess = NULL;
|
||||
@ -764,7 +763,9 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt,
|
||||
return EXT_RETURN_FAIL;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
if (psksess == NULL && s->psk_client_callback != NULL) {
|
||||
char identity[PSK_MAX_IDENTITY_LEN + 1];
|
||||
unsigned char psk[PSK_MAX_PSK_LEN];
|
||||
size_t psklen = 0;
|
||||
|
||||
@ -815,6 +816,7 @@ EXT_RETURN tls_construct_ctos_early_data(SSL *s, WPACKET *pkt,
|
||||
OPENSSL_cleanse(psk, psklen);
|
||||
}
|
||||
}
|
||||
#endif /* OPENSSL_NO_PSK */
|
||||
|
||||
SSL_SESSION_free(s->psksession);
|
||||
s->psksession = psksess;
|
||||
|
@ -1047,6 +1047,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
|
||||
return 0;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
if(sess == NULL
|
||||
&& s->psk_server_callback != NULL
|
||||
&& idlen <= PSK_MAX_IDENTITY_LEN) {
|
||||
@ -1097,6 +1098,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
|
||||
OPENSSL_cleanse(pskdata, pskdatalen);
|
||||
}
|
||||
}
|
||||
#endif /* OPENSSL_NO_PSK */
|
||||
|
||||
if (sess != NULL) {
|
||||
/* We found a PSK */
|
||||
|
@ -1455,6 +1455,7 @@ static int use_session_cb(SSL *ssl, const EVP_MD *md, const unsigned char **id,
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *id,
|
||||
unsigned int max_id_len,
|
||||
unsigned char *psk,
|
||||
@ -1482,6 +1483,7 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *id,
|
||||
|
||||
return psklen;
|
||||
}
|
||||
#endif /* OPENSSL_NO_PSK */
|
||||
|
||||
static int find_session_cb(SSL *ssl, const unsigned char *identity,
|
||||
size_t identity_len, SSL_SESSION **sess)
|
||||
@ -1509,6 +1511,7 @@ static int find_session_cb(SSL *ssl, const unsigned char *identity,
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
static unsigned int psk_server_cb(SSL *ssl, const char *identity,
|
||||
unsigned char *psk, unsigned int max_psk_len)
|
||||
{
|
||||
@ -1535,6 +1538,7 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
|
||||
|
||||
return psklen;
|
||||
}
|
||||
#endif /* OPENSSL_NO_PSK */
|
||||
|
||||
#define MSG1 "Hello"
|
||||
#define MSG2 "World."
|
||||
@ -2590,10 +2594,12 @@ static int test_tls13_psk(int idx)
|
||||
SSL_CTX_set_psk_use_session_callback(cctx, use_session_cb);
|
||||
SSL_CTX_set_psk_find_session_callback(sctx, find_session_cb);
|
||||
}
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
if (idx == 1 || idx == 2) {
|
||||
SSL_CTX_set_psk_client_callback(cctx, psk_client_cb);
|
||||
SSL_CTX_set_psk_server_callback(sctx, psk_server_cb);
|
||||
}
|
||||
#endif
|
||||
srvid = pskid;
|
||||
use_session_cb_cnt = 0;
|
||||
find_session_cb_cnt = 0;
|
||||
@ -3756,7 +3762,11 @@ int setup_tests(void)
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_TLS1_3
|
||||
ADD_TEST(test_ciphersuite_change);
|
||||
#ifdef OPENSSL_NO_PSK
|
||||
ADD_ALL_TESTS(test_tls13_psk, 1);
|
||||
#else
|
||||
ADD_ALL_TESTS(test_tls13_psk, 3);
|
||||
#endif /* OPENSSL_NO_PSK */
|
||||
ADD_ALL_TESTS(test_custom_exts, 5);
|
||||
ADD_TEST(test_stateless);
|
||||
ADD_TEST(test_pha_key_update);
|
||||
|
Loading…
x
Reference in New Issue
Block a user