[openssl-commits] [openssl] OpenSSL_1_0_0-stable update
Dr. Stephen Henson
steve at openssl.org
Thu Jul 2 12:08:05 UTC 2015
The branch OpenSSL_1_0_0-stable has been updated
via 1392c238657ec745af6a40def03d67d4ce02a082 (commit)
from 989ba38f7fa27e567612ab717975c82215c591ba (commit)
- Log -----------------------------------------------------------------
commit 1392c238657ec745af6a40def03d67d4ce02a082
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Wed Jul 1 23:40:03 2015 +0100
Fix PSK handling.
The PSK identity hint should be stored in the SSL_SESSION structure
and not in the parent context (which will overwrite values used
by other SSL structures with the same SSL_CTX).
Use BUF_strndup when copying identity as it may not be null terminated.
Reviewed-by: Tim Hudson <tjh at openssl.org>
(cherry picked from commit 3c66a669dfc7b3792f7af0758ea26fe8502ce70c)
-----------------------------------------------------------------------
Summary of changes:
ssl/s3_clnt.c | 17 +++--------------
ssl/s3_srvr.c | 2 +-
2 files changed, 4 insertions(+), 15 deletions(-)
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 980c74c..b3a10d1 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1240,8 +1240,6 @@ int ssl3_get_key_exchange(SSL *s)
#ifndef OPENSSL_NO_PSK
if (alg_k & SSL_kPSK) {
- char tmp_id_hint[PSK_MAX_IDENTITY_LEN + 1];
-
param_len = 2;
if (param_len > n) {
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
@@ -1267,17 +1265,8 @@ int ssl3_get_key_exchange(SSL *s)
}
param_len += i;
- /*
- * If received PSK identity hint contains NULL characters, the hint
- * is truncated from the first NULL. p may not be ending with NULL,
- * so create a NULL-terminated string.
- */
- memcpy(tmp_id_hint, p, i);
- memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
- if (s->ctx->psk_identity_hint != NULL)
- OPENSSL_free(s->ctx->psk_identity_hint);
- s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);
- if (s->ctx->psk_identity_hint == NULL) {
+ s->session->psk_identity_hint = BUF_strndup((char *)p, i);
+ if (s->session->psk_identity_hint == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
goto f_err;
@@ -2621,7 +2610,7 @@ int ssl3_send_client_key_exchange(SSL *s)
}
memset(identity, 0, sizeof(identity));
- psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
+ psk_len = s->psk_client_callback(s, s->session->psk_identity_hint,
identity, sizeof(identity) - 1,
psk_or_pre_ms,
sizeof(psk_or_pre_ms));
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 7ebcca6..ef2510b 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2583,7 +2583,7 @@ int ssl3_get_client_key_exchange(SSL *s)
if (s->session->psk_identity != NULL)
OPENSSL_free(s->session->psk_identity);
- s->session->psk_identity = BUF_strdup((char *)p);
+ s->session->psk_identity = BUF_strndup((char *)p, i);
if (s->session->psk_identity == NULL) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
goto psk_err;
More information about the openssl-commits
mailing list