[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Tue Jan 15 11:50:48 UTC 2019
The branch master has been updated
via ea09abc80892920ee5db4de82bed7a193b5896f0 (commit)
via 7fe0ed75e3e7760226a0a3a5a86cf3887004f6e4 (commit)
from d63bde7827b0be1172f823baf25309b54aa87e0f (commit)
- Log -----------------------------------------------------------------
commit ea09abc80892920ee5db4de82bed7a193b5896f0
Author: Matt Caswell <matt at openssl.org>
Date: Mon Jan 14 16:37:14 2019 +0000
Don't get the mac type in TLSv1.3
We don't use this information so we shouldn't fetch it. As noted in the
comments in #8005.
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/8020)
commit 7fe0ed75e3e7760226a0a3a5a86cf3887004f6e4
Author: Matt Caswell <matt at openssl.org>
Date: Mon Jan 14 16:36:33 2019 +0000
Add missing entries in ssl_mac_pkey_id
Fixes #8005
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/8020)
-----------------------------------------------------------------------
Summary of changes:
ssl/ssl_ciph.c | 2 ++
ssl/tls13_enc.c | 4 +---
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index bd97c0f..461a9de 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -171,6 +171,8 @@ static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef,
/* GOST2012_512 */
EVP_PKEY_HMAC,
+ /* MD5/SHA1, SHA224, SHA512 */
+ NID_undef, NID_undef, NID_undef
};
static size_t ssl_mac_secret_size[SSL_MD_NUM_IDX];
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index 6022950..e6cd705 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -323,11 +323,9 @@ int tls13_setup_key_block(SSL *s)
{
const EVP_CIPHER *c;
const EVP_MD *hash;
- int mac_type = NID_undef;
s->session->cipher = s->s3->tmp.new_cipher;
- if (!ssl_cipher_get_evp
- (s->session, &c, &hash, &mac_type, NULL, NULL, 0)) {
+ if (!ssl_cipher_get_evp(s->session, &c, &hash, NULL, NULL, NULL, 0)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_SETUP_KEY_BLOCK,
SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return 0;
More information about the openssl-commits
mailing list