[openssl] master update

Fri Jun 19 10:37:17 UTC 2020

The branch master has been updated
       via  f36c3885b500786449f85cf8a89c2a925506a4ed (commit)
       via  cfbe41ea9138ba5f4fb6f859a72034ba4ddc693f (commit)
      from  989a85774b63a91ca8d3be558ec7560fdf91fa42 (commit)


- Log -----------------------------------------------------------------
commit f36c3885b500786449f85cf8a89c2a925506a4ed
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Jun 17 11:37:39 2020 +0100

    Return the cookie_len value from generate_cookie_callback
    
    The generate_cookie_callback was failing to pass back the generated
    cookie length to the caller. This results in DTLS connection failures
    from s_server.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12179)

commit cfbe41ea9138ba5f4fb6f859a72034ba4ddc693f
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Jun 17 11:34:49 2020 +0100

    Fix the DTLS1_COOKIE_LENGTH value
    
    The DTLS1_COOKIE_LENGTH value was incorrect in the header files. We
    couldn't change it before due to ABI concerns. However 3.0 is not ABI
    compatible so we can now fix it.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12179)

-----------------------------------------------------------------------

Summary of changes:
 apps/lib/s_cb.c          | 7 +++++--
 include/openssl/dtls1.h  | 7 ++-----
 ssl/statem/statem_srvr.c | 2 +-
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
index d021c868c3..5bddde5b03 100644
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -745,6 +745,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
     EVP_MAC *hmac = NULL;
     EVP_MAC_CTX *ctx = NULL;
     OSSL_PARAM params[3], *p = params;
+    size_t mac_len;
 
     /* Initialize a random secret */
     if (!cookie_initialized) {
@@ -808,10 +809,11 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
             BIO_printf(bio_err, "HMAC context update failed\n");
             goto end;
     }
-    if (!EVP_MAC_final(ctx, cookie, NULL, (size_t)cookie_len)) {
+    if (!EVP_MAC_final(ctx, cookie, &mac_len, DTLS1_COOKIE_LENGTH)) {
             BIO_printf(bio_err, "HMAC context final failed\n");
             goto end;
     }
+    *cookie_len = (int)mac_len;
     res = 1;
 end:
     OPENSSL_free(buffer);
@@ -840,7 +842,8 @@ int verify_cookie_callback(SSL *ssl, const unsigned char *cookie,
 int generate_stateless_cookie_callback(SSL *ssl, unsigned char *cookie,
                                        size_t *cookie_len)
 {
-    unsigned int temp;
+    unsigned int temp = 0;
+
     int res = generate_cookie_callback(ssl, cookie, &temp);
     *cookie_len = temp;
     return res;
diff --git a/include/openssl/dtls1.h b/include/openssl/dtls1.h
index bfc2d6e38f..a68cffd1d4 100644
--- a/include/openssl/dtls1.h
+++ b/include/openssl/dtls1.h
@@ -36,11 +36,8 @@ extern "C" {
 # define DTLS_ANY_VERSION                0x1FFFF
 
 /* lengths of messages */
-/*
- * Actually the max cookie length in DTLS is 255. But we can't change this now
- * due to compatibility concerns.
- */
-# define DTLS1_COOKIE_LENGTH                     256
+
+# define DTLS1_COOKIE_LENGTH                     255
 
 # define DTLS1_RT_HEADER_LENGTH                  13
 
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index d3913e1b7d..abffbd6326 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1312,7 +1312,7 @@ int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt)
     if (s->ctx->app_gen_cookie_cb == NULL ||
         s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
                                   &cookie_leni) == 0 ||
-        cookie_leni > 255) {
+        cookie_leni > DTLS1_COOKIE_LENGTH) {
         SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST,
                  SSL_R_COOKIE_GEN_CALLBACK_FAILURE);
         return 0;
