[openssl/openssl] 3b7a32: Test a 0 return from the ticket key callback

Matt Caswell noreply at github.com
Tue Sep 20 07:19:45 UTC 2022 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 3b7a3241c225b152ba8519f540bcac5b680312c2
      https://github.com/openssl/openssl/commit/3b7a3241c225b152ba8519f540bcac5b680312c2
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-09-20 (Tue, 20 Sep 2022)

  Changed paths:
    M test/sslapitest.c

  Log Message:
  -----------
  Test a 0 return from the ticket key callback

A 0 return from a ticket key callback should indicate that crypto parameters
are not currently available and that the handshake should continue without
generating/using the ticket.

Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18990)


  Commit: 3e93c5fe1eab677500448e18e4274b26e4b246ae
      https://github.com/openssl/openssl/commit/3e93c5fe1eab677500448e18e4274b26e4b246ae
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-09-20 (Tue, 20 Sep 2022)

  Changed paths:
    M ssl/statem/statem.c
    M ssl/statem/statem_srvr.c

  Log Message:
  -----------
  If a ticket key callback returns 0 in TLSv1.3 don't send a ticket

If we can't construct the ticket don't send one. This requires a change
to the TLS state machine to be able to a handle a construction function
deciding not to send a message after all.

Fixes #18977

Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18990)


  Commit: 67ec6d2b747810db609330003dcf08c8c584105b
      https://github.com/openssl/openssl/commit/67ec6d2b747810db609330003dcf08c8c584105b
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-09-20 (Tue, 20 Sep 2022)

  Changed paths:
    M ssl/statem/statem.c
    M ssl/statem/statem.h
    M ssl/statem/statem_clnt.c
    M ssl/statem/statem_dtls.c
    M ssl/statem/statem_lib.c
    M ssl/statem/statem_local.h
    M ssl/statem/statem_srvr.c

  Log Message:
  -----------
  Use an enum for the return value from a construction function

Construction return values are no longer boolean but can return 3 different
values, so we use an enum to represent them.

Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18990)


Compare: https://github.com/openssl/openssl/compare/9b25f52a4425...67ec6d2b7478

More information about the openssl-commits mailing list