[openssl/openssl] a13df6: Fix handling of max_fragment_length extension for PSK

fwh-dc noreply at github.com
Thu Jun 20 14:53:55 UTC 2024


  Branch: refs/heads/openssl-3.3
  Home:   https://github.com/openssl/openssl
  Commit: a13df68796828794920403c31d77409b0f06bae0
      https://github.com/openssl/openssl/commit/a13df68796828794920403c31d77409b0f06bae0
  Author: Frederik Wedel-Heinen <frederik.wedel-heinen at dencrypt.dk>
  Date:   2024-06-20 (Thu, 20 Jun 2024)

  Changed paths:
    M include/openssl/tls1.h
    M ssl/ssl_sess.c
    M ssl/statem/extensions.c
    M ssl/statem/extensions_srvr.c
    M ssl/t1_lib.c

  Log Message:
  -----------
  Fix handling of max_fragment_length extension for PSK

A psk session was assumed to be a resumption which failed a check
when parsing the max_fragment_length extension hello from the client.

Relevant code from PR#18130 which was a suggested fix to the issue
was cherry-picked.

Fixes #18121

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24513)

(cherry picked from commit fa495604516a610d988f02298c8d97a6ac4777bb)



To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications


More information about the openssl-commits mailing list