[openssl/openssl] 6f8ebf: Add a test for the session_secret_cb

Matt Caswell noreply at github.com
Mon May 6 08:47:04 UTC 2024


  Branch: refs/heads/openssl-3.2
  Home:   https://github.com/openssl/openssl
  Commit: 6f8ebfb9f73adbb9a2ad74c5d2cf5d4d056dfa71
      https://github.com/openssl/openssl/commit/6f8ebfb9f73adbb9a2ad74c5d2cf5d4d056dfa71
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-05-06 (Mon, 06 May 2024)

  Changed paths:
    M test/sslapitest.c

  Log Message:
  -----------
  Add a test for the session_secret_cb

Ensure that if a session_secret_cb is being used that a connection can
be successfully made

Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)

(cherry picked from commit c8dddc61d49f84d1667de97e9548f07ccc92dddf)


  Commit: 8cdda690348d281abb75b787a436cd1c9462a9fd
      https://github.com/openssl/openssl/commit/8cdda690348d281abb75b787a436cd1c9462a9fd
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-05-06 (Mon, 06 May 2024)

  Changed paths:
    M ssl/statem/statem_srvr.c

  Log Message:
  -----------
  Set the server sig algs before calling the session_secret_cb

Setting the server sig algs sets up the certificate "s3->tmp.valid_flags".
These are needed when calling ssl3_choose_cipher() which can happen
immediately after calling the session_secret_cb

Fixes #24213

Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)

(cherry picked from commit 91c7ab27cebe4e6f6a6376e0a691736a2534fdd0)


  Commit: 6e526a0d987912891220617d682170976185cb5b
      https://github.com/openssl/openssl/commit/6e526a0d987912891220617d682170976185cb5b
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-05-06 (Mon, 06 May 2024)

  Changed paths:
    M doc/build.info
    A doc/man3/SSL_set_session_secret_cb.pod
    M util/missingssl.txt
    M util/other.syms

  Log Message:
  -----------
  Document the SSL_set_session_secret_cb() function

This function is only useful for EAP-FAST, but was previously undocumented.

Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)

(cherry picked from commit aecaaccaf93c4b36dd830accf08f2175059c5782)


  Commit: a79636d3aca7e996c2dc056a020488ea1fa396b1
      https://github.com/openssl/openssl/commit/a79636d3aca7e996c2dc056a020488ea1fa396b1
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-05-06 (Mon, 06 May 2024)

  Changed paths:
    M ssl/ssl_sess.c

  Log Message:
  -----------
  Fix undefined behaviour in the event of a zero length session id

Don't attempt to memcpy a NULL pointer if the length is 0.

Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)

(cherry picked from commit 97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3)


Compare: https://github.com/openssl/openssl/compare/a0f6e1f26287...a79636d3aca7

To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications


More information about the openssl-commits mailing list