[openssl/openssl] c8dddc: Add a test for the session_secret_cb

Matt Caswell noreply at github.com
Mon May 6 08:47:04 UTC 2024 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: c8dddc61d49f84d1667de97e9548f07ccc92dddf
      https://github.com/openssl/openssl/commit/c8dddc61d49f84d1667de97e9548f07ccc92dddf
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-05-06 (Mon, 06 May 2024)

  Changed paths:
    M test/sslapitest.c

  Log Message:
  -----------
  Add a test for the session_secret_cb

Ensure that if a session_secret_cb is being used that a connection can
be successfully made

Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)


  Commit: 91c7ab27cebe4e6f6a6376e0a691736a2534fdd0
      https://github.com/openssl/openssl/commit/91c7ab27cebe4e6f6a6376e0a691736a2534fdd0
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-05-06 (Mon, 06 May 2024)

  Changed paths:
    M ssl/statem/statem_srvr.c

  Log Message:
  -----------
  Set the server sig algs before calling the session_secret_cb

Setting the server sig algs sets up the certificate "s3->tmp.valid_flags".
These are needed when calling ssl3_choose_cipher() which can happen
immediately after calling the session_secret_cb

Fixes #24213

Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)


  Commit: aecaaccaf93c4b36dd830accf08f2175059c5782
      https://github.com/openssl/openssl/commit/aecaaccaf93c4b36dd830accf08f2175059c5782
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-05-06 (Mon, 06 May 2024)

  Changed paths:
    M doc/build.info
    A doc/man3/SSL_set_session_secret_cb.pod
    M util/missingssl.txt
    M util/other.syms

  Log Message:
  -----------
  Document the SSL_set_session_secret_cb() function

This function is only useful for EAP-FAST, but was previously undocumented.

Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)


  Commit: 97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3
      https://github.com/openssl/openssl/commit/97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-05-06 (Mon, 06 May 2024)

  Changed paths:
    M ssl/ssl_sess.c

  Log Message:
  -----------
  Fix undefined behaviour in the event of a zero length session id

Don't attempt to memcpy a NULL pointer if the length is 0.

Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)


Compare: https://github.com/openssl/openssl/compare/327261c076b8...97c6489b39c9

To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications

More information about the openssl-commits mailing list