Commit 011d768a authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix some bugs in the TLSv1.3 PSK code 



Found while developing the PSK tests

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)
parent 725b0f1e

ssl/statem/extensions_clnt.c

+4 −1
Original line number Diff line number Diff line
@@ -898,7 +898,7 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, 
            goto err;

        }



        if (s->hello_retry_request && mdres != handmd) {

        if (s->hello_retry_request && mdpsk != handmd) {

            /*

             * Selected ciphersuite hash does not match the hash for the PSK

             * session. This is an application bug.
@@ -971,12 +971,15 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, 


    if (dores)

        s->session->ext.tick_identity = 0;

    SSL_SESSION_free(s->psksession);

    s->psksession = psksess;

    if (psksess != NULL)

        s->psksession->ext.tick_identity = (dores ? 1 : 0);

    psksess = NULL;



    ret = EXT_RETURN_SENT;

 err:

    SSL_SESSION_free(psksess);

    return ret;

#else

    return 1;

ssl/statem/extensions_srvr.c

+9 −2
Original line number Diff line number Diff line
@@ -713,8 +713,15 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, 
        }



        if (s->psk_find_session_cb != NULL

                && s->psk_find_session_cb(s, PACKET_data(&identity),

                                          PACKET_remaining(&identity), &sess)) {

                && !s->psk_find_session_cb(s, PACKET_data(&identity),

                                           PACKET_remaining(&identity),

                                           &sess)) {

            *al = SSL_AD_INTERNAL_ERROR;

            return 0;

        }



        if (sess != NULL) {

            /* We found a PSK */

            SSL_SESSION *sesstmp = ssl_session_dup(sess, 0);



            if (sesstmp == NULL) {