Commit 6e99ae58 authored Jan 30, 2018 by Matt Caswell

Ignore an s_client psk in TLSv1.3 if not TLSv1.3 suitable



The s_client psk_use_session_cb callback has a comment stating that we
should ignore a key that isn't suitable for TLSv1.3. However we were
actually causing the connection to fail. Changing the return value fixes
the issue.

Also related to this is that the early_data extension was not marked as
TLSv1.3 only which it should be.

Fixes #5202

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5205)

parent cb1c3d1a

apps/s_client.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -208,7 +208,7 @@ static int psk_use_session_cb(SSL s, const EVP_MD md,
		*id = NULL;
		*idlen = 0;
		*sess = NULL;
		return 0;
		return 1;
		}
		usesess = SSL_SESSION_new();
		if (usesess == NULL

ssl/statem/extensions.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -358,7 +358,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
		{
		TLSEXT_TYPE_early_data,
		SSL_EXT_CLIENT_HELLO \| SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS
		\| SSL_EXT_TLS1_3_NEW_SESSION_TICKET,
		\| SSL_EXT_TLS1_3_NEW_SESSION_TICKET \| SSL_EXT_TLS1_3_ONLY,
		NULL, tls_parse_ctos_early_data, tls_parse_stoc_early_data,
		tls_construct_stoc_early_data, tls_construct_ctos_early_data,
		final_early_data