Loading ssl/s3_srvr.c +1 −1 Original line number Diff line number Diff line Loading @@ -2792,7 +2792,7 @@ int ssl3_send_newsession_ticket(SSL *s) HMAC_CTX_init(&hctx); HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key, 16, EVP_sha1(), NULL); tlsext_tick_md(), NULL); HMAC_Update(&hctx, macstart, p - macstart); HMAC_Final(&hctx, p, &hlen); HMAC_CTX_cleanup(&hctx); Loading ssl/ssl_locl.h +5 −0 Original line number Diff line number Diff line Loading @@ -987,6 +987,11 @@ int ssl_prepare_clienthello_tlsext(SSL *s); int ssl_prepare_serverhello_tlsext(SSL *s); int ssl_check_clienthello_tlsext(SSL *s); int ssl_check_serverhello_tlsext(SSL *s); #ifdef OPENSSL_NO_SHA256 #define tlsext_tick_md EVP_sha1 #else #define tlsext_tick_md EVP_sha256 #endif int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, const unsigned char *limit, SSL_SESSION **ret); #endif Loading ssl/t1_lib.c +2 −2 Original line number Diff line number Diff line Loading @@ -985,7 +985,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Attempt to process session ticket, first conduct sanity and * integrity checks on ticket. */ mlen = EVP_MD_size(EVP_sha1()); mlen = EVP_MD_size(tlsext_tick_md()); eticklen -= mlen; /* Need at least keyname + iv + some encrypted data */ if (eticklen < 48) Loading @@ -996,7 +996,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Check HMAC of encrypted ticket */ HMAC_CTX_init(&hctx); HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key, 16, EVP_sha1(), NULL); tlsext_tick_md(), NULL); HMAC_Update(&hctx, etick, eticklen); HMAC_Final(&hctx, tick_hmac, NULL); HMAC_CTX_cleanup(&hctx); Loading Loading
ssl/s3_srvr.c +1 −1 Original line number Diff line number Diff line Loading @@ -2792,7 +2792,7 @@ int ssl3_send_newsession_ticket(SSL *s) HMAC_CTX_init(&hctx); HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key, 16, EVP_sha1(), NULL); tlsext_tick_md(), NULL); HMAC_Update(&hctx, macstart, p - macstart); HMAC_Final(&hctx, p, &hlen); HMAC_CTX_cleanup(&hctx); Loading
ssl/ssl_locl.h +5 −0 Original line number Diff line number Diff line Loading @@ -987,6 +987,11 @@ int ssl_prepare_clienthello_tlsext(SSL *s); int ssl_prepare_serverhello_tlsext(SSL *s); int ssl_check_clienthello_tlsext(SSL *s); int ssl_check_serverhello_tlsext(SSL *s); #ifdef OPENSSL_NO_SHA256 #define tlsext_tick_md EVP_sha1 #else #define tlsext_tick_md EVP_sha256 #endif int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, const unsigned char *limit, SSL_SESSION **ret); #endif Loading
ssl/t1_lib.c +2 −2 Original line number Diff line number Diff line Loading @@ -985,7 +985,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Attempt to process session ticket, first conduct sanity and * integrity checks on ticket. */ mlen = EVP_MD_size(EVP_sha1()); mlen = EVP_MD_size(tlsext_tick_md()); eticklen -= mlen; /* Need at least keyname + iv + some encrypted data */ if (eticklen < 48) Loading @@ -996,7 +996,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Check HMAC of encrypted ticket */ HMAC_CTX_init(&hctx); HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key, 16, EVP_sha1(), NULL); tlsext_tick_md(), NULL); HMAC_Update(&hctx, etick, eticklen); HMAC_Final(&hctx, tick_hmac, NULL); HMAC_CTX_cleanup(&hctx); Loading
