Loading ssl/s3_srvr.c +1 −1 Original line number Diff line number Diff line Loading @@ -2714,7 +2714,7 @@ int ssl3_send_newsession_ticket(SSL *s) HMAC_CTX_init(&hctx); HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key, 16, EVP_sha1(), NULL); tlsext_tick_md(), NULL); HMAC_Update(&hctx, macstart, p - macstart); HMAC_Final(&hctx, p, &hlen); HMAC_CTX_cleanup(&hctx); Loading ssl/ssl_locl.h +5 −0 Original line number Diff line number Diff line Loading @@ -958,6 +958,11 @@ int ssl_prepare_clienthello_tlsext(SSL *s); int ssl_prepare_serverhello_tlsext(SSL *s); int ssl_check_clienthello_tlsext(SSL *s); int ssl_check_serverhello_tlsext(SSL *s); #ifdef OPENSSL_NO_SHA256 #define tlsext_tick_md EVP_sha1 #else #define tlsext_tick_md EVP_sha256 #endif int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, const unsigned char *limit, SSL_SESSION **ret); EVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md) ; Loading ssl/t1_lib.c +2 −2 Original line number Diff line number Diff line Loading @@ -565,7 +565,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Attempt to process session ticket, first conduct sanity and * integrity checks on ticket. */ mlen = EVP_MD_size(EVP_sha1()); mlen = EVP_MD_size(tlsext_tick_md()); eticklen -= mlen; /* Need at least keyname + iv + some encrypted data */ if (eticklen < 48) Loading @@ -576,7 +576,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Check HMAC of encrypted ticket */ HMAC_CTX_init(&hctx); HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key, 16, EVP_sha1(), NULL); tlsext_tick_md(), NULL); HMAC_Update(&hctx, etick, eticklen); HMAC_Final(&hctx, tick_hmac, NULL); HMAC_CTX_cleanup(&hctx); Loading Loading
ssl/s3_srvr.c +1 −1 Original line number Diff line number Diff line Loading @@ -2714,7 +2714,7 @@ int ssl3_send_newsession_ticket(SSL *s) HMAC_CTX_init(&hctx); HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key, 16, EVP_sha1(), NULL); tlsext_tick_md(), NULL); HMAC_Update(&hctx, macstart, p - macstart); HMAC_Final(&hctx, p, &hlen); HMAC_CTX_cleanup(&hctx); Loading
ssl/ssl_locl.h +5 −0 Original line number Diff line number Diff line Loading @@ -958,6 +958,11 @@ int ssl_prepare_clienthello_tlsext(SSL *s); int ssl_prepare_serverhello_tlsext(SSL *s); int ssl_check_clienthello_tlsext(SSL *s); int ssl_check_serverhello_tlsext(SSL *s); #ifdef OPENSSL_NO_SHA256 #define tlsext_tick_md EVP_sha1 #else #define tlsext_tick_md EVP_sha256 #endif int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, const unsigned char *limit, SSL_SESSION **ret); EVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md) ; Loading
ssl/t1_lib.c +2 −2 Original line number Diff line number Diff line Loading @@ -565,7 +565,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Attempt to process session ticket, first conduct sanity and * integrity checks on ticket. */ mlen = EVP_MD_size(EVP_sha1()); mlen = EVP_MD_size(tlsext_tick_md()); eticklen -= mlen; /* Need at least keyname + iv + some encrypted data */ if (eticklen < 48) Loading @@ -576,7 +576,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Check HMAC of encrypted ticket */ HMAC_CTX_init(&hctx); HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key, 16, EVP_sha1(), NULL); tlsext_tick_md(), NULL); HMAC_Update(&hctx, etick, eticklen); HMAC_Final(&hctx, tick_hmac, NULL); HMAC_CTX_cleanup(&hctx); Loading
