Commit cf3e221b authored by Matt Caswell's avatar Matt Caswell
Browse files

Ensure after an HRR any PSKs have the right hash 



Don't include a PSK that does not have the right hash for the selected
ciphersuite following an HRR.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2895)
parent 11c67eea

ssl/statem/extensions_clnt.c

+8 −0
Original line number Diff line number Diff line
@@ -769,6 +769,14 @@ int tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, 
        return 1;

    }



    if (s->hello_retry_request && md != ssl_handshake_md(s)) {

        /*

         * Selected ciphersuite hash does not match the hash for the session so

         * we can't use it.

         */

        return 1;

    }



    /*

     * Technically the C standard just says time() returns a time_t and says

     * nothing about the encoding of that type. In practice most implementations