Commit d6be3124 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Fix PSK handling. 



The PSK identity hint should be stored in the SSL_SESSION structure
and not in the parent context (which will overwrite values used
by other SSL structures with the same SSL_CTX).

Use BUF_strndup when copying identity as it may not be null terminated.

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(cherry picked from commit 3c66a669)
parent eb0e2a5c

ssl/s3_clnt.c

+3 −14
Original line number Diff line number Diff line
@@ -1381,8 +1381,6 @@ int ssl3_get_key_exchange(SSL *s) 


#ifndef OPENSSL_NO_PSK

    if (alg_k & SSL_kPSK) {

        char tmp_id_hint[PSK_MAX_IDENTITY_LEN + 1];



        param_len = 2;

        if (param_len > n) {

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
@@ -1408,17 +1406,8 @@ int ssl3_get_key_exchange(SSL *s) 
        }

        param_len += i;



        /*

         * If received PSK identity hint contains NULL characters, the hint

         * is truncated from the first NULL. p may not be ending with NULL,

         * so create a NULL-terminated string.

         */

        memcpy(tmp_id_hint, p, i);

        memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);

        if (s->ctx->psk_identity_hint != NULL)

            OPENSSL_free(s->ctx->psk_identity_hint);

        s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);

        if (s->ctx->psk_identity_hint == NULL) {

        s->session->psk_identity_hint = BUF_strndup((char *)p, i);

        if (s->session->psk_identity_hint == NULL) {

            al = SSL_AD_HANDSHAKE_FAILURE;

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);

            goto f_err;
@@ -2951,7 +2940,7 @@ int ssl3_send_client_key_exchange(SSL *s) 
            }



            memset(identity, 0, sizeof(identity));

            psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,

            psk_len = s->psk_client_callback(s, s->session->psk_identity_hint,

                                             identity, sizeof(identity) - 1,

                                             psk_or_pre_ms,

                                             sizeof(psk_or_pre_ms));

ssl/s3_srvr.c

+1 −1
Original line number Diff line number Diff line
@@ -2792,7 +2792,7 @@ int ssl3_get_client_key_exchange(SSL *s) 


        if (s->session->psk_identity != NULL)

            OPENSSL_free(s->session->psk_identity);

        s->session->psk_identity = BUF_strdup((char *)p);

        s->session->psk_identity = BUF_strndup((char *)p, i);

        if (s->session->psk_identity == NULL) {

            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);

            goto psk_err;