|
|
a2b5a9 |
diff -up openssl-1.0.1e/ssl/s3_clnt.c.psk-identity openssl-1.0.1e/ssl/s3_clnt.c
|
|
|
a2b5a9 |
--- openssl-1.0.1e/ssl/s3_clnt.c.psk-identity 2015-12-04 09:01:53.000000000 +0100
|
|
|
a2b5a9 |
+++ openssl-1.0.1e/ssl/s3_clnt.c 2015-12-04 09:36:24.182010426 +0100
|
|
|
a2b5a9 |
@@ -1367,8 +1367,6 @@ int ssl3_get_key_exchange(SSL *s)
|
|
|
a2b5a9 |
#ifndef OPENSSL_NO_PSK
|
|
|
a2b5a9 |
if (alg_k & SSL_kPSK)
|
|
|
a2b5a9 |
{
|
|
|
a2b5a9 |
- char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1];
|
|
|
a2b5a9 |
-
|
|
|
a2b5a9 |
al=SSL_AD_HANDSHAKE_FAILURE;
|
|
|
a2b5a9 |
n2s(p,i);
|
|
|
a2b5a9 |
param_len=i+2;
|
|
|
a2b5a9 |
@@ -1389,16 +1387,8 @@ int ssl3_get_key_exchange(SSL *s)
|
|
|
a2b5a9 |
SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
|
|
|
a2b5a9 |
goto f_err;
|
|
|
a2b5a9 |
}
|
|
|
a2b5a9 |
- /* If received PSK identity hint contains NULL
|
|
|
a2b5a9 |
- * characters, the hint is truncated from the first
|
|
|
a2b5a9 |
- * NULL. p may not be ending with NULL, so create a
|
|
|
a2b5a9 |
- * NULL-terminated string. */
|
|
|
a2b5a9 |
- memcpy(tmp_id_hint, p, i);
|
|
|
a2b5a9 |
- memset(tmp_id_hint+i, 0, PSK_MAX_IDENTITY_LEN+1-i);
|
|
|
a2b5a9 |
- if (s->ctx->psk_identity_hint != NULL)
|
|
|
a2b5a9 |
- OPENSSL_free(s->ctx->psk_identity_hint);
|
|
|
a2b5a9 |
- s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);
|
|
|
a2b5a9 |
- if (s->ctx->psk_identity_hint == NULL)
|
|
|
a2b5a9 |
+ s->session->psk_identity_hint = BUF_strndup((char *)p, i);
|
|
|
a2b5a9 |
+ if (s->session->psk_identity_hint == NULL)
|
|
|
a2b5a9 |
{
|
|
|
a2b5a9 |
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
|
|
|
a2b5a9 |
goto f_err;
|
|
|
a2b5a9 |
@@ -2904,7 +2894,7 @@ int ssl3_send_client_key_exchange(SSL *s
|
|
|
a2b5a9 |
goto err;
|
|
|
a2b5a9 |
}
|
|
|
a2b5a9 |
|
|
|
a2b5a9 |
- psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
|
|
|
a2b5a9 |
+ psk_len = s->psk_client_callback(s, s->session->psk_identity_hint,
|
|
|
a2b5a9 |
identity, PSK_MAX_IDENTITY_LEN,
|
|
|
a2b5a9 |
psk_or_pre_ms, sizeof(psk_or_pre_ms));
|
|
|
a2b5a9 |
if (psk_len > PSK_MAX_PSK_LEN)
|
|
|
a2b5a9 |
diff -up openssl-1.0.1e/ssl/s3_srvr.c.psk-identity openssl-1.0.1e/ssl/s3_srvr.c
|
|
|
a2b5a9 |
--- openssl-1.0.1e/ssl/s3_srvr.c.psk-identity 2015-12-04 09:01:53.000000000 +0100
|
|
|
a2b5a9 |
+++ openssl-1.0.1e/ssl/s3_srvr.c 2015-12-04 09:43:45.144086868 +0100
|
|
|
a2b5a9 |
@@ -2751,7 +2751,7 @@ int ssl3_get_client_key_exchange(SSL *s)
|
|
|
a2b5a9 |
|
|
|
a2b5a9 |
if (s->session->psk_identity != NULL)
|
|
|
a2b5a9 |
OPENSSL_free(s->session->psk_identity);
|
|
|
a2b5a9 |
- s->session->psk_identity = BUF_strdup((char *)p);
|
|
|
a2b5a9 |
+ s->session->psk_identity = BUF_strndup((char *)p, i);
|
|
|
a2b5a9 |
if (s->session->psk_identity == NULL)
|
|
|
a2b5a9 |
{
|
|
|
a2b5a9 |
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
|