summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2020-05-11 17:23:35 +0000
committerjsing <>2020-05-11 17:23:35 +0000
commit0457cfe2c74f9fa05dfdd745fa5292dd986b52d4 (patch)
tree81f58710658a179bd3e0e4d2c18ecd64a82af97b
parent2dbddc3bc2d66017076fb590ed025131e97b6703 (diff)
downloadopenbsd-0457cfe2c74f9fa05dfdd745fa5292dd986b52d4.tar.gz
openbsd-0457cfe2c74f9fa05dfdd745fa5292dd986b52d4.tar.bz2
openbsd-0457cfe2c74f9fa05dfdd745fa5292dd986b52d4.zip
Use ssl_get_new_session() in the TLSv1.3 server.
This correctly handles session being non-NULL and sets up a few more things, including ssl_version. Also stop setting the ssl_version to the server_version, as this is only used on the client side. ok tb@
Diffstat
-rw-r--r--src/lib/libssl/tls13_server.c7
1 files changed, 3 insertions, 4 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index 9616f392e1..1c286f573e 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_server.c,v 1.43 2020/05/10 17:13:30 tb Exp $ */ 1/* $OpenBSD: tls13_server.c,v 1.44 2020/05/11 17:23:35 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2020 Bob Beck <beck@openbsd.org> 4 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -34,10 +34,10 @@ tls13_server_init(struct tls13_ctx *ctx)
34 } 34 }
35 s->version = ctx->hs->max_version; 35 s->version = ctx->hs->max_version;
36 36
37 if (!tls1_transcript_init(s)) 37 if (!ssl_get_new_session(s, 0)) /* XXX */
38 return 0; 38 return 0;
39 39
40 if ((s->session = SSL_SESSION_new()) == NULL) 40 if (!tls1_transcript_init(s))
41 return 0; 41 return 0;
42 42
43 arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); 43 arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE);
@@ -262,7 +262,6 @@ tls13_server_engage_record_protection(struct tls13_ctx *ctx)
262 goto err; 262 goto err;
263 263
264 s->session->cipher = S3I(s)->hs.new_cipher; 264 s->session->cipher = S3I(s)->hs.new_cipher;
265 s->session->ssl_version = ctx->hs->server_version;
266 265
267 if ((ctx->aead = tls13_cipher_aead(S3I(s)->hs.new_cipher)) == NULL) 266 if ((ctx->aead = tls13_cipher_aead(S3I(s)->hs.new_cipher)) == NULL)
268 goto err; 267 goto err;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 17:40:57 +0000