Adjust EVP_PKEY_CTRL_HKDF_KEY to OpenSSL's semantics - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2023-06-26 08:57:17 +0000
committer	tb <>	2023-06-26 08:57:17 +0000
commit	36dc6e3bd638a341fcee604245bf23d1c02bfd13 (patch)
tree	1f9aeffc6ddfee06361ae9af06c8aa5748ef2339 /src/lib/libssl/ssl_kex.c
parent	1d25a3f2bf52b2b6953443bff609b553c386a202 (diff)
download	openbsd-36dc6e3bd638a341fcee604245bf23d1c02bfd13.tar.gz openbsd-36dc6e3bd638a341fcee604245bf23d1c02bfd13.tar.bz2 openbsd-36dc6e3bd638a341fcee604245bf23d1c02bfd13.zip

Adjust EVP_PKEY_CTRL_HKDF_KEY to OpenSSL's semantics

For some reason there is no NULL check on setting the HKDF key for p2 like in the other cases in the switch, instead OpenSSL fail in memdup, nulling out the key but leaving he key_len at the old value. This looks accidental but our behavior makes some haproxy regress tests segfault. So mimic weird OpenSSL semantics but in addition set the key_len to 0. Reported by Ilya Shipitsin ok jsing

Diffstat (limited to 'src/lib/libssl/ssl_kex.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: