diff options
Diffstat (limited to 'src/lib/libssl/ssl_clnt.c')
-rw-r--r-- | src/lib/libssl/ssl_clnt.c | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index f5b8802a69..6f93b55ddc 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssl_clnt.c,v 1.142 2022/06/06 13:18:34 tb Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.143 2022/06/07 17:14:17 tb Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -923,16 +923,26 @@ ssl3_get_server_hello(SSL *s) | |||
923 | * Check if we want to resume the session based on external | 923 | * Check if we want to resume the session based on external |
924 | * pre-shared secret. | 924 | * pre-shared secret. |
925 | */ | 925 | */ |
926 | if (s->internal->tls_session_secret_cb) { | 926 | if (s->internal->tls_session_secret_cb != NULL) { |
927 | SSL_CIPHER *pref_cipher = NULL; | 927 | SSL_CIPHER *pref_cipher = NULL; |
928 | s->session->master_key_length = sizeof(s->session->master_key); | 928 | int master_key_length = sizeof(s->session->master_key); |
929 | if (s->internal->tls_session_secret_cb(s, s->session->master_key, | 929 | |
930 | &s->session->master_key_length, NULL, &pref_cipher, | 930 | if (!s->internal->tls_session_secret_cb(s, |
931 | s->internal->tls_session_secret_cb_arg)) { | 931 | s->session->master_key, &master_key_length, NULL, |
932 | s->session->cipher = pref_cipher ? pref_cipher : | 932 | &pref_cipher, s->internal->tls_session_secret_cb_arg)) { |
933 | ssl3_get_cipher_by_value(cipher_suite); | 933 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
934 | s->s3->flags |= SSL3_FLAGS_CCS_OK; | 934 | goto err; |
935 | } | ||
936 | if (master_key_length <= 0) { | ||
937 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
938 | goto err; | ||
935 | } | 939 | } |
940 | s->session->master_key_length = master_key_length; | ||
941 | |||
942 | if ((s->session->cipher = pref_cipher) == NULL) | ||
943 | s->session->cipher = | ||
944 | ssl3_get_cipher_by_value(cipher_suite); | ||
945 | s->s3->flags |= SSL3_FLAGS_CCS_OK; | ||
936 | } | 946 | } |
937 | 947 | ||
938 | if (s->session->session_id_length != 0 && | 948 | if (s->session->session_id_length != 0 && |