summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_clnt.c')
-rw-r--r--src/lib/libssl/ssl_clnt.c28
1 files changed, 19 insertions, 9 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index f5b8802a69..6f93b55ddc 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.142 2022/06/06 13:18:34 tb Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.143 2022/06/07 17:14:17 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -923,16 +923,26 @@ ssl3_get_server_hello(SSL *s)
923 * Check if we want to resume the session based on external 923 * Check if we want to resume the session based on external
924 * pre-shared secret. 924 * pre-shared secret.
925 */ 925 */
926 if (s->internal->tls_session_secret_cb) { 926 if (s->internal->tls_session_secret_cb != NULL) {
927 SSL_CIPHER *pref_cipher = NULL; 927 SSL_CIPHER *pref_cipher = NULL;
928 s->session->master_key_length = sizeof(s->session->master_key); 928 int master_key_length = sizeof(s->session->master_key);
929 if (s->internal->tls_session_secret_cb(s, s->session->master_key, 929
930 &s->session->master_key_length, NULL, &pref_cipher, 930 if (!s->internal->tls_session_secret_cb(s,
931 s->internal->tls_session_secret_cb_arg)) { 931 s->session->master_key, &master_key_length, NULL,
932 s->session->cipher = pref_cipher ? pref_cipher : 932 &pref_cipher, s->internal->tls_session_secret_cb_arg)) {
933 ssl3_get_cipher_by_value(cipher_suite); 933 SSLerror(s, ERR_R_INTERNAL_ERROR);
934 s->s3->flags |= SSL3_FLAGS_CCS_OK; 934 goto err;
935 }
936 if (master_key_length <= 0) {
937 SSLerror(s, ERR_R_INTERNAL_ERROR);
938 goto err;
935 } 939 }
940 s->session->master_key_length = master_key_length;
941
942 if ((s->session->cipher = pref_cipher) == NULL)
943 s->session->cipher =
944 ssl3_get_cipher_by_value(cipher_suite);
945 s->s3->flags |= SSL3_FLAGS_CCS_OK;
936 } 946 }
937 947
938 if (s->session->session_id_length != 0 && 948 if (s->session->session_id_length != 0 &&