diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/man/SSL_SESSION_new.3 | 5 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 10 |
2 files changed, 8 insertions, 7 deletions
diff --git a/src/lib/libssl/man/SSL_SESSION_new.3 b/src/lib/libssl/man/SSL_SESSION_new.3 index 1557eafb78..182266a311 100644 --- a/src/lib/libssl/man/SSL_SESSION_new.3 +++ b/src/lib/libssl/man/SSL_SESSION_new.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: SSL_SESSION_new.3,v 1.11 2025/10/24 11:36:54 tb Exp $ | 1 | .\" $OpenBSD: SSL_SESSION_new.3,v 1.12 2025/10/24 13:18:22 tb Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> | 3 | .\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -18,7 +18,8 @@ | |||
| 18 | .Dt SSL_SESSION_NEW 3 | 18 | .Dt SSL_SESSION_NEW 3 |
| 19 | .Os | 19 | .Os |
| 20 | .Sh NAME | 20 | .Sh NAME |
| 21 | .Nm SSL_SESSION_new | 21 | .Nm SSL_SESSION_new , |
| 22 | .Nm SSL_SESSION_dup | ||
| 22 | .Nd construct a new SSL_SESSION object | 23 | .Nd construct a new SSL_SESSION object |
| 23 | .Sh SYNOPSIS | 24 | .Sh SYNOPSIS |
| 24 | .Lb libssl libcrypto | 25 | .Lb libssl libcrypto |
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index f852e08a52..fa56db9563 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.110 2025/10/16 14:42:21 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.111 2025/10/25 12:31:44 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -327,7 +327,7 @@ tls13_client_hello_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 327 | } | 327 | } |
| 328 | 328 | ||
| 329 | static int | 329 | static int |
| 330 | tls13_server_hello_build(struct tls13_ctx *ctx, CBB *cbb, int hrr) | 330 | tls13_server_hello_build(struct tls13_ctx *ctx, CBB *cbb) |
| 331 | { | 331 | { |
| 332 | uint16_t tlsext_msg_type = SSL_TLSEXT_MSG_SH; | 332 | uint16_t tlsext_msg_type = SSL_TLSEXT_MSG_SH; |
| 333 | const uint8_t *server_random; | 333 | const uint8_t *server_random; |
| @@ -338,7 +338,7 @@ tls13_server_hello_build(struct tls13_ctx *ctx, CBB *cbb, int hrr) | |||
| 338 | cipher = SSL_CIPHER_get_value(ctx->hs->cipher); | 338 | cipher = SSL_CIPHER_get_value(ctx->hs->cipher); |
| 339 | server_random = s->s3->server_random; | 339 | server_random = s->s3->server_random; |
| 340 | 340 | ||
| 341 | if (hrr) { | 341 | if (ctx->hs->tls13.hrr) { |
| 342 | server_random = tls13_hello_retry_request_hash; | 342 | server_random = tls13_hello_retry_request_hash; |
| 343 | tlsext_msg_type = SSL_TLSEXT_MSG_HRR; | 343 | tlsext_msg_type = SSL_TLSEXT_MSG_HRR; |
| 344 | } | 344 | } |
| @@ -447,7 +447,7 @@ tls13_server_hello_retry_request_send(struct tls13_ctx *ctx, CBB *cbb) | |||
| 447 | if (ctx->hs->tls13.server_group == 0) | 447 | if (ctx->hs->tls13.server_group == 0) |
| 448 | return 0; | 448 | return 0; |
| 449 | 449 | ||
| 450 | if (!tls13_server_hello_build(ctx, cbb, 1)) | 450 | if (!tls13_server_hello_build(ctx, cbb)) |
| 451 | return 0; | 451 | return 0; |
| 452 | 452 | ||
| 453 | return 1; | 453 | return 1; |
| @@ -507,7 +507,7 @@ tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb) | |||
| 507 | if (!tls13_servername_process(ctx)) | 507 | if (!tls13_servername_process(ctx)) |
| 508 | return 0; | 508 | return 0; |
| 509 | 509 | ||
| 510 | if (!tls13_server_hello_build(ctx, cbb, 0)) | 510 | if (!tls13_server_hello_build(ctx, cbb)) |
| 511 | return 0; | 511 | return 0; |
| 512 | 512 | ||
| 513 | return 1; | 513 | return 1; |