diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index d5791e3ffc..9cedc084ab 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.155 2022/10/02 16:36:41 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.156 2022/10/20 15:18:54 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1647,6 +1647,7 @@ ssl3_get_new_session_ticket(SSL *s) | |||
| 1647 | * assumptions elsewhere in OpenSSL. The session ID is set | 1647 | * assumptions elsewhere in OpenSSL. The session ID is set |
| 1648 | * to the SHA256 hash of the ticket. | 1648 | * to the SHA256 hash of the ticket. |
| 1649 | */ | 1649 | */ |
| 1650 | /* XXX - ensure this doesn't overflow session_id if hash is changed. */ | ||
| 1650 | if (!EVP_Digest(CBS_data(&session_ticket), CBS_len(&session_ticket), | 1651 | if (!EVP_Digest(CBS_data(&session_ticket), CBS_len(&session_ticket), |
| 1651 | s->session->session_id, &session_id_length, EVP_sha256(), NULL)) { | 1652 | s->session->session_id, &session_id_length, EVP_sha256(), NULL)) { |
| 1652 | al = SSL_AD_INTERNAL_ERROR; | 1653 | al = SSL_AD_INTERNAL_ERROR; |