summaryrefslogtreecommitdiff
path: root/src/lib/libssl/tls12_lib.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Harden tls12_finished_verify_data() by checking master key length.jsing2021-05-021-1/+4
| | | | | | | Require master key length to be greater than zero if we're asked to derive verify data for a finished or peer finished message. ok tb@
* Clean up and harden TLSv1.2 master key derivation.jsing2021-04-301-1/+24
| | | | | | | | | | | The master key and its length are only stored in one location, so it makes no sense to handle these outside of the derivation function (the current 'out' argument is unused). This simplifies the various call sites. If derivation fails for some reason, fail hard rather than continuing on and hoping that something deals with this correctly later. ok inoguchi@ tb@
* Clean up derivation of finished/peer finished.jsing2021-04-251-0/+92
Make this process more readable by having specific client/server functions, calling the correct one based on s->server. This allows to remove various SSL_ST_ACCEPT/SSL_ST_CONNECT checks, along with duplicate code. ok inoguchi@ tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-03 21:01:07 +0000