generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix PSK handling.

Browse Source 
The PSK identity hint should be stored in the SSL_SESSION structure
and not in the parent context (which will overwrite values used
by other SSL structures with the same SSL_CTX).

Use BUF_strndup when copying identity as it may not be null terminated.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 3c66a669df)
This commit is contained in:
Dr. Stephen Henson
2015-07-01 23:40:03 +01:00
parent eb0e2a5c5d
commit d6be3124f2
2 changed files with 4 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/s3_srvr.c
View File

@@ -2792,7 +2792,7 @@ int ssl3_get_client_key_exchange(SSL *s)
if (s->session->psk_identity != NULL)
OPENSSL_free(s->session->psk_identity);
s->session->psk_identity = BUF_strdup((char *)p);
s->session->psk_identity = BUF_strndup((char *)p, i);
if (s->session->psk_identity == NULL) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
goto psk_err;