jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

OpenSSL: Implement SSL_set_session_secret_cb() callback for OpenSSL 1.1.0

Browse source 
This needs to use the new accessor functions for client/server random
since the previously used direct access won't be available anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-07-28 01:00:06 +03:00
parent 005c5dcf43
commit 4d2a1b4f8f
1 changed files with 18 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
src/crypto/tls_openssl.c
View file

@ -3690,6 +3690,7 @@ static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len,
struct tls_connection *conn = arg;
int ret;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
if (conn == NULL || conn->session_ticket_cb == NULL)
return 0;
@ -3698,6 +3699,23 @@ static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len,
conn->session_ticket_len,
s->s3->client_random,
s->s3->server_random, secret);
#else
unsigned char client_random[SSL3_RANDOM_SIZE];
unsigned char server_random[SSL3_RANDOM_SIZE];
if (conn == NULL || conn->session_ticket_cb == NULL)
return 0;
SSL_get_client_random(s, client_random, sizeof(client_random));
SSL_get_server_random(s, server_random, sizeof(server_random));
ret = conn->session_ticket_cb(conn->session_ticket_cb_ctx,
conn->session_ticket,
conn->session_ticket_len,
client_random,
server_random, secret);
#endif
os_free(conn->session_ticket);
conn->session_ticket = NULL;