diff options
| author | Matt Caswell <matt@openssl.org> | 2016-09-29 13:04:08 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-09-29 16:09:02 +0200 |
| commit | 4a424545c4f3148bfbf54270422e05177b4c392f (patch) | |
| tree | 6af6cb59a993b9ae8c659b4e590c1d95d098c346 /ssl | |
| parent | Convert ServerKeyExchange construction to WPACKET (diff) | |
| download | openssl-4a424545c4f3148bfbf54270422e05177b4c392f.tar.xz openssl-4a424545c4f3148bfbf54270422e05177b4c392f.zip | |
Fix a bug in CKE construction for PSK
In plain PSK we don't need to do anymore construction after the preamble.
We weren't detecting this case and treating it as an unknown cipher.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/statem/statem_clnt.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 67f4ac4310..e4b2219f06 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2496,7 +2496,7 @@ int tls_construct_client_key_exchange(SSL *s) } else if (alg_k & SSL_kSRP) { if (!tls_construct_cke_srp(s, &pkt, &al)) goto err; - } else { + } else if (!(alg_k & SSL_kPSK)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; |