The branch master has been updated via ea09abc80892920ee5db4de82bed7a193b5896f0 (commit) via 7fe0ed75e3e7760226a0a3a5a86cf3887004f6e4 (commit) from d63bde7827b0be1172f823baf25309b54aa87e0f (commit)
- Log ----------------------------------------------------------------- commit ea09abc80892920ee5db4de82bed7a193b5896f0 Author: Matt Caswell <m...@openssl.org> Date: Mon Jan 14 16:37:14 2019 +0000 Don't get the mac type in TLSv1.3 We don't use this information so we shouldn't fetch it. As noted in the comments in #8005. Reviewed-by: Ben Kaduk <ka...@mit.edu> (Merged from https://github.com/openssl/openssl/pull/8020) commit 7fe0ed75e3e7760226a0a3a5a86cf3887004f6e4 Author: Matt Caswell <m...@openssl.org> Date: Mon Jan 14 16:36:33 2019 +0000 Add missing entries in ssl_mac_pkey_id Fixes #8005 Reviewed-by: Ben Kaduk <ka...@mit.edu> (Merged from https://github.com/openssl/openssl/pull/8020) ----------------------------------------------------------------------- Summary of changes: ssl/ssl_ciph.c | 2 ++ ssl/tls13_enc.c | 4 +--- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index bd97c0f..461a9de 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -171,6 +171,8 @@ static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = { EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef, /* GOST2012_512 */ EVP_PKEY_HMAC, + /* MD5/SHA1, SHA224, SHA512 */ + NID_undef, NID_undef, NID_undef }; static size_t ssl_mac_secret_size[SSL_MD_NUM_IDX]; diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 6022950..e6cd705 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -323,11 +323,9 @@ int tls13_setup_key_block(SSL *s) { const EVP_CIPHER *c; const EVP_MD *hash; - int mac_type = NID_undef; s->session->cipher = s->s3->tmp.new_cipher; - if (!ssl_cipher_get_evp - (s->session, &c, &hash, &mac_type, NULL, NULL, 0)) { + if (!ssl_cipher_get_evp(s->session, &c, &hash, NULL, NULL, NULL, 0)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE); return 0; _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits