The compatibility with 1.0.0beta1 required more changes than I
thought...the function tls1_PRF was modified significantly. So here's
a working version of the patch:
--- ssl/ssl.h 2008-12-27 03:09:23.000000000 +0100
+++ ssl/ssl.h 2009-04-17 11:03:58.000000000 +0200
@@ -1770,6 +1770,10 @@
/* Pre-shared secret session resumption functions */
int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn
tls_session_secret_cb, void *arg);
+void SSL_tls1_key_extractor(SSL *s, unsigned char *label, int
label_len,
+ unsigned char *context,
int context_len,
+ unsigned char *out, int
olen);
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl.
Any changes
* made after this point may be overwritten when the script is next
run.
--- ssl/t1_enc.c 2009-01-11 21:34:23.000000000 +0100
+++ ssl/t1_enc.c 2009-04-17 11:06:30.000000000 +0200
@@ -1006,3 +1006,17 @@
}
}
+void SSL_tls1_key_extractor(SSL *s, unsigned char *label, int
label_len,
+ unsigned char *context,
int context_len,
+ unsigned char *out, int
olen)
+ {
+ unsigned char tmp[olen];
+
+ tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+ label, label_len,
+ s->s3->client_random,SSL3_RANDOM_SIZE,
+ s->s3->server_random,SSL3_RANDOM_SIZE,
+ context, context_len, NULL, 0,
+ s->session->master_key, s->session->master_key_length,
+ out, tmp, olen);
+ }
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
