Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 3b7a3241c225b152ba8519f540bcac5b680312c2 https://github.com/openssl/openssl/commit/3b7a3241c225b152ba8519f540bcac5b680312c2 Author: Matt Caswell <m...@openssl.org> Date: 2022-09-20 (Tue, 20 Sep 2022)
Changed paths: M test/sslapitest.c Log Message: ----------- Test a 0 return from the ticket key callback A 0 return from a ticket key callback should indicate that crypto parameters are not currently available and that the handshake should continue without generating/using the ticket. Reviewed-by: Viktor Dukhovni <vik...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Hugo Landau <hlan...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18990) Commit: 3e93c5fe1eab677500448e18e4274b26e4b246ae https://github.com/openssl/openssl/commit/3e93c5fe1eab677500448e18e4274b26e4b246ae Author: Matt Caswell <m...@openssl.org> Date: 2022-09-20 (Tue, 20 Sep 2022) Changed paths: M ssl/statem/statem.c M ssl/statem/statem_srvr.c Log Message: ----------- If a ticket key callback returns 0 in TLSv1.3 don't send a ticket If we can't construct the ticket don't send one. This requires a change to the TLS state machine to be able to a handle a construction function deciding not to send a message after all. Fixes #18977 Reviewed-by: Viktor Dukhovni <vik...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Hugo Landau <hlan...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18990) Commit: 67ec6d2b747810db609330003dcf08c8c584105b https://github.com/openssl/openssl/commit/67ec6d2b747810db609330003dcf08c8c584105b Author: Matt Caswell <m...@openssl.org> Date: 2022-09-20 (Tue, 20 Sep 2022) Changed paths: M ssl/statem/statem.c M ssl/statem/statem.h M ssl/statem/statem_clnt.c M ssl/statem/statem_dtls.c M ssl/statem/statem_lib.c M ssl/statem/statem_local.h M ssl/statem/statem_srvr.c Log Message: ----------- Use an enum for the return value from a construction function Construction return values are no longer boolean but can return 3 different values, so we use an enum to represent them. Reviewed-by: Viktor Dukhovni <vik...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> Reviewed-by: Hugo Landau <hlan...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18990) Compare: https://github.com/openssl/openssl/compare/9b25f52a4425...67ec6d2b7478