diff options
author | Hugo Landau <hlandau@openssl.org> | 2024-02-13 11:29:53 +0000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-02-14 18:14:52 +0100 |
commit | 12c0d72c4a82804f3c2d234ea9ea4e3a2fbb257b (patch) | |
tree | 90b05d9d131f6b5b71e200de88e81de09a8a3be3 | |
parent | 53273092f6d64e91f4116bb781eb74dcc98a25dc (diff) | |
download | openssl-12c0d72c4a82804f3c2d234ea9ea4e3a2fbb257b.tar.gz |
Fix SSL_export_keying_material for QUIC
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23567)
(cherry picked from commit 498d4e4c4f4a1e220cfa64cfcc76174e2f656fd0)
-rw-r--r-- | ssl/ssl_lib.c | 7 | ||||
-rw-r--r-- | test/quicapitest.c | 8 |
2 files changed, 11 insertions, 4 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 7d618bd700..f44a1bfe33 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3766,9 +3766,10 @@ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, || (sc->version < TLS1_VERSION && sc->version != DTLS1_BAD_VER)) return -1; - return s->method->ssl3_enc->export_keying_material(sc, out, olen, label, - llen, context, - contextlen, use_context); + return sc->ssl.method->ssl3_enc->export_keying_material(sc, out, olen, label, + llen, context, + contextlen, + use_context); } int SSL_export_keying_material_early(SSL *s, unsigned char *out, size_t olen, diff --git a/test/quicapitest.c b/test/quicapitest.c index 41cf0fc7a8..9a1034b7b7 100644 --- a/test/quicapitest.c +++ b/test/quicapitest.c @@ -53,7 +53,7 @@ static int test_quic_write_read(int idx) SSL *clientquic = NULL; QUIC_TSERVER *qtserv = NULL; int j, k, ret = 0; - unsigned char buf[20]; + unsigned char buf[20], scratch[64]; static char *msg = "A test message"; size_t msglen = strlen(msg); size_t numbytes = 0; @@ -153,6 +153,12 @@ static int test_quic_write_read(int idx) goto end; } + /* Test that exporters work. */ + if (!TEST_true(SSL_export_keying_material(clientquic, scratch, + sizeof(scratch), "test", 4, (unsigned char *)"ctx", 3, + 1))) + goto end; + if (sess == NULL) { /* We didn't supply a session so we're not expecting resumption */ if (!TEST_false(SSL_session_reused(clientquic))) |