Fix calls to SSL_get_server_tmp_key() in TLSv1.3

The macro SSL_get_server_tmp_key() returns information about the temp key used by the server during a handshake. This was returning NULL for TLSv1.3 and causing s_client to omit this information in its connection summary. Fixes #3081 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3114)
author: Matt Caswell <matt@openssl.org> 2017-04-03 15:24:06 +0100
committer: Matt Caswell <matt@openssl.org> 2017-04-03 19:18:47 +0100
commit: 090c8118e8d37f5631a421384a24ded35940690c (patch)
tree: ce2499290db4acc19447cb2224eecd0da3b5b43e /ssl
parent: a0cb628b17ecfd6e161870376b925a0045c99d00 (diff)
download: openssl-090c8118e8d37f5631a421384a24ded35940690c.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 939ad4cf44..8bb9a888f3 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1295,7 +1295,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     EVP_PKEY *ckey = s->s3->tmp.pkey, *skey = NULL;
 
     /* Sanity check */
-    if (ckey == NULL) {
+    if (ckey == NULL || s->s3->peer_tmp != NULL) {
         *al = SSL_AD_INTERNAL_ERROR;
         SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, ERR_R_INTERNAL_ERROR);
         return 0;
@@ -1386,7 +1386,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         EVP_PKEY_free(skey);
         return 0;
     }
-    EVP_PKEY_free(skey);
+    s->s3->peer_tmp = skey;
 #endif
 
     return 1;
author	Matt Caswell <matt@openssl.org>	2017-04-03 15:24:06 +0100
committer	Matt Caswell <matt@openssl.org>	2017-04-03 19:18:47 +0100
commit	090c8118e8d37f5631a421384a24ded35940690c (patch)
tree	ce2499290db4acc19447cb2224eecd0da3b5b43e /ssl
parent	a0cb628b17ecfd6e161870376b925a0045c99d00 (diff)
download	openssl-090c8118e8d37f5631a421384a24ded35940690c.tar.gz