diff options
author | Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com> | 2018-01-18 15:39:45 +0900 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-02-02 23:52:59 +0000 |
commit | b1a51abb935163cbb0b0089ad9ee8ff174341bbd (patch) | |
tree | 311824c99c17d2c1d6733d751d148fb314ebd9f1 /ssl | |
parent | 2221ec10ab2771d7effad839392c88f35cde04a3 (diff) | |
download | openssl-b1a51abb935163cbb0b0089ad9ee8ff174341bbd.tar.gz |
Remove generation of exporter master secret on client application traffic
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4944)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/tls13_enc.c | 10 |
1 files changed, 0 insertions, 10 deletions
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 7975be54a8..f555df54fc 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -562,16 +562,6 @@ int tls13_change_cipher_state(SSL *s, int which) goto err; } s->session->master_key_length = hashlen; - - /* Now we create the exporter master secret */ - if (!tls13_hkdf_expand(s, ssl_handshake_md(s), insecret, - exporter_master_secret, - sizeof(exporter_master_secret) - 1, - hash, hashlen, s->exporter_master_secret, - hashlen)) { - /* SSLfatal() already called */ - goto err; - } } if (!derive_secret_key_and_iv(s, which & SSL3_CC_WRITE, md, cipher, |