Fix end-point shared secret for DTLS/SCTP

When computing the end-point shared secret, don't take the terminating NULL character into account. Please note that this fix breaks interoperability with older versions of OpenSSL, which are not fixed. Fixes #7956 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7957) (cherry picked from commit 09d62b336d9e2a11b330d45d4f0f3f37cbb0d674)
author: Michael Tuexen <tuexen@fh-muenster.de> 2018-12-26 12:44:53 +0100
committer: Matt Caswell <matt@openssl.org> 2019-02-01 12:03:43 +0000
commit: 243ff51cc6757ab56cda4a7f69fbdcddf81141b6 (patch)
tree: 71177c7b975c9945d27c25356eb4edc0b0be2a8d /include
parent: 1b66fc87da7c3851d7229993219336afa587f325 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index d6b1b4e6a6..e68efa838b 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -494,6 +494,19 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
  */
 # define SSL_MODE_ASYNC 0x00000100U
 
+/*
+ * When using DTLS/SCTP, include the terminating zero in the label
+ * used for computing the endpoint-pair shared secret. Required for
+ * interoperability with implementations having this bug like these
+ * older version of OpenSSL:
+ * - OpenSSL 1.0.0 series
+ * - OpenSSL 1.0.1 series
+ * - OpenSSL 1.0.2 series
+ * - OpenSSL 1.1.0 series
+ * - OpenSSL 1.1.1 and 1.1.1a
+ */
+# define SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG 0x00000400U
+
 /* Cert related flags */
 /*
  * Many implementations ignore some aspects of the TLS standards such as
author	Michael Tuexen <tuexen@fh-muenster.de>	2018-12-26 12:44:53 +0100
committer	Matt Caswell <matt@openssl.org>	2019-02-01 12:03:43 +0000
commit	243ff51cc6757ab56cda4a7f69fbdcddf81141b6 (patch)
tree	71177c7b975c9945d27c25356eb4edc0b0be2a8d /include
parent	1b66fc87da7c3851d7229993219336afa587f325 (diff)