Fix <= TLS1.2 break

Changing the value of SSL_MAX_MASTER_KEY_LENGTH had some unexpected side effects in the <=TLS1.2 code which apparently relies on this being 48 for interoperability. Therefore create a new define for the TLSv1.3 resumption master secret which can be up to 64 bytes. Found through the boring test suite. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2259)
author: Matt Caswell <matt@openssl.org> 2017-01-23 16:59:35 +0000
committer: Matt Caswell <matt@openssl.org> 2017-01-30 10:18:24 +0000
commit: 1a3392c878e8421c2e5730fde5accd4ab77c2875 (patch)
tree: 81ec1a08db9c3eb55d508be10a75cb0829acaf65 /ssl/ssl_asn1.c
parent: 342543426d19ad948e3e7a37209baa78d0032d86 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 568f41ff5b..73ba78dbe5 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -294,7 +294,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
         goto err;
 
     if (!ssl_session_memcpy(ret->master_key, &tmpl,
-                            as->master_key, SSL_MAX_MASTER_KEY_LENGTH))
+                            as->master_key, TLS13_MAX_RESUMPTION_MASTER_LENGTH))
         goto err;
 
     ret->master_key_length = tmpl;
author	Matt Caswell <matt@openssl.org>	2017-01-23 16:59:35 +0000
committer	Matt Caswell <matt@openssl.org>	2017-01-30 10:18:24 +0000
commit	1a3392c878e8421c2e5730fde5accd4ab77c2875 (patch)
tree	81ec1a08db9c3eb55d508be10a75cb0829acaf65 /ssl/ssl_asn1.c
parent	342543426d19ad948e3e7a37209baa78d0032d86 (diff)