diff options
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_locl.h | 1 | ||||
-rw-r--r-- | ssl/tls13_enc.c | 6 |
2 files changed, 7 insertions, 0 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 3ba9b000f2..d881458a6b 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -2554,6 +2554,7 @@ __owur int ssl_log_secret(SSL *ssl, const char *label, #define SERVER_HANDSHAKE_LABEL "SERVER_HANDSHAKE_TRAFFIC_SECRET" #define CLIENT_APPLICATION_LABEL "CLIENT_TRAFFIC_SECRET_0" #define SERVER_APPLICATION_LABEL "SERVER_TRAFFIC_SECRET_0" +#define EARLY_EXPORTER_SECRET_LABEL "EARLY_EXPORTER_SECRET" #define EXPORTER_SECRET_LABEL "EXPORTER_SECRET" /* s3_cbc.c */ diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index e7cc8afe87..1613004f78 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -493,6 +493,12 @@ int tls13_change_cipher_state(SSL *s, int which) SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); goto err; } + + if (!ssl_log_secret(s, EARLY_EXPORTER_SECRET_LABEL, + s->early_exporter_master_secret, hashlen)) { + /* SSLfatal() already called */ + goto err; + } } else if (which & SSL3_CC_HANDSHAKE) { insecret = s->handshake_secret; finsecret = s->client_finished_secret; |