From 3f9175c7a46b13a3528d9b5776030a78eb1f9454 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Mon, 14 Nov 2022 14:19:53 +0000 Subject: Extend the new_record_layer function Add the ability to pass the main secret and length, as well as the digest used for the KDF. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19748) --- ssl/ssl_lib.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'ssl/ssl_lib.c') diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 1a5bc6d3e4..ffae69bc38 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -553,17 +553,18 @@ static int clear_record_layer(SSL_CONNECTION *s) SSL_CONNECTION_IS_DTLS(s) ? DTLS_ANY_VERSION : TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_READ, - OSSL_RECORD_PROTECTION_LEVEL_NONE, + OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL); + NID_undef, NULL, NULL, NULL); ret &= ssl_set_new_record_layer(s, SSL_CONNECTION_IS_DTLS(s) ? DTLS_ANY_VERSION : TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_WRITE, - OSSL_RECORD_PROTECTION_LEVEL_NONE, + OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL); + NID_undef, NULL, NULL, NULL); + /* SSLfatal already called in the event of failure */ return ret; } -- cgit v1.2.3