forked from Lainports/freebsd-ports
6c8034f069
Security: http://openssl.org/news/secadv_20110906.txt - drop option TLS_EXTRACTOR, now in distribution - add RFC-5705 patch Obtained from: OpenBSD
34 lines
1.3 KiB
Text
34 lines
1.3 KiB
Text
--- ssl/ssl.h 6 Jan 2010 17:37:38 -0000 1.221.2.24
|
|
+++ ssl/ssl.h 17 Jun 2010 12:25:35 -0000
|
|
@@ -1806,6 +1806,10 @@
|
|
/* Pre-shared secret session resumption functions */
|
|
int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
|
|
|
|
+void SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len,
|
|
+ unsigned char *context, int context_len,
|
|
+ unsigned char *out, int olen);
|
|
+
|
|
/* BEGIN ERROR CODES */
|
|
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
* made after this point may be overwritten when the script is next run.
|
|
|
|
--- ssl/t1_enc.c 15 Jun 2010 17:25:15 -0000 1.57.2.3
|
|
+++ ssl/t1_enc.c 17 Jun 2010 12:25:35 -0000
|
|
@@ -1043,3 +1043,17 @@
|
|
}
|
|
}
|
|
|
|
+void SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len,
|
|
+ unsigned char *context, int context_len,
|
|
+ unsigned char *out, int olen)
|
|
+ {
|
|
+ unsigned char tmp[olen];
|
|
+
|
|
+ tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
|
|
+ label, label_len,
|
|
+ s->s3->client_random,SSL3_RANDOM_SIZE,
|
|
+ s->s3->server_random,SSL3_RANDOM_SIZE,
|
|
+ context, context_len, NULL, 0,
|
|
+ s->session->master_key, s->session->master_key_length,
|
|
+ out, tmp, olen);
|
|
+ }
|