The generate_cookie_callback was failing to pass back the generated
cookie length to the caller. This results in DTLS connection failures
from s_server.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12179)
EVP_MAC *hmac = NULL;
EVP_MAC_CTX *ctx = NULL;
OSSL_PARAM params[3], *p = params;
EVP_MAC *hmac = NULL;
EVP_MAC_CTX *ctx = NULL;
OSSL_PARAM params[3], *p = params;
/* Initialize a random secret */
if (!cookie_initialized) {
/* Initialize a random secret */
if (!cookie_initialized) {
BIO_printf(bio_err, "HMAC context update failed\n");
goto end;
}
BIO_printf(bio_err, "HMAC context update failed\n");
goto end;
}
- if (!EVP_MAC_final(ctx, cookie, NULL, (size_t)cookie_len)) {
+ if (!EVP_MAC_final(ctx, cookie, &mac_len, DTLS1_COOKIE_LENGTH)) {
BIO_printf(bio_err, "HMAC context final failed\n");
goto end;
}
BIO_printf(bio_err, "HMAC context final failed\n");
goto end;
}
+ *cookie_len = (int)mac_len;
res = 1;
end:
OPENSSL_free(buffer);
res = 1;
end:
OPENSSL_free(buffer);
int generate_stateless_cookie_callback(SSL *ssl, unsigned char *cookie,
size_t *cookie_len)
{
int generate_stateless_cookie_callback(SSL *ssl, unsigned char *cookie,
size_t *cookie_len)
{
+ unsigned int temp = 0;
+
int res = generate_cookie_callback(ssl, cookie, &temp);
*cookie_len = temp;
return res;
int res = generate_cookie_callback(ssl, cookie, &temp);
*cookie_len = temp;
return res;