diff options
Diffstat (limited to 'dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch')
-rw-r--r-- | dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch | 56 |
1 files changed, 0 insertions, 56 deletions
diff --git a/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch b/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch deleted file mode 100644 index 5ea4fb97bfce..000000000000 --- a/dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch +++ /dev/null @@ -1,56 +0,0 @@ -From ed371b8cbac0d0349667558c061c1ae380cf75eb Mon Sep 17 00:00:00 2001 -From: Matt Caswell <matt@openssl.org> -Date: Mon, 3 Dec 2018 18:14:57 +0000 -Subject: [PATCH] Revert "Reduce stack usage in tls13_hkdf_expand" - -This reverts commit ec0c5f5693e39c5a013f81e6dd9dfd09ec65162d. - -SSL_export_keying_material() may use longer label lengths. - -Fixes #7712 - -Reviewed-by: Tim Hudson <tjh@openssl.org> -(Merged from https://github.com/openssl/openssl/pull/7755) ---- - ssl/tls13_enc.c | 16 ++++------------ - 1 file changed, 4 insertions(+), 12 deletions(-) - -diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c -index b6825d20c2d..f7ab0fa4704 100644 ---- a/ssl/tls13_enc.c -+++ b/ssl/tls13_enc.c -@@ -13,14 +13,7 @@ - #include <openssl/evp.h> - #include <openssl/kdf.h> - --/* -- * RFC 8446, 7.1 Key Schedule, says: -- * Note: With common hash functions, any label longer than 12 characters -- * requires an additional iteration of the hash function to compute. -- * The labels in this specification have all been chosen to fit within -- * this limit. -- */ --#define TLS13_MAX_LABEL_LEN 12 -+#define TLS13_MAX_LABEL_LEN 246 - - /* Always filled with zeros */ - static const unsigned char default_zeros[EVP_MAX_MD_SIZE]; -@@ -36,15 +29,14 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, - const unsigned char *data, size_t datalen, - unsigned char *out, size_t outlen) - { -- static const unsigned char label_prefix[] = "tls13 "; -+ const unsigned char label_prefix[] = "tls13 "; - EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); - int ret; - size_t hkdflabellen; - size_t hashlen; - /* -- * 2 bytes for length of derived secret + 1 byte for length of combined -- * prefix and label + bytes for the label itself + 1 byte length of hash -- * + bytes for the hash itself -+ * 2 bytes for length of whole HkdfLabel + 1 byte for length of combined -+ * prefix and label + bytes for the label itself + bytes for the hash - */ - unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + - + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN |