commit 011d768aba675ed3efa4b8484eb6a14d78c27f12
author Matt Caswell <matt@openssl.org> Tue Jun 20 14:25:38 2017 +0100
committer Matt Caswell <matt@openssl.org> Wed Jun 21 14:45:36 2017 +0100
tree d25b07efeedc4bc2ae2d616a22989379d5b60b72
parent 725b0f1e133495acc35378bd6304ec1d401a761c

Fix some bugs in the TLSv1.3 PSK code

Found while developing the PSK tests

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)

ssl/statem/extensions_srvr.c

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 4e65320..3da9f55 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -713,8 +713,15 @@
         }
 
         if (s->psk_find_session_cb != NULL
-                && s->psk_find_session_cb(s, PACKET_data(&identity),
-                                          PACKET_remaining(&identity), &sess)) {
+                && !s->psk_find_session_cb(s, PACKET_data(&identity),
+                                           PACKET_remaining(&identity),
+                                           &sess)) {
+            *al = SSL_AD_INTERNAL_ERROR;
+            return 0;
+        }
+
+        if (sess != NULL) {
+            /* We found a PSK */
             SSL_SESSION *sesstmp = ssl_session_dup(sess, 0);
 
             if (sesstmp == NULL) {