Make sure that exporting keying material is allowed Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4944)

commit: 1f5878b8e25a785dde330bf485e6ed5a6ae09a1a [log] [tgz]
author: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com> Sun Jan 21 11:30:36 2018 +0900
committer: Matt Caswell <matt@openssl.org> Fri Feb 02 23:54:14 2018 +0000
tree: 57b6050a9997ebedb1cea76b4bfb1de9b5997923
parent: b1a51abb935163cbb0b0089ad9ee8ff174341bbd [diff] [blame]
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index 45cb9ab..95c369a 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c

@@ -941,3 +941,13 @@
 
     return 0;
 }
+
+/*
+ * This function returns 1 if TLS exporter is ready to export keying
+ * material, or 0 if otherwise.
+ */
+int ossl_statem_export_allowed(SSL *s)
+{
+    return s->s3->previous_server_finished_len != 0
+           && s->statem.hand_state != TLS_ST_SW_FINISHED;
+}
commit	1f5878b8e25a785dde330bf485e6ed5a6ae09a1a	[log] [tgz]
author	Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>	Sun Jan 21 11:30:36 2018 +0900
committer	Matt Caswell <matt@openssl.org>	Fri Feb 02 23:54:14 2018 +0000
tree	57b6050a9997ebedb1cea76b4bfb1de9b5997923
parent	b1a51abb935163cbb0b0089ad9ee8ff174341bbd [diff] [blame]