Fix no-psk
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5667)
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index bd025d7..bebf73a 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -744,7 +744,6 @@
unsigned int context, X509 *x,
size_t chainidx)
{
- char identity[PSK_MAX_IDENTITY_LEN + 1];
const unsigned char *id = NULL;
size_t idlen = 0;
SSL_SESSION *psksess = NULL;
@@ -764,7 +763,9 @@
return EXT_RETURN_FAIL;
}
+#ifndef OPENSSL_NO_PSK
if (psksess == NULL && s->psk_client_callback != NULL) {
+ char identity[PSK_MAX_IDENTITY_LEN + 1];
unsigned char psk[PSK_MAX_PSK_LEN];
size_t psklen = 0;
@@ -815,6 +816,7 @@
OPENSSL_cleanse(psk, psklen);
}
}
+#endif /* OPENSSL_NO_PSK */
SSL_SESSION_free(s->psksession);
s->psksession = psksess;
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index ee4cad1..90142eb 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1047,6 +1047,7 @@
return 0;
}
+#ifndef OPENSSL_NO_PSK
if(sess == NULL
&& s->psk_server_callback != NULL
&& idlen <= PSK_MAX_IDENTITY_LEN) {
@@ -1097,6 +1098,7 @@
OPENSSL_cleanse(pskdata, pskdatalen);
}
}
+#endif /* OPENSSL_NO_PSK */
if (sess != NULL) {
/* We found a PSK */
