diff options
Diffstat (limited to 'src/lib/tls')
-rw-r--r-- | src/lib/tls/tortls_openssl.c | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index 77de2d6a11..f3257d5f24 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -1649,9 +1649,35 @@ tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out)) const size_t client_random_len = SSL_get_client_random(ssl, NULL, 0); const size_t master_key_len = SSL_SESSION_get_master_key(session, NULL, 0); - tor_assert(server_random_len); - tor_assert(client_random_len); - tor_assert(master_key_len); + if (BUG(! server_random_len)) { + log_warn(LD_NET, "Missing server randomness after handshake " + "using %s (cipher: %s, server: %s) from %s", + SSL_get_version(ssl), + SSL_get_cipher_name(ssl), + tls->isServer ? "true" : "false", + ADDR(tls)); + return -1; + } + + if (BUG(! client_random_len)) { + log_warn(LD_NET, "Missing client randomness after handshake " + "using %s (cipher: %s, server: %s) from %s", + SSL_get_version(ssl), + SSL_get_cipher_name(ssl), + tls->isServer ? "true" : "false", + ADDR(tls)); + return -1; + } + + if (BUG(! master_key_len)) { + log_warn(LD_NET, "Missing master key after handshake " + "using %s (cipher: %s, server: %s) from %s", + SSL_get_version(ssl), + SSL_get_cipher_name(ssl), + tls->isServer ? "true" : "false", + ADDR(tls)); + return -1; + } len = client_random_len + server_random_len + strlen(TLSSECRET_MAGIC) + 1; tor_assert(len <= sizeof(buf)); |