Parse the entire PSK extension. Although we ignore all but the first identity, keep clients honest by parsing the whole thing. Also explicitly check that the binder and identity counts match. Change-Id: Ib9c4caae18398360f3b80f8db1b22d4549bd5746 Reviewed-on: https://boringssl-review.googlesource.com/12469 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: aedf303cc2edbe3fc404b73186477cbb614b65ad [log] [tgz]
author: David Benjamin <davidben@google.com> Thu Dec 01 16:47:56 2016 -0500
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Thu Dec 01 21:53:13 2016 +0000
tree: c37966ea49c04f7cc02ed34ffc3ae036f4d7d328
parent: bf48364a8c2ccbb9b3609727b628c2e1f1ed12bd [diff] [blame]
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index f588f46..796949d 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -4566,6 +4566,7 @@
 #define SSL_R_OLD_SESSION_PRF_HASH_MISMATCH 268
 #define SSL_R_INVALID_SCT_LIST 269
 #define SSL_R_TOO_MUCH_SKIPPED_EARLY_DATA 270
+#define SSL_R_PSK_IDENTITY_BINDER_COUNT_MISMATCH 271
 #define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000
 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
commit	aedf303cc2edbe3fc404b73186477cbb614b65ad	[log] [tgz]
author	David Benjamin <davidben@google.com>	Thu Dec 01 16:47:56 2016 -0500
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Thu Dec 01 21:53:13 2016 +0000
tree	c37966ea49c04f7cc02ed34ffc3ae036f4d7d328
parent	bf48364a8c2ccbb9b3609727b628c2e1f1ed12bd [diff] [blame]