OpenSSL: Clean up TLS PRF implementation

Commit fa0e715100b0e6fd956b6de67c3cdf908437436a ('Use
tls_connection_prf() for all EAP TLS-based key derivation') copied some
pointer checks from the generic implementation to tls_openssl.c.
However, these are arrays and cannot be NULL in OpenSSL data. Remove the
unnecessary checks and add master_key_length check for completeness.
(CID 109619).

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 935add5aa72d9e187cff425bf51a04c7079dda36..d3e9eb9318307000d6c14b74730687ef37e792e0 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2703,8 +2703,7 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn,
                return -1;
        ssl = conn->ssl;
        if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL ||
-           ssl->s3->client_random == NULL || ssl->s3->server_random == NULL ||
-           ssl->session->master_key == NULL)
+           ssl->session->master_key_length <= 0)
                return -1;
 
        if (skip_keyblock) {