From: Rutger Hendriks <rutgerhendriks@gmail.com>
Date: Mon, 31 Aug 2020 11:59:51 +0000 (+0200)
Subject: Increase PSK_MAX_PSK_LEN to 512
X-Git-Tag: openssl-3.0.0-alpha7~172
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e57bbf9e1a95a93551dc711664d69ca086f7e0b1;p=thirdparty%2Fopenssl.git

Increase PSK_MAX_PSK_LEN to 512

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12777)
---

diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in
index 264b7eddb72..ac7c521e95f 100644
--- a/include/openssl/ssl.h.in
+++ b/include/openssl/ssl.h.in
@@ -850,7 +850,7 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
  * resulting identity/psk
  */
 #  define PSK_MAX_IDENTITY_LEN 128
-#  define PSK_MAX_PSK_LEN 256
+#  define PSK_MAX_PSK_LEN 512
 typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
                                                const char *hint,
                                                char *identity,
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 49d24e6a96b..fd4eacdc388 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -524,7 +524,7 @@ struct ssl_method_st {
  * Matches the length of PSK_MAX_PSK_LEN. We keep it the same value for
  * consistency, even in the event of OPENSSL_NO_PSK being defined.
  */
-# define TLS13_MAX_RESUMPTION_PSK_LENGTH      256
+# define TLS13_MAX_RESUMPTION_PSK_LENGTH      512
 
 /*-
  * Lets make this into an ASN.1 type structure as follows