Return the cookie_len value from generate_cookie_callback

The generate_cookie_callback was failing to pass back the generated cookie length to the caller. This results in DTLS connection failures from s_server. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12179)
openssl · Jun 19, 2020 · f36c388 · f36c388
1 parent cfbe41e
commit f36c388
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
@@ -745,6 +745,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
     EVP_MAC *hmac = NULL;
     EVP_MAC_CTX *ctx = NULL;
     OSSL_PARAM params[3], *p = params;
+    size_t mac_len;
 
     /* Initialize a random secret */
     if (!cookie_initialized) {
@@ -808,10 +809,11 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
             BIO_printf(bio_err, "HMAC context update failed\n");
             goto end;
     }
-    if (!EVP_MAC_final(ctx, cookie, NULL, (size_t)cookie_len)) {
+    if (!EVP_MAC_final(ctx, cookie, &mac_len, DTLS1_COOKIE_LENGTH)) {
             BIO_printf(bio_err, "HMAC context final failed\n");
             goto end;
     }
+    *cookie_len = (int)mac_len;
     res = 1;
 end:
     OPENSSL_free(buffer);
@@ -840,7 +842,8 @@ int verify_cookie_callback(SSL *ssl, const unsigned char *cookie,
 int generate_stateless_cookie_callback(SSL *ssl, unsigned char *cookie,
                                        size_t *cookie_len)
 {
-    unsigned int temp;
+    unsigned int temp = 0;
+
     int res = generate_cookie_callback(ssl, cookie, &temp);
     *cookie_len = temp;
     return res;