From cb71a8342deae83ea2c86df4f3521f8b765c7f42 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 19 Apr 2015 20:34:12 +0300
Subject: [PATCH] OpenSSL: Clean up TLS PRF implementation

Commit fa0e715100b0e6fd956b6de67c3cdf908437436a ('Use
tls_connection_prf() for all EAP TLS-based key derivation') copied some
pointer checks from the generic implementation to tls_openssl.c.
However, these are arrays and cannot be NULL in OpenSSL data. Remove the
unnecessary checks and add master_key_length check for completeness.
(CID 109619).

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/crypto/tls_openssl.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 935add5aa..d3e9eb931 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2703,8 +2703,7 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn,
 		return -1;
 	ssl = conn->ssl;
 	if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL ||
-	    ssl->s3->client_random == NULL || ssl->s3->server_random == NULL ||
-	    ssl->session->master_key == NULL)
+	    ssl->session->master_key_length <= 0)
 		return -1;
 
 	if (skip_keyblock) {