diff -up openssl-1.0.1e/ssl/s3_clnt.c.psk-identity openssl-1.0.1e/ssl/s3_clnt.c --- openssl-1.0.1e/ssl/s3_clnt.c.psk-identity 2015-12-04 09:01:53.000000000 +0100 +++ openssl-1.0.1e/ssl/s3_clnt.c 2015-12-04 09:36:24.182010426 +0100 @@ -1367,8 +1367,6 @@ int ssl3_get_key_exchange(SSL *s) #ifndef OPENSSL_NO_PSK if (alg_k & SSL_kPSK) { - char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1]; - al=SSL_AD_HANDSHAKE_FAILURE; n2s(p,i); param_len=i+2; @@ -1389,16 +1387,8 @@ int ssl3_get_key_exchange(SSL *s) SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH); goto f_err; } - /* If received PSK identity hint contains NULL - * characters, the hint is truncated from the first - * NULL. p may not be ending with NULL, so create a - * NULL-terminated string. */ - memcpy(tmp_id_hint, p, i); - memset(tmp_id_hint+i, 0, PSK_MAX_IDENTITY_LEN+1-i); - if (s->ctx->psk_identity_hint != NULL) - OPENSSL_free(s->ctx->psk_identity_hint); - s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint); - if (s->ctx->psk_identity_hint == NULL) + s->session->psk_identity_hint = BUF_strndup((char *)p, i); + if (s->session->psk_identity_hint == NULL) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); goto f_err; @@ -2904,7 +2894,7 @@ int ssl3_send_client_key_exchange(SSL *s goto err; } - psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint, + psk_len = s->psk_client_callback(s, s->session->psk_identity_hint, identity, PSK_MAX_IDENTITY_LEN, psk_or_pre_ms, sizeof(psk_or_pre_ms)); if (psk_len > PSK_MAX_PSK_LEN) diff -up openssl-1.0.1e/ssl/s3_srvr.c.psk-identity openssl-1.0.1e/ssl/s3_srvr.c --- openssl-1.0.1e/ssl/s3_srvr.c.psk-identity 2015-12-04 09:01:53.000000000 +0100 +++ openssl-1.0.1e/ssl/s3_srvr.c 2015-12-04 09:43:45.144086868 +0100 @@ -2751,7 +2751,7 @@ int ssl3_get_client_key_exchange(SSL *s) if (s->session->psk_identity != NULL) OPENSSL_free(s->session->psk_identity); - s->session->psk_identity = BUF_strdup((char *)p); + s->session->psk_identity = BUF_strndup((char *)p, i); if (s->session->psk_identity == NULL) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,