generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

RT2772: accept empty SessionTicket

Browse Source 
RFC 5077 section 3.3 says: If the server determines that it does not
want to include a ticket after it has included the SessionTicket
extension in the ServerHello, then it sends a zero-length ticket in the
NewSessionTicket handshake message.

Previously the client would fail upon attempting to allocate a
zero-length buffer. Now, we have the client ignore the empty ticket and
keep the existing session.

Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Emilia Kasper 2015-09-23 19:29:18 +02:00
parent 92ea6fe597
commit 21b538d616
1 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
ssl/s3_clnt.c
View File

@ -2224,6 +2224,7 @@ int ssl3_get_new_session_ticket(SSL *s)
long n; long n;
const unsigned char *p; const unsigned char *p;
unsigned char *d; unsigned char *d;
unsigned long ticket_lifetime_hint;
n = s->method->ssl_get_message(s, n = s->method->ssl_get_message(s,
SSL3_ST_CR_SESSION_TICKET_A, SSL3_ST_CR_SESSION_TICKET_A,
@ -2242,6 +2243,19 @@ int ssl3_get_new_session_ticket(SSL *s)
p = d = (unsigned char *)s->init_msg; p = d = (unsigned char *)s->init_msg;
n2l(p, ticket_lifetime_hint);
n2s(p, ticklen);
/* ticket_lifetime_hint + ticket_length + ticket */
if (ticklen + 6 != n) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
goto f_err;
}
/* Server is allowed to change its mind and send an empty ticket. */
if (ticklen == 0)
return 1;
if (s->session->session_id_length > 0) { if (s->session->session_id_length > 0) {
int i = s->session_ctx->session_cache_mode; int i = s->session_ctx->session_cache_mode;
SSL_SESSION *new_sess; SSL_SESSION *new_sess;
@ -2273,14 +2287,6 @@ int ssl3_get_new_session_ticket(SSL *s)
s->session = new_sess; s->session = new_sess;
} }
n2l(p, s->session->tlsext_tick_lifetime_hint);
n2s(p, ticklen);
/* ticket_lifetime_hint + ticket_length + ticket */
if (ticklen + 6 != n) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
goto f_err;
}
if (s->session->tlsext_tick) { if (s->session->tlsext_tick) {
OPENSSL_free(s->session->tlsext_tick); OPENSSL_free(s->session->tlsext_tick);
s->session->tlsext_ticklen = 0; s->session->tlsext_ticklen = 0;
@ -2291,6 +2297,7 @@ int ssl3_get_new_session_ticket(SSL *s)
goto err; goto err;
} }
memcpy(s->session->tlsext_tick, p, ticklen); memcpy(s->session->tlsext_tick, p, ticklen);
s->session->tlsext_tick_lifetime_hint = ticket_lifetime_hint;
s->session->tlsext_ticklen = ticklen; s->session->tlsext_ticklen = ticklen;
/* /*
* There are two ways to detect a resumed ticket session. One is to set * There are two ways to detect a resumed ticket session. One is to set