Fix d2i_SSL_SESSION.

2011-09-05 13:31:17 +00:00 · 2011-09-05 13:31:17 +00:00 · 612fcfbd29
commit 612fcfbd29
parent e7928282d0
4 changed files with 23 additions and 5 deletions
--- a/3
+++ b/3
@ -258,6 +258,9 @@
  
 Changes between 1.0.0e and 1.0.1  [xx XXX xxxx]

+  *) Fix PSK session representation.
+     [Bodo Moeller]
+
  *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.

     This work was sponsored by Intel.
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@ -541,7 +541,7 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	if (BN_is_zero(u)) goto err;

 	if (!BN_copy(v, p)) goto err;
-#if 0
+#if 1
 	if (!BN_one(b)) goto err;

 	while (1)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@ -447,10 +447,12 @@ struct ssl_method_st
 *	Session_ID_context [ 4 ] EXPLICIT OCTET STRING,   -- the Session ID context
 *	Verify_result [ 5 ] EXPLICIT INTEGER,   -- X509_V_... code for `Peer'
 *	HostName [ 6 ] EXPLICIT OCTET STRING,   -- optional HostName from servername TLS extension 
- *	ECPointFormatList [ 7 ] OCTET STRING,     -- optional EC point format list from TLS extension
- *	PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
- *	PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
- *	SRP_username [ 11 ] EXPLICIT OCTET STRING -- optional SRP username
+ *	PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ *	PSK_identity [ 8 ] EXPLICIT OCTET STRING,  -- optional PSK identity
+ *	Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
+ *	Ticket [10]             EXPLICIT OCTET STRING, -- session ticket (clients only)
+ *	Compression_meth [11]   EXPLICIT OCTET STRING, -- optional compression method
+ *	SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
 *	}
 * Look in ssl/ssl_asn1.c for more details
 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@ -572,6 +572,19 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
 		}
 	else
 		ret->psk_identity_hint=NULL;
+
+	os.length=0;
+	os.data=NULL;
+	M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,8);
+	if (os.data)
+		{
+		ret->psk_identity = BUF_strndup((char *)os.data, os.length);
+		OPENSSL_free(os.data);
+		os.data = NULL;
+		os.length = 0;
+		}
+	else
+		ret->psk_identity=NULL;
 #endif /* OPENSSL_NO_PSK */

 #ifndef OPENSSL_NO_TLSEXT