X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=ssl%2Fssl_asn1.c;h=67d8e0c498750fc3277ff8c9443d04d9cce2d13f;hb=3d32bab8f1742a3b57742e18f92a408f0403df8d;hp=3e849175eaf4dece218890bdae1bef189da2f9dc;hpb=aacb4f1a6ec12efff96fa7e51ca7b57254e2b2c8;p=openssl.git

diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 3e849175ea..67d8e0c498 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -1,60 +1,12 @@
-/* ssl/ssl_asn1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
  */
+
 /* ====================================================================
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -95,20 +47,15 @@ typedef struct {
     ASN1_OCTET_STRING *comp_id;
     ASN1_OCTET_STRING *master_key;
     ASN1_OCTET_STRING *session_id;
-#ifndef OPENSSL_NO_KRB5
-    ASN1_OCTET_STRING *krb5_princ;
-#endif
     ASN1_OCTET_STRING *key_arg;
     long time;
     long timeout;
     X509 *peer;
     ASN1_OCTET_STRING *session_id_context;
     long verify_result;
-#ifndef OPENSSL_NO_TLSEXT
     ASN1_OCTET_STRING *tlsext_hostname;
     long tlsext_tick_lifetime_hint;
     ASN1_OCTET_STRING *tlsext_tick;
-#endif
 #ifndef OPENSSL_NO_PSK
     ASN1_OCTET_STRING *psk_identity_hint;
     ASN1_OCTET_STRING *psk_identity;
@@ -125,32 +72,25 @@ ASN1_SEQUENCE(SSL_SESSION_ASN1) = {
     ASN1_SIMPLE(SSL_SESSION_ASN1, cipher, ASN1_OCTET_STRING),
     ASN1_SIMPLE(SSL_SESSION_ASN1, session_id, ASN1_OCTET_STRING),
     ASN1_SIMPLE(SSL_SESSION_ASN1, master_key, ASN1_OCTET_STRING),
-#ifndef OPENSSL_NO_KRB5
-    ASN1_OPT(SSL_SESSION_ASN1, krb5_princ, ASN1_OCTET_STRING),
-#endif
     ASN1_IMP_OPT(SSL_SESSION_ASN1, key_arg, ASN1_OCTET_STRING, 0),
     ASN1_EXP_OPT(SSL_SESSION_ASN1, time, ZLONG, 1),
     ASN1_EXP_OPT(SSL_SESSION_ASN1, timeout, ZLONG, 2),
     ASN1_EXP_OPT(SSL_SESSION_ASN1, peer, X509, 3),
     ASN1_EXP_OPT(SSL_SESSION_ASN1, session_id_context, ASN1_OCTET_STRING, 4),
     ASN1_EXP_OPT(SSL_SESSION_ASN1, verify_result, ZLONG, 5),
-#ifndef OPENSSL_NO_TLSEXT
     ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_hostname, ASN1_OCTET_STRING, 6),
-#endif
 #ifndef OPENSSL_NO_PSK
     ASN1_EXP_OPT(SSL_SESSION_ASN1, psk_identity_hint, ASN1_OCTET_STRING, 7),
     ASN1_EXP_OPT(SSL_SESSION_ASN1, psk_identity, ASN1_OCTET_STRING, 8),
 #endif
-#ifndef OPENSSL_NO_TLSEXT
     ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick_lifetime_hint, ZLONG, 9),
     ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick, ASN1_OCTET_STRING, 10),
-#endif
     ASN1_EXP_OPT(SSL_SESSION_ASN1, comp_id, ASN1_OCTET_STRING, 11),
 #ifndef OPENSSL_NO_SRP
     ASN1_EXP_OPT(SSL_SESSION_ASN1, srp_username, ASN1_OCTET_STRING, 12),
 #endif
     ASN1_EXP_OPT(SSL_SESSION_ASN1, flags, ZLONG, 13)
-} ASN1_SEQUENCE_END(SSL_SESSION_ASN1)
+} static_ASN1_SEQUENCE_END(SSL_SESSION_ASN1)
 
 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(SSL_SESSION_ASN1)
 
@@ -191,13 +131,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
     unsigned char comp_id_data;
 #endif
 
-#ifndef OPENSSL_NO_TLSEXT
     ASN1_OCTET_STRING tlsext_hostname, tlsext_tick;
-#endif
-
-#ifndef OPENSSL_NO_KRB5
-    ASN1_OCTET_STRING krb5_princ;
-#endif
 
 #ifndef OPENSSL_NO_SRP
     ASN1_OCTET_STRING srp_username;
@@ -241,12 +175,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 
     ssl_session_oinit(&as.session_id_context, &sid_ctx,
                       in->sid_ctx, in->sid_ctx_length);
-#ifndef OPENSSL_NO_KRB5
-    if (in->krb5_client_princ_len) {
-        ssl_session_oinit(&as.krb5_princ, &krb5_princ,
-                          in->krb5_client_princ, in->krb5_client_princ_len);
-    }
-#endif                          /* OPENSSL_NO_KRB5 */
 
     as.time = in->time;
     as.timeout = in->timeout;
@@ -254,7 +182,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 
     as.peer = in->peer;
 
-#ifndef OPENSSL_NO_TLSEXT
     ssl_session_sinit(&as.tlsext_hostname, &tlsext_hostname,
                       in->tlsext_hostname);
     if (in->tlsext_tick) {
@@ -263,7 +190,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
     }
     if (in->tlsext_tick_lifetime_hint > 0)
         as.tlsext_tick_lifetime_hint = in->tlsext_tick_lifetime_hint;
-#endif                          /* OPENSSL_NO_TLSEXT */
 #ifndef OPENSSL_NO_PSK
     ssl_session_sinit(&as.psk_identity_hint, &psk_identity_hint,
                       in->psk_identity_hint);
@@ -281,7 +207,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 
 /* Utility functions for d2i_SSL_SESSION */
 
-/* BUF_strndup an OCTET STRING */
+/* OPENSSL_strndup an OCTET STRING */
 
 static int ssl_session_strndup(char **pdst, ASN1_OCTET_STRING *src)
 {
@@ -289,7 +215,7 @@ static int ssl_session_strndup(char **pdst, ASN1_OCTET_STRING *src)
     *pdst = NULL;
     if (src == NULL)
         return 1;
-    *pdst = BUF_strndup((char *)src->data, src->length);
+    *pdst = OPENSSL_strndup((char *)src->data, src->length);
     if (*pdst == NULL)
         return 0;
     return 1;
@@ -368,12 +294,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
 
     ret->master_key_length = tmpl;
 
-#ifndef OPENSSL_NO_KRB5
-    if (!ssl_session_memcpy(ret->krb5_client_princ, &ret->krb5_client_princ_len,
-                            as->krb5_princ, SSL_MAX_KRB5_PRINCIPAL_LENGTH))
-        goto err;
-#endif                          /* OPENSSL_NO_KRB5 */
-
     if (as->time != 0)
         ret->time = as->time;
     else
@@ -395,10 +315,8 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
     /* NB: this defaults to zero which is X509_V_OK */
     ret->verify_result = as->verify_result;
 
-#ifndef OPENSSL_NO_TLSEXT
     if (!ssl_session_strndup(&ret->tlsext_hostname, as->tlsext_hostname))
         goto err;
-#endif                          /* OPENSSL_NO_TLSEXT */
 
 #ifndef OPENSSL_NO_PSK
     if (!ssl_session_strndup(&ret->psk_identity_hint, as->psk_identity_hint))
@@ -407,7 +325,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
         goto err;
 #endif
 
-#ifndef OPENSSL_NO_TLSEXT
     ret->tlsext_tick_lifetime_hint = as->tlsext_tick_lifetime_hint;
     if (as->tlsext_tick) {
         ret->tlsext_tick = as->tlsext_tick->data;
@@ -416,7 +333,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
     } else {
         ret->tlsext_tick = NULL;
     }
-#endif                          /* OPENSSL_NO_TLSEXT */
 #ifndef OPENSSL_NO_COMP
     if (as->comp_id) {
         if (as->comp_id->length != 1) {