Fix d2i_SSL_SESSION.

diff --git a/CHANGES b/CHANGES
index e68cc7b3c143d87f4852fa9f2240927d4aab22d5..eb4f58d6ddb81a98aa47bd67936b5f1317d2ad68 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -258,6 +258,9 @@
   
  Changes between 1.0.0e and 1.0.1  [xx XXX xxxx]
 
   
  Changes between 1.0.0e and 1.0.1  [xx XXX xxxx]
 

+  *) Fix PSK session representation.
+     [Bodo Moeller]
+

   *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
 
      This work was sponsored by Intel.
   *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
 
      This work was sponsored by Intel.

diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c
index d0e03f87daea4bbcc6d343ac9a3faff9911699da..55a4d1a18999df75b11c9dbdaa37664b7a20c2ff 100644 (file)
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@@ -541,7 +541,7 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
        if (BN_is_zero(u)) goto err;
 
        if (!BN_copy(v, p)) goto err;
        if (BN_is_zero(u)) goto err;
 
        if (!BN_copy(v, p)) goto err;

-#if 0
+#if 1

        if (!BN_one(b)) goto err;
 
        while (1)
        if (!BN_one(b)) goto err;
 
        while (1)

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 871327d42aeee2db5a318802ba6dd2538596f042..7e3fa04835a3282fd48bce58453677b607b1799e 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -447,10 +447,12 @@ struct ssl_method_st
  *     Session_ID_context [ 4 ] EXPLICIT OCTET STRING,   -- the Session ID context
  *     Verify_result [ 5 ] EXPLICIT INTEGER,   -- X509_V_... code for `Peer'
  *     HostName [ 6 ] EXPLICIT OCTET STRING,   -- optional HostName from servername TLS extension 
  *     Session_ID_context [ 4 ] EXPLICIT OCTET STRING,   -- the Session ID context
  *     Verify_result [ 5 ] EXPLICIT INTEGER,   -- X509_V_... code for `Peer'
  *     HostName [ 6 ] EXPLICIT OCTET STRING,   -- optional HostName from servername TLS extension 

- *     ECPointFormatList [ 7 ] OCTET STRING,     -- optional EC point format list from TLS extension
- *     PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
- *     PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
- *     SRP_username [ 11 ] EXPLICIT OCTET STRING -- optional SRP username
+ *     PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ *     PSK_identity [ 8 ] EXPLICIT OCTET STRING,  -- optional PSK identity
+ *     Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
+ *     Ticket [10]             EXPLICIT OCTET STRING, -- session ticket (clients only)
+ *     Compression_meth [11]   EXPLICIT OCTET STRING, -- optional compression method
+ *     SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username

  *     }
  * Look in ssl/ssl_asn1.c for more details
  * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
  *     }
  * Look in ssl/ssl_asn1.c for more details
  * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).

diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index d02c3af53bdb3e0e71c0d3c843fe03f2dcce9b61..8fa8c669b19ff9d8fdbdf7a28599ab33f6339821 100644 (file)
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -572,6 +572,19 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
                }
        else
                ret->psk_identity_hint=NULL;
                }
        else
                ret->psk_identity_hint=NULL;

+
+       os.length=0;
+       os.data=NULL;
+       M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,8);
+       if (os.data)
+               {
+               ret->psk_identity = BUF_strndup((char *)os.data, os.length);
+               OPENSSL_free(os.data);
+               os.data = NULL;
+               os.length = 0;
+               }
+       else
+               ret->psk_identity=NULL;

 #endif /* OPENSSL_NO_PSK */
 
 #ifndef OPENSSL_NO_TLSEXT
 #endif /* OPENSSL_NO_PSK */
 
 #ifndef OPENSSL_NO_TLSEXT