PR: 2160
authorDr. Stephen Henson <steve@openssl.org>
Mon, 1 Feb 2010 16:49:42 +0000 (16:49 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 1 Feb 2010 16:49:42 +0000 (16:49 +0000)
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Make session tickets work with DTLS.

ssl/d1_srvr.c
ssl/ssl_asn1.c
ssl/ssl_sess.c

index 1fd3d1c..301ceda 100644 (file)
@@ -1525,9 +1525,10 @@ int dtls1_send_newsession_ticket(SSL *s)
                p += hlen;
                /* Now write out lengths: p points to end of data written */
                /* Total length */
-               len = p - (unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]);
+               len = p - (unsigned char *)(s->init_buf->data);
+               /* Ticket length */
                p=(unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]) + 4;
-               s2n(len - 18, p);  /* Ticket length */
+               s2n(len - DTLS1_HM_HEADER_LENGTH - 6, p);
 
                /* number of bytes to write */
                s->init_num= len;
index e484a29..2870997 100644 (file)
@@ -394,7 +394,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
                        ((unsigned long)os.data[1]<< 8L)|
                         (unsigned long)os.data[2];
                }
-       else if ((ssl_version>>8) == SSL3_VERSION_MAJOR)
+       else if ((ssl_version>>8) >= SSL3_VERSION_MAJOR)
                {
                if (os.length != 2)
                        {
@@ -415,7 +415,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
        ret->cipher_id=id;
 
        M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
-       if ((ssl_version>>8) == SSL3_VERSION_MAJOR)
+       if ((ssl_version>>8) >= SSL3_VERSION_MAJOR)
                i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
        else /* if (ssl_version>>8 == SSL2_VERSION_MAJOR) */
                i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
index bebbfa0..8e5d8a0 100644 (file)
@@ -538,7 +538,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
                p=buf;
                l=ret->cipher_id;
                l2n(l,p);
-               if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
+               if ((ret->ssl_version>>8) >= SSL3_VERSION_MAJOR)
                        ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
                else 
                        ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));