long verify_result;
ASN1_OCTET_STRING *tlsext_hostname;
long tlsext_tick_lifetime_hint;
+ long tlsext_tick_age_add;
ASN1_OCTET_STRING *tlsext_tick;
#ifndef OPENSSL_NO_PSK
ASN1_OCTET_STRING *psk_identity_hint;
#ifndef OPENSSL_NO_SRP
ASN1_EXP_OPT(SSL_SESSION_ASN1, srp_username, ASN1_OCTET_STRING, 12),
#endif
- ASN1_EXP_OPT(SSL_SESSION_ASN1, flags, ZLONG, 13)
+ ASN1_EXP_OPT(SSL_SESSION_ASN1, flags, ZLONG, 13),
+ ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick_age_add, ZLONG, 14)
} static_ASN1_SEQUENCE_END(SSL_SESSION_ASN1)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(SSL_SESSION_ASN1)
}
if (in->ext.tick_lifetime_hint > 0)
as.tlsext_tick_lifetime_hint = in->ext.tick_lifetime_hint;
+ as.tlsext_tick_age_add = in->ext.tick_age_add;
#ifndef OPENSSL_NO_PSK
ssl_session_sinit(&as.psk_identity_hint, &psk_identity_hint,
in->psk_identity_hint);
p = as->cipher->data;
id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
- ret->cipher = NULL;
ret->cipher_id = id;
+ ret->cipher = ssl3_get_cipher_by_id(id);
+ if (ret->cipher == NULL)
+ goto err;
if (!ssl_session_memcpy(ret->session_id, &ret->session_id_length,
as->session_id, SSL3_MAX_SSL_SESSION_ID_LENGTH))
goto err;
if (!ssl_session_memcpy(ret->master_key, &tmpl,
- as->master_key, SSL_MAX_MASTER_KEY_LENGTH))
+ as->master_key, TLS13_MAX_RESUMPTION_MASTER_LENGTH))
goto err;
ret->master_key_length = tmpl;
#endif
ret->ext.tick_lifetime_hint = as->tlsext_tick_lifetime_hint;
+ ret->ext.tick_age_add = as->tlsext_tick_age_add;
if (as->tlsext_tick) {
ret->ext.tick = as->tlsext_tick->data;
ret->ext.ticklen = as->tlsext_tick->length;