X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_asn1.c;h=b56c5e96c53019698b03d8df7f60967f2250bae0;hp=7d39ba15c0eb2bbda7629d5aa9a91b26daa49427;hb=fe5a516b72942f5eacda8c9c7f032e8c76e0cb7b;hpb=df0fed9aab239e2e9a269d06637a6442051dee3b diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index 7d39ba15c0..b56c5e96c5 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2005 Nokia. All rights reserved. * * Licensed under the OpenSSL license (the "License"). You may not use @@ -41,7 +41,6 @@ typedef struct { uint64_t flags; uint32_t max_early_data; ASN1_OCTET_STRING *alpn_selected; - ASN1_OCTET_STRING *tick_nonce; uint32_t tlsext_max_fragment_len_mode; ASN1_OCTET_STRING *ticket_appdata; } SSL_SESSION_ASN1; @@ -73,9 +72,8 @@ ASN1_SEQUENCE(SSL_SESSION_ASN1) = { ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, tlsext_tick_age_add, ZUINT32, 14), ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, max_early_data, ZUINT32, 15), ASN1_EXP_OPT(SSL_SESSION_ASN1, alpn_selected, ASN1_OCTET_STRING, 16), - ASN1_EXP_OPT(SSL_SESSION_ASN1, tick_nonce, ASN1_OCTET_STRING, 17), - ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, tlsext_max_fragment_len_mode, ZUINT32, 18), - ASN1_EXP_OPT(SSL_SESSION_ASN1, ticket_appdata, ASN1_OCTET_STRING, 19) + ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, tlsext_max_fragment_len_mode, ZUINT32, 17), + ASN1_EXP_OPT(SSL_SESSION_ASN1, ticket_appdata, ASN1_OCTET_STRING, 18) } static_ASN1_SEQUENCE_END(SSL_SESSION_ASN1) IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(SSL_SESSION_ASN1) @@ -124,7 +122,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) ASN1_OCTET_STRING psk_identity, psk_identity_hint; #endif ASN1_OCTET_STRING alpn_selected; - ASN1_OCTET_STRING tick_nonce; ASN1_OCTET_STRING ticket_appdata; long l; @@ -195,12 +192,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) ssl_session_oinit(&as.alpn_selected, &alpn_selected, in->ext.alpn_selected, in->ext.alpn_selected_len); - if (in->ext.tick_nonce == NULL) - as.tick_nonce = NULL; - else - ssl_session_oinit(&as.tick_nonce, &tick_nonce, - in->ext.tick_nonce, in->ext.tick_nonce_len); - as.tlsext_max_fragment_len_mode = in->ext.max_fragment_len_mode; if (in->ticket_appdata == NULL) @@ -299,7 +290,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, goto err; if (!ssl_session_memcpy(ret->master_key, &tmpl, - as->master_key, TLS13_MAX_RESUMPTION_MASTER_LENGTH)) + as->master_key, TLS13_MAX_RESUMPTION_PSK_LENGTH)) goto err; ret->master_key_length = tmpl; @@ -337,7 +328,8 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, ret->ext.tick_lifetime_hint = (unsigned long)as->tlsext_tick_lifetime_hint; ret->ext.tick_age_add = as->tlsext_tick_age_add; - if (as->tlsext_tick) { + OPENSSL_free(ret->ext.tick); + if (as->tlsext_tick != NULL) { ret->ext.tick = as->tlsext_tick->data; ret->ext.ticklen = as->tlsext_tick->length; as->tlsext_tick->data = NULL; @@ -364,27 +356,19 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, ret->flags = (int32_t)as->flags; ret->ext.max_early_data = as->max_early_data; + OPENSSL_free(ret->ext.alpn_selected); if (as->alpn_selected != NULL) { - if (!ssl_session_strndup((char **)&ret->ext.alpn_selected, - as->alpn_selected)) - goto err; + ret->ext.alpn_selected = as->alpn_selected->data; ret->ext.alpn_selected_len = as->alpn_selected->length; + as->alpn_selected->data = NULL; } else { ret->ext.alpn_selected = NULL; ret->ext.alpn_selected_len = 0; } - if (as->tick_nonce != NULL) { - ret->ext.tick_nonce = as->tick_nonce->data; - ret->ext.tick_nonce_len = as->tick_nonce->length; - as->tick_nonce->data = NULL; - } else { - ret->ext.tick_nonce = NULL; - ret->ext.tick_nonce_len = 0; - } - ret->ext.max_fragment_len_mode = as->tlsext_max_fragment_len_mode; + OPENSSL_free(ret->ticket_appdata); if (as->ticket_appdata != NULL) { ret->ticket_appdata = as->ticket_appdata->data; ret->ticket_appdata_len = as->ticket_appdata->length;